Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          SLqtAFno6zebej8H4LQe1YvlJsmRU6atzK+yzMbLjs0=
Subject key identifier:   A9:53:92:B5:33:76:1D:09:C3:C4:F5:A6:41:1F:01:CA:DA:3A:8E:4D
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       01987B9CEFCB316ED0EFE07DDD13F42B365A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          156B
Signing time:             Tue 05 Aug 2025 19:02:19 +0000
Manifest this update:     Tue 05 Aug 2025 19:02:19 +0000
Manifest next update:     Wed 06 Aug 2025 19:02:19 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: EKuarIRrNQ88ak6GGK4DAkgmiw6PlABqNmFXx0boQKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 17:44:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9c:ef:cb:31:6e:d0:ef:e0:7d:dd:13:f4:2b:36:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Aug  5 19:02:19 2025 GMT
            Not After : Aug  6 19:02:19 2025 GMT
        Subject: CN=a95392b533761d09c3c4f5a6411f01cada3a8e4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:bd:6b:94:cb:5d:e9:28:b2:e7:34:bc:90:40:
                    ec:0c:9b:ce:27:e9:40:04:87:b6:dc:67:9f:e8:67:
                    e5:64:36:60:7e:25:ce:45:0e:ca:37:5f:ab:26:56:
                    df:77:1e:8c:e1:e2:87:91:eb:fa:1b:c4:a9:8a:bb:
                    4e:c8:6f:86:3f:50:a3:99:23:c0:6d:46:92:6e:0c:
                    35:88:c1:63:8c:6b:d0:35:50:87:a4:c1:27:66:b7:
                    17:8a:b4:81:da:ee:15:fe:e6:1c:0d:c0:92:75:9a:
                    af:6b:bb:16:a8:38:f5:59:45:56:08:16:b0:ab:b9:
                    a0:74:8a:2b:07:eb:99:6e:e0:37:ea:6f:30:66:3e:
                    4e:6a:32:cb:0b:89:0f:31:fd:a5:88:e7:0c:1d:52:
                    4b:c0:ac:25:60:2c:9d:32:d1:d4:1d:2a:98:1e:03:
                    a6:8d:6c:fa:85:ef:b6:24:db:2e:7f:ea:c9:46:a2:
                    a6:f5:b3:b6:e4:44:d9:a5:f1:c3:65:29:a1:ba:b7:
                    6b:c0:25:d6:9b:84:22:d4:6b:8b:35:a0:2a:6c:f5:
                    a9:3c:ed:c0:ac:e9:1f:5f:24:31:50:3c:e0:56:1e:
                    08:77:4f:f0:55:da:5b:66:c5:71:64:7a:73:c2:de:
                    ca:d4:f7:96:e0:99:99:f1:7d:46:98:51:e5:2a:f2:
                    57:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:53:92:B5:33:76:1D:09:C3:C4:F5:A6:41:1F:01:CA:DA:3A:8E:4D
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:c2:0d:bf:39:a8:01:9a:3f:98:44:12:b5:80:e7:42:d4:3e:
         eb:4d:9b:2c:a0:7d:f3:f8:6e:5c:c8:30:07:6b:ac:f0:eb:e1:
         02:41:8a:60:08:f6:8e:a9:c0:1e:c8:eb:fd:aa:8b:f0:4a:66:
         6c:2a:74:f6:8b:9b:8c:2c:b4:42:47:73:42:c1:59:ed:6e:75:
         02:9e:88:42:f9:a4:6d:50:5e:05:9e:74:e8:e3:b9:7f:e5:11:
         bc:a1:c8:ce:3b:0b:8f:c2:92:55:01:63:97:30:88:7f:49:aa:
         f5:bf:b4:4b:d7:ab:70:6a:b6:6e:46:fd:29:1f:40:ca:b7:96:
         79:e5:7f:99:d8:b1:d6:be:5f:f6:ce:c2:65:6f:38:12:b2:0c:
         78:80:2b:b5:d0:18:b0:da:15:9b:4a:ec:56:65:a6:7d:fc:37:
         0b:d5:9a:39:b2:6f:0b:17:54:14:eb:f2:00:ed:f7:aa:03:6f:
         ff:36:79:ce:6a:cc:bf:c5:3f:3f:ee:5e:cf:b5:3e:04:c3:be:
         0c:2f:67:aa:a3:d5:ec:35:db:c3:03:78:cc:5f:ac:42:ad:ba:
         6e:e4:be:28:ac:26:4b:b5:03:9c:d5:66:52:a8:67:1f:21:25:
         da:b4:95:0f:ea:08:9c:55:db:cf:9a:ac:55:d3:5f:52:fb:fc:
         b8:16:e0:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nO/LMW7Q7+B93RP0KzZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwODA1MTkwMjE5WhcNMjUwODA2MTkwMjE5WjAzMTEwLwYDVQQD
EyhhOTUzOTJiNTMzNzYxZDA5YzNjNGY1YTY0MTFmMDFjYWRhM2E4ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL1rlMtd6Siy5zS8kEDsDJvOJ+lA
BIe23Gef6GflZDZgfiXORQ7KN1+rJlbfdx6M4eKHkev6G8SpirtOyG+GP1CjmSPA
bUaSbgw1iMFjjGvQNVCHpMEnZrcXirSB2u4V/uYcDcCSdZqva7sWqDj1WUVWCBaw
q7mgdIorB+uZbuA36m8wZj5OajLLC4kPMf2liOcMHVJLwKwlYCydMtHUHSqYHgOm
jWz6he+2JNsuf+rJRqKm9bO25ETZpfHDZSmhurdrwCXWm4Qi1GuLNaAqbPWpPO3A
rOkfXyQxUDzgVh4Id0/wVdpbZsVxZHpzwt7K1PeW4JmZ8X1GmFHlKvJXHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlTkrUzdh0Jw8T1pkEfAcraOo5NMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMINvzmo
AZo/mEQStYDnQtQ+602bLKB98/huXMgwB2us8OvhAkGKYAj2jqnAHsjr/aqL8Epm
bCp09oubjCy0QkdzQsFZ7W51Ap6IQvmkbVBeBZ506OO5f+URvKHIzjsLj8KSVQFj
lzCIf0mq9b+0S9ercGq2bkb9KR9AyreWeeV/mdix1r5f9s7CZW84ErIMeIArtdAY
sNoVm0rsVmWmffw3C9WaObJvCxdUFOvyAO33qgNv/zZ5zmrMv8U/P+5ez7U+BMO+
DC9nqqPV7DXbwwN4zF+sQq26buS+KKwmS7UDnNVmUqhnHyEl2rSVD+oInFXbz5qs
VdNfUvv8uBbg2A==
-----END CERTIFICATE-----