Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          0Wiva1i72eRnmYdxAbqrYCe/j3W5U9ovWxxhe0dQUgU=
Subject key identifier:   DA:9A:79:A2:FA:1A:4A:FE:5C:C4:6A:94:B4:1B:66:4D:09:04:0C:38
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       019A70A581638D781B6F0747DCC7C2F6F977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0DED
Signing time:             Tue 11 Nov 2025 02:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:25 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: i7956mEfssFAfRogaHyQVZUUlqzwm9CzPlLkpk9zK58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:81:63:8d:78:1b:6f:07:47:dc:c7:c2:f6:f9:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Nov 11 02:01:25 2025 GMT
            Not After : Nov 12 02:01:25 2025 GMT
        Subject: CN=da9a79a2fa1a4afe5cc46a94b41b664d09040c38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:72:d7:46:20:03:a3:29:66:4b:0f:94:89:19:
                    38:52:cb:f1:8b:5b:c1:52:86:ff:ca:ba:3d:d4:d3:
                    88:13:3a:c7:c8:c7:89:cc:05:ed:d5:d1:fb:b7:4d:
                    28:7f:1c:3c:f0:47:37:e3:56:e7:ad:d3:c2:fc:59:
                    00:46:9d:3c:88:ed:e9:2f:53:d7:aa:b4:29:66:36:
                    c5:55:b8:97:48:a4:59:d7:cb:59:a4:3d:ef:db:1b:
                    bd:a3:c4:e9:cd:71:8a:02:55:c1:60:75:7c:7a:7d:
                    24:55:84:b8:97:a2:ff:18:ba:b4:45:b9:e8:b3:fb:
                    e6:aa:ff:34:11:5e:f2:70:03:40:1f:c4:5f:ad:d0:
                    bc:86:bd:02:3c:63:16:74:b9:df:b3:da:86:d2:af:
                    6e:e9:14:66:fa:bd:bf:54:d7:58:67:af:fc:de:9d:
                    05:d0:0a:ea:1c:c5:ae:7b:83:32:c4:21:ca:3c:b7:
                    e1:dd:2f:67:78:30:59:cd:f8:91:ed:84:d3:ab:12:
                    d1:86:9b:17:17:18:d5:49:1f:1d:a2:e4:19:cf:ae:
                    17:57:f0:0f:34:7e:ff:6c:2e:59:f3:cf:38:83:1c:
                    bd:7d:b9:02:e1:10:8c:b5:2e:fe:66:bf:d0:a1:13:
                    e5:88:90:6c:77:33:5d:9c:7d:bb:ab:4f:d2:d2:87:
                    ef:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:9A:79:A2:FA:1A:4A:FE:5C:C4:6A:94:B4:1B:66:4D:09:04:0C:38
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:bf:1c:67:12:ee:a5:95:30:f8:fc:0c:2a:30:40:6d:04:b6:
         e5:ce:31:f4:f9:b9:74:0c:3b:be:8b:52:4b:59:25:f1:32:61:
         6d:4c:0d:7d:c0:dc:67:98:fb:03:e0:fd:b1:a4:aa:28:d3:55:
         fc:52:f9:3f:e8:37:8f:d9:8d:bf:4b:b2:ab:73:17:4c:12:b7:
         c5:3c:c5:d0:00:76:bb:49:ae:b1:ad:98:f1:91:51:7c:c6:ac:
         77:c7:5a:b4:c5:8b:ae:67:1d:7d:cf:6a:ce:aa:0f:57:45:63:
         5b:04:38:1f:e1:ff:50:24:05:61:06:cd:4c:dd:cf:6c:ef:89:
         04:62:5e:8c:28:c0:56:6d:bb:fc:b9:0a:af:80:0c:64:64:5f:
         73:97:70:60:8b:63:6c:f5:fa:73:5a:e9:87:50:92:42:a3:65:
         ff:17:e6:4d:ea:b7:0b:5a:56:70:55:49:25:9a:db:84:ba:22:
         23:b7:02:8e:95:ff:22:3f:59:ac:10:a4:a1:fe:3d:ef:37:33:
         90:54:f0:e8:d2:d2:9c:ce:9a:14:c8:b2:02:7a:82:42:3e:29:
         46:55:14:3e:8a:38:c4:f7:12:9b:a1:76:02:2b:f5:7e:90:af:
         2d:63:af:64:b8:d9:af:05:b0:5a:f2:35:e1:1c:e7:6d:c9:59:
         d3:8f:82:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpYFjjXgbbwdH3MfC9vl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUxMTExMDIwMTI1WhcNMjUxMTEyMDIwMTI1WjAzMTEwLwYDVQQD
EyhkYTlhNzlhMmZhMWE0YWZlNWNjNDZhOTRiNDFiNjY0ZDA5MDQwYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXLXRiADoylmSw+UiRk4Usvxi1vB
Uob/yro91NOIEzrHyMeJzAXt1dH7t00ofxw88Ec341bnrdPC/FkARp08iO3pL1PX
qrQpZjbFVbiXSKRZ18tZpD3v2xu9o8TpzXGKAlXBYHV8en0kVYS4l6L/GLq0Rbno
s/vmqv80EV7ycANAH8RfrdC8hr0CPGMWdLnfs9qG0q9u6RRm+r2/VNdYZ6/83p0F
0ArqHMWue4MyxCHKPLfh3S9neDBZzfiR7YTTqxLRhpsXFxjVSR8douQZz64XV/AP
NH7/bC5Z8884gxy9fbkC4RCMtS7+Zr/QoRPliJBsdzNdnH27q0/S0ofvlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqaeaL6Gkr+XMRqlLQbZk0JBAw4MB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFb8cZxLu
pZUw+PwMKjBAbQS25c4x9Pm5dAw7votSS1kl8TJhbUwNfcDcZ5j7A+D9saSqKNNV
/FL5P+g3j9mNv0uyq3MXTBK3xTzF0AB2u0musa2Y8ZFRfMasd8datMWLrmcdfc9q
zqoPV0VjWwQ4H+H/UCQFYQbNTN3PbO+JBGJejCjAVm27/LkKr4AMZGRfc5dwYItj
bPX6c1rph1CSQqNl/xfmTeq3C1pWcFVJJZrbhLoiI7cCjpX/Ij9ZrBCkof497zcz
kFTw6NLSnM6aFMiyAnqCQj4pRlUUPoo4xPcSm6F2Aiv1fpCvLWOvZLjZrwWwWvI1
4RznbclZ04+CSg==
-----END CERTIFICATE-----