Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          8E+IHxh5MhDxiCGbBWAajCi+MwCGnwvNF2OfaYJ/ETU=
Subject key identifier:   F1:56:49:CC:14:C2:1C:15:BB:D6:85:F7:57:D2:A1:05:D1:62:FB:9C
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019A51BE8361EF0BF21A22C3266A37C97C94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          066B
Signing time:             Wed 05 Nov 2025 02:00:31 +0000
Manifest this update:     Wed 05 Nov 2025 02:00:31 +0000
Manifest next update:     Thu 06 Nov 2025 02:00:31 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: pfdwSTz8KKVSOCMctdA/vVmtbgeB4P7+t+JkepDfWQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 02:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:be:83:61:ef:0b:f2:1a:22:c3:26:6a:37:c9:7c:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Nov  5 02:00:31 2025 GMT
            Not After : Nov  6 02:00:31 2025 GMT
        Subject: CN=f15649cc14c21c15bbd685f757d2a105d162fb9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:9d:e8:3d:7f:8d:fa:92:fe:ce:c8:3e:77:48:
                    47:15:5f:af:3b:7f:17:1a:ef:9a:41:f1:55:89:5a:
                    3d:c0:c3:0b:ab:79:52:29:e2:ad:4f:2f:b5:82:03:
                    48:d9:85:6b:c5:23:47:f1:b1:a3:54:97:2f:c3:42:
                    36:26:4b:25:d3:9e:70:21:5f:37:86:0c:b8:f7:e3:
                    61:8b:cd:05:d7:6b:f6:28:ec:97:47:19:8c:24:fa:
                    0c:7b:9f:3b:0e:f2:b7:3c:02:03:91:01:c6:ef:23:
                    97:db:2c:25:8f:bd:74:70:44:d0:02:b2:40:27:81:
                    39:fc:45:34:a4:dc:f7:5b:69:cc:a7:2a:f8:55:ec:
                    fe:5e:7e:95:dc:5d:fa:af:71:5d:80:e9:64:13:08:
                    b0:a4:0c:16:4c:10:68:e7:94:c7:6a:4f:b9:d9:7e:
                    be:f9:89:94:db:7e:af:cd:2d:b5:44:46:43:7b:8a:
                    9f:5f:da:fa:bc:18:50:38:61:e5:ec:7d:4d:5a:b5:
                    c0:15:ec:d8:0e:7e:28:77:e6:d9:7e:48:12:8e:e5:
                    05:19:b1:2b:47:19:11:9f:c0:70:87:11:9b:d4:c8:
                    a4:07:bc:64:4a:18:cd:3a:0c:31:1c:6b:43:bd:6e:
                    ff:7b:e5:b3:1c:02:57:de:cf:6b:77:a2:1f:5a:e5:
                    f4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:56:49:CC:14:C2:1C:15:BB:D6:85:F7:57:D2:A1:05:D1:62:FB:9C
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:a0:55:ae:ef:3e:53:29:52:7d:40:19:7c:9f:c0:6d:4d:3e:
         ef:9f:22:f6:63:fa:21:67:dc:17:19:65:34:46:77:ff:13:4a:
         ab:e9:d8:a6:6e:3a:52:ec:33:34:82:bf:5a:3b:ca:48:f9:12:
         cf:a8:a9:a5:c0:6b:af:7f:0f:02:0a:d0:43:43:2d:82:35:bc:
         d7:d8:d5:52:d1:b1:d0:1f:ca:59:52:c2:95:b3:d6:a7:d0:d4:
         77:02:34:e4:04:7d:6f:f7:6d:86:32:75:18:c4:a1:44:78:48:
         82:e3:1c:fb:55:e2:aa:a3:9d:69:f5:4c:42:c4:80:af:f5:d7:
         51:91:fb:22:4d:08:09:d8:74:c0:c1:00:6f:90:f7:dc:5d:30:
         7f:eb:1d:a6:78:1f:d5:76:42:55:1b:34:ae:a3:53:88:4d:85:
         f7:0c:87:c8:2b:8f:39:f5:3e:3f:dd:6a:26:b2:fe:4a:41:33:
         f6:af:85:d5:6c:f3:e7:a5:f4:df:b7:cb:cc:6d:08:4f:f2:36:
         ea:8c:5d:29:cb:e8:aa:83:4c:98:47:a6:7a:ea:f7:c2:a5:dc:
         b1:c4:4f:b6:0d:7b:2e:aa:f0:6d:81:5e:04:61:00:d1:e1:57:
         62:b4:34:6c:fa:64:d3:76:2d:34:71:d3:07:e7:69:dd:87:d4:
         f7:9c:20:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvoNh7wvyGiLDJmo3yXyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUxMTA1MDIwMDMxWhcNMjUxMTA2MDIwMDMxWjAzMTEwLwYDVQQD
EyhmMTU2NDljYzE0YzIxYzE1YmJkNjg1Zjc1N2QyYTEwNWQxNjJmYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA753oPX+N+pL+zsg+d0hHFV+vO38X
Gu+aQfFViVo9wMMLq3lSKeKtTy+1ggNI2YVrxSNH8bGjVJcvw0I2Jksl055wIV83
hgy49+Nhi80F12v2KOyXRxmMJPoMe587DvK3PAIDkQHG7yOX2ywlj710cETQArJA
J4E5/EU0pNz3W2nMpyr4Vez+Xn6V3F36r3FdgOlkEwiwpAwWTBBo55THak+52X6+
+YmU236vzS21REZDe4qfX9r6vBhQOGHl7H1NWrXAFezYDn4od+bZfkgSjuUFGbEr
RxkRn8BwhxGb1MikB7xkShjNOgwxHGtDvW7/e+WzHAJX3s9rd6IfWuX01wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFWScwUwhwVu9aF91fSoQXRYvucMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn6BVru8+
UylSfUAZfJ/AbU0+758i9mP6IWfcFxllNEZ3/xNKq+nYpm46UuwzNIK/WjvKSPkS
z6ippcBrr38PAgrQQ0MtgjW819jVUtGx0B/KWVLClbPWp9DUdwI05AR9b/dthjJ1
GMShRHhIguMc+1XiqqOdafVMQsSAr/XXUZH7Ik0ICdh0wMEAb5D33F0wf+sdpngf
1XZCVRs0rqNTiE2F9wyHyCuPOfU+P91qJrL+SkEz9q+F1Wzz56X037fLzG0IT/I2
6oxdKcvoqoNMmEemeur3wqXcscRPtg17LqrwbYFeBGEA0eFXYrQ0bPpk03YtNHHT
B+dp3YfU95wg/Q==
-----END CERTIFICATE-----