Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          cxegUWf8cdKjoOVy9Zdtji2gWkpAL6i+n0eqj30CJbw=
Subject key identifier:   4F:F8:82:13:45:03:1A:5C:F5:94:99:74:2E:61:DD:23:B0:7B:D0:9C
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       019A4F6280A43B5F605AD6069E74B447EC3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 15:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:46 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: mbGFGp0KzsU/zCq2cOQzHtkXJcxzJjFbRyNGKKSkAgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:80:a4:3b:5f:60:5a:d6:06:9e:74:b4:47:ec:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: Nov  4 15:00:46 2025 GMT
            Not After : Nov  5 15:00:46 2025 GMT
        Subject: CN=4ff8821345031a5cf59499742e61dd23b07bd09c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c7:2a:e3:db:ab:5e:f5:09:ef:28:a8:e4:60:
                    18:d1:e5:64:5f:4c:b6:fc:3e:42:59:68:51:b9:ba:
                    44:81:74:10:d3:76:84:9d:da:70:24:ea:5c:50:dc:
                    fb:29:65:8e:3a:90:ec:13:db:42:9c:3f:d1:ea:32:
                    a5:89:02:a6:a5:14:f3:37:a4:f3:c7:7b:fb:a6:73:
                    48:15:28:aa:59:3a:1e:0b:9b:b7:3b:ee:be:a2:1c:
                    ea:2b:7b:0d:0e:1a:f7:d2:4a:cb:38:90:36:d3:ee:
                    26:af:b2:e4:d3:fb:12:73:9c:e4:0b:f3:85:33:32:
                    e3:75:0c:53:ef:f7:c0:40:d3:eb:43:a1:7a:5a:cc:
                    f2:2d:8d:39:41:b5:c9:95:d8:da:7b:b4:1a:02:95:
                    2a:87:7c:ef:9f:40:3e:1c:59:6f:fa:63:f9:d4:6f:
                    a0:68:30:f7:4a:51:d4:39:22:ed:be:17:ec:ca:86:
                    46:8f:2b:a6:bd:59:12:15:04:25:7f:65:64:cd:f3:
                    e7:22:1f:c3:88:89:3f:fa:36:7b:78:0b:26:cc:40:
                    dd:83:8d:de:43:47:e1:1d:34:55:ef:1e:e2:a2:12:
                    3b:fc:a0:66:f0:7d:2e:32:64:ba:b1:f4:fe:55:73:
                    6e:32:6a:4d:38:14:e8:eb:2d:49:4e:03:49:3a:f7:
                    60:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:F8:82:13:45:03:1A:5C:F5:94:99:74:2E:61:DD:23:B0:7B:D0:9C
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:59:fd:1e:e4:83:ef:55:b6:92:03:62:d3:6b:c0:aa:6f:e6:
         bd:21:e9:b4:29:a8:f7:1a:34:c9:e3:30:31:13:d9:19:b4:86:
         15:e2:2e:10:90:61:a6:b6:5a:77:90:59:c5:0a:11:e1:44:4d:
         5c:7c:92:81:08:99:33:08:83:60:31:26:e1:fc:32:37:fc:77:
         80:68:6e:b0:f3:cd:ba:06:cd:36:dc:0a:c1:84:fb:b7:24:71:
         08:50:eb:f1:26:f7:55:26:d8:cd:9b:4e:c4:fc:a5:5a:73:74:
         e1:ac:3f:b7:4b:32:91:4f:db:21:98:f8:fd:83:d1:57:c0:1d:
         5d:37:aa:3d:e5:de:1d:ba:94:f6:0e:87:c9:e6:d9:c1:95:03:
         8f:ee:e6:d9:1b:11:62:91:3f:f5:6e:a8:82:e2:3a:5c:09:bc:
         ed:9e:79:6b:66:0f:57:e1:f0:08:0f:59:2f:82:03:ab:ce:2a:
         8f:42:bc:6e:2b:cb:31:49:3b:fc:79:a8:b2:6f:61:3a:a9:97:
         8d:ae:18:5b:44:b9:ba:0f:bd:db:2b:9a:7e:2a:d2:27:8e:3c:
         69:76:10:c2:17:c4:e6:fd:d5:40:6c:0f:74:24:66:9e:03:3c:
         4e:29:b1:4e:17:11:e4:58:9a:95:f9:af:22:b3:f9:3e:34:c3:
         1e:d7:0b:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYoCkO19gWtYGnnS0R+w7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjUxMTA0MTUwMDQ2WhcNMjUxMTA1MTUwMDQ2WjAzMTEwLwYDVQQD
Eyg0ZmY4ODIxMzQ1MDMxYTVjZjU5NDk5NzQyZTYxZGQyM2IwN2JkMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mcq49urXvUJ7yio5GAY0eVkX0y2
/D5CWWhRubpEgXQQ03aEndpwJOpcUNz7KWWOOpDsE9tCnD/R6jKliQKmpRTzN6Tz
x3v7pnNIFSiqWToeC5u3O+6+ohzqK3sNDhr30krLOJA20+4mr7Lk0/sSc5zkC/OF
MzLjdQxT7/fAQNPrQ6F6WszyLY05QbXJldjae7QaApUqh3zvn0A+HFlv+mP51G+g
aDD3SlHUOSLtvhfsyoZGjyumvVkSFQQlf2VkzfPnIh/DiIk/+jZ7eAsmzEDdg43e
Q0fhHTRV7x7iohI7/KBm8H0uMmS6sfT+VXNuMmpNOBTo6y1JTgNJOvdg3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/4ghNFAxpc9ZSZdC5h3SOwe9CcMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFn9HuSD
71W2kgNi02vAqm/mvSHptCmo9xo0yeMwMRPZGbSGFeIuEJBhprZad5BZxQoR4URN
XHySgQiZMwiDYDEm4fwyN/x3gGhusPPNugbNNtwKwYT7tyRxCFDr8Sb3VSbYzZtO
xPylWnN04aw/t0sykU/bIZj4/YPRV8AdXTeqPeXeHbqU9g6HyebZwZUDj+7m2RsR
YpE/9W6oguI6XAm87Z55a2YPV+HwCA9ZL4IDq84qj0K8bivLMUk7/Hmosm9hOqmX
ja4YW0S5ug+92yuafirSJ448aXYQwhfE5v3VQGwPdCRmngM8TimxThcR5Fialfmv
IrP5PjTDHtcLxA==
-----END CERTIFICATE-----