Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          FKkWUe/3oslx+Cmgyl4NLamNDIINFqjiaKUzfoHh+mU=
Subject key identifier:   7C:89:FC:A6:03:16:FD:DF:5A:D9:DA:FB:8C:3C:F1:22:DE:14:E9:E1
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       01988BB338B8D61EADC9AE76F2116DC2CFBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          161F
Signing time:             Fri 08 Aug 2025 22:00:35 +0000
Manifest this update:     Fri 08 Aug 2025 22:00:35 +0000
Manifest next update:     Sat 09 Aug 2025 22:00:35 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: xvn/jO5C6LHylAtDlNwvmmwgq33AgGmqfHQd9wzAFhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:38:b8:d6:1e:ad:c9:ae:76:f2:11:6d:c2:cf:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Aug  8 22:00:35 2025 GMT
            Not After : Aug  9 22:00:35 2025 GMT
        Subject: CN=7c89fca60316fddf5ad9dafb8c3cf122de14e9e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:19:f0:f9:13:ab:46:33:30:c1:b0:89:0c:4d:
                    98:9b:1e:3c:14:ed:b0:75:63:11:4b:81:79:18:ab:
                    4c:bb:55:d7:32:b2:6b:26:63:19:6b:6d:e9:d3:ab:
                    98:73:87:9e:f9:e4:f2:c3:46:07:d3:22:b1:bd:2f:
                    2f:af:d8:ca:ca:97:5e:30:45:29:c5:38:0b:42:45:
                    78:60:0d:45:a4:c5:67:74:30:a1:60:18:46:ae:3b:
                    f7:81:ba:58:20:a4:33:de:7e:8a:ef:eb:80:14:05:
                    5c:f7:a7:27:94:3d:a9:83:4d:9f:dd:e9:59:86:21:
                    1d:8d:03:ec:ee:07:13:6a:78:bb:1c:fe:b5:b4:bf:
                    0e:93:7b:2b:3b:33:0e:cc:b6:dc:0f:aa:bc:e5:c9:
                    a2:b7:42:3a:7f:21:39:4a:7b:18:0e:98:a1:66:cd:
                    0b:42:e1:5f:b7:d5:79:27:a2:ab:4f:30:ef:52:6a:
                    9c:2b:1f:23:71:15:8e:c2:91:a9:4f:65:e3:25:a7:
                    16:72:e0:e8:b6:f2:25:b5:b2:34:4e:43:9c:64:57:
                    8b:ee:19:54:75:6d:15:fa:e6:bc:94:47:47:a5:b3:
                    a8:09:da:87:7f:52:15:34:69:95:1c:36:63:04:b5:
                    78:45:6e:df:58:a2:22:d0:b4:8f:2c:f3:45:09:2a:
                    30:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:89:FC:A6:03:16:FD:DF:5A:D9:DA:FB:8C:3C:F1:22:DE:14:E9:E1
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:04:3e:2b:53:cf:97:18:9c:a0:12:ce:a8:9d:71:47:e4:f4:
         05:38:d7:00:cb:e8:ae:99:59:35:7b:09:fc:4b:a1:fc:bb:c4:
         44:c8:9c:a8:68:56:19:8c:87:ae:5e:82:51:8f:62:b5:90:65:
         2c:62:cc:40:79:1d:aa:2b:5c:53:57:88:dc:0a:3b:0f:f3:5a:
         f2:f0:44:b0:cf:d1:03:34:b9:d6:a2:4e:0f:bf:a3:9b:23:ac:
         9b:c8:37:31:1e:1d:00:f0:c7:e7:8f:ff:f0:27:93:30:f7:12:
         e6:e1:ba:35:13:63:a6:35:15:5f:dd:7e:32:05:e0:15:a5:c5:
         96:af:59:f7:d0:51:ef:80:6f:c6:e9:7d:71:37:d5:16:3a:51:
         c3:a4:ea:06:b7:70:ec:1a:4b:37:37:37:d2:72:f3:99:47:91:
         f8:0e:f4:b9:c3:6d:c1:d1:fc:f9:86:c1:ab:3e:71:36:95:4f:
         2a:7c:33:ed:96:e4:54:5d:bf:d0:ea:d8:a7:36:f0:49:bc:d3:
         c8:3f:40:d2:97:bc:d7:f8:7a:ad:0d:20:27:0c:75:57:f6:17:
         39:75:ee:0e:e3:cd:86:d5:88:eb:ed:c5:dc:63:8a:5f:a5:06:
         3a:01:f2:31:dd:43:71:cb:1a:55:cd:5c:97:81:6e:c6:8f:93:
         d5:83:c6:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLszi41h6tya528hFtws+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwODA4MjIwMDM1WhcNMjUwODA5MjIwMDM1WjAzMTEwLwYDVQQD
Eyg3Yzg5ZmNhNjAzMTZmZGRmNWFkOWRhZmI4YzNjZjEyMmRlMTRlOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xnw+ROrRjMwwbCJDE2Ymx48FO2w
dWMRS4F5GKtMu1XXMrJrJmMZa23p06uYc4ee+eTyw0YH0yKxvS8vr9jKypdeMEUp
xTgLQkV4YA1FpMVndDChYBhGrjv3gbpYIKQz3n6K7+uAFAVc96cnlD2pg02f3elZ
hiEdjQPs7gcTani7HP61tL8Ok3srOzMOzLbcD6q85cmit0I6fyE5SnsYDpihZs0L
QuFft9V5J6KrTzDvUmqcKx8jcRWOwpGpT2XjJacWcuDotvIltbI0TkOcZFeL7hlU
dW0V+ua8lEdHpbOoCdqHf1IVNGmVHDZjBLV4RW7fWKIi0LSPLPNFCSowvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHyJ/KYDFv3fWtna+4w88SLeFOnhMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjAQ+K1PP
lxicoBLOqJ1xR+T0BTjXAMvorplZNXsJ/Euh/LvERMicqGhWGYyHrl6CUY9itZBl
LGLMQHkdqitcU1eI3Ao7D/Na8vBEsM/RAzS51qJOD7+jmyOsm8g3MR4dAPDH54//
8CeTMPcS5uG6NRNjpjUVX91+MgXgFaXFlq9Z99BR74Bvxul9cTfVFjpRw6TqBrdw
7BpLNzc30nLzmUeR+A70ucNtwdH8+YbBqz5xNpVPKnwz7ZbkVF2/0OrYpzbwSbzT
yD9A0pe81/h6rQ0gJwx1V/YXOXXuDuPNhtWI6+3F3GOKX6UGOgHyMd1DccsaVc1c
l4Fuxo+T1YPGlA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:47 2025 by rpki-client