Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          qdFmvMc8ttTWbX/7BNv5iCA4ZncgJlhyjaIgsuTNly0=
Subject key identifier:   BF:39:68:9E:BC:AF:54:B2:70:BE:92:36:5E:9F:5D:5D:22:4E:61:F1
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       019A4E18E30AF0238E0268C0B55D97913C9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          036E
Signing time:             Tue 04 Nov 2025 09:00:45 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:45 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:45 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: q4uE6ZxnSpzBTs1qpHnbgvoKB6tBKHC12wmmSsrnl8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:e3:0a:f0:23:8e:02:68:c0:b5:5d:97:91:3c:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Nov  4 09:00:45 2025 GMT
            Not After : Nov  5 09:00:45 2025 GMT
        Subject: CN=bf39689ebcaf54b270be92365e9f5d5d224e61f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2f:88:8e:2b:aa:0a:a7:81:f5:96:e9:b7:43:
                    0b:d4:00:67:f3:e9:51:6e:b3:29:44:14:36:06:e8:
                    94:78:c3:fc:4e:a9:4b:87:d1:5c:2c:90:6d:57:08:
                    2e:12:aa:61:05:5e:29:a9:69:c5:7f:ac:95:ab:59:
                    d6:95:67:22:1c:26:16:96:51:f8:04:34:52:ce:30:
                    1b:7e:95:cc:89:fb:bb:7a:08:8e:71:22:f1:ca:90:
                    0d:f3:8c:a7:8e:58:0c:43:65:70:d7:a3:55:c2:51:
                    5a:01:51:20:49:91:f7:88:c4:a5:98:6e:6a:3a:b7:
                    0f:75:34:cb:4d:f6:9e:91:e0:dd:46:97:4d:02:4e:
                    37:a7:17:26:ec:95:a9:55:16:13:3a:18:13:a4:6d:
                    66:a1:f2:28:55:b9:4c:91:3f:50:7c:fb:b9:fb:14:
                    ab:ea:06:db:75:c1:4a:a8:c5:84:16:b6:ee:15:95:
                    ac:f4:af:da:90:ad:bd:a5:37:ff:08:a4:a6:1c:ff:
                    4c:41:82:00:6a:32:35:3b:da:18:48:bc:5d:50:e6:
                    69:20:ab:f0:f1:ac:42:cf:60:67:9f:5b:77:25:ce:
                    7c:57:46:17:ae:b4:52:ea:45:fe:4d:c3:ef:07:82:
                    93:3c:3d:c7:a7:8d:cb:28:0f:46:9f:13:48:48:5f:
                    4d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:39:68:9E:BC:AF:54:B2:70:BE:92:36:5E:9F:5D:5D:22:4E:61:F1
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:f5:f4:d2:a3:e6:ec:9e:de:9a:eb:d0:e3:d7:01:2f:b6:c7:
         31:30:56:36:f6:6e:42:c9:1d:07:7e:14:0b:1d:e7:2a:2f:ae:
         53:08:57:89:c6:5b:ad:da:24:ea:d5:a5:19:de:56:08:48:76:
         d5:a9:fd:81:1f:16:39:10:d1:bb:1b:34:3c:2f:98:11:b0:6c:
         ca:05:46:c9:b8:fb:27:07:f7:94:d8:47:99:a5:02:47:0d:e1:
         62:c1:94:ab:8e:30:c2:5e:c1:31:f8:dd:d7:eb:3e:8c:49:7e:
         a3:66:9f:b6:86:21:68:b7:07:05:f6:e8:e0:56:10:91:9e:d7:
         0c:ad:e4:60:59:9d:76:da:41:52:98:ce:d0:14:dd:90:51:80:
         cf:dc:16:0b:3a:b8:67:ee:02:80:6f:47:4a:4d:3b:fa:4a:c4:
         5f:51:ff:e6:cf:38:30:36:14:e1:72:ac:d4:2b:4a:a4:1d:51:
         d7:8e:03:15:3d:f5:5f:ab:80:62:5a:24:9a:f7:d0:4b:8a:6a:
         9b:fc:60:09:db:2a:fa:f7:65:d2:6c:91:9d:ca:ec:a2:88:91:
         4e:d9:a4:48:31:76:49:b5:b6:51:be:f2:96:c0:d3:50:98:dd:
         0b:ab:b2:9f:53:29:36:5e:9a:87:c7:ab:d0:fd:8e:68:31:2e:
         b5:b4:20:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGOMK8COOAmjAtV2XkTycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjUxMTA0MDkwMDQ1WhcNMjUxMTA1MDkwMDQ1WjAzMTEwLwYDVQQD
EyhiZjM5Njg5ZWJjYWY1NGIyNzBiZTkyMzY1ZTlmNWQ1ZDIyNGU2MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S+IjiuqCqeB9Zbpt0ML1ABn8+lR
brMpRBQ2BuiUeMP8TqlLh9FcLJBtVwguEqphBV4pqWnFf6yVq1nWlWciHCYWllH4
BDRSzjAbfpXMifu7egiOcSLxypAN84ynjlgMQ2Vw16NVwlFaAVEgSZH3iMSlmG5q
OrcPdTTLTfaekeDdRpdNAk43pxcm7JWpVRYTOhgTpG1mofIoVblMkT9QfPu5+xSr
6gbbdcFKqMWEFrbuFZWs9K/akK29pTf/CKSmHP9MQYIAajI1O9oYSLxdUOZpIKvw
8axCz2Bnn1t3Jc58V0YXrrRS6kX+TcPvB4KTPD3Hp43LKA9GnxNISF9NKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL85aJ68r1SycL6SNl6fXV0iTmHxMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfX00qPm
7J7emuvQ49cBL7bHMTBWNvZuQskdB34UCx3nKi+uUwhXicZbrdok6tWlGd5WCEh2
1an9gR8WORDRuxs0PC+YEbBsygVGybj7Jwf3lNhHmaUCRw3hYsGUq44wwl7BMfjd
1+s+jEl+o2aftoYhaLcHBfbo4FYQkZ7XDK3kYFmddtpBUpjO0BTdkFGAz9wWCzq4
Z+4CgG9HSk07+krEX1H/5s84MDYU4XKs1CtKpB1R144DFT31X6uAYlokmvfQS4pq
m/xgCdsq+vdl0myRncrsooiRTtmkSDF2SbW2Ub7ylsDTUJjdC6uyn1MpNl6ah8er
0P2OaDEutbQg0Q==
-----END CERTIFICATE-----