Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          pIyz25gX0JcUDumT94DeHQSmzeD50xJtrqBuYawdbzw=
Subject key identifier:   D7:25:6E:AA:B2:08:9E:1A:1A:D2:15:5D:8E:2E:0C:C7:B5:0B:62:1C
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019A4EF4FF3943A60D59244EB81DCCBA80E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          165D
Signing time:             Tue 04 Nov 2025 13:01:10 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:10 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:10 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: gGaLikDr4L7MK4JGVrwWS+U/BFnpknZHFTKX1d93sEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:ff:39:43:a6:0d:59:24:4e:b8:1d:cc:ba:80:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Nov  4 13:01:10 2025 GMT
            Not After : Nov  5 13:01:10 2025 GMT
        Subject: CN=d7256eaab2089e1a1ad2155d8e2e0cc7b50b621c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:d2:b2:05:34:27:60:47:d6:ca:78:44:ec:aa:
                    a4:ef:8f:5d:b7:70:5b:9e:8f:9f:18:7c:3f:80:10:
                    88:4a:e9:f2:1a:bf:f3:58:dd:ec:88:4e:84:13:7e:
                    e1:29:f4:4b:6f:9a:1b:1b:e4:64:22:2e:3d:11:54:
                    b4:57:bb:c1:3d:0b:77:c5:48:56:f5:e6:a0:cc:58:
                    0b:f8:4f:aa:59:d4:7f:8b:07:cb:67:9f:04:e8:04:
                    a5:33:42:ea:21:bf:80:57:31:b0:33:68:75:9a:71:
                    2b:a4:82:7f:b3:23:ca:ab:4e:15:30:e7:a2:ef:94:
                    01:c6:bc:28:9c:25:85:72:73:97:6d:aa:06:ef:39:
                    e8:b5:06:fc:b0:0c:c8:52:87:0d:97:a8:ed:bd:ab:
                    a3:d3:26:e4:43:b1:82:21:ae:46:c1:b0:95:93:59:
                    c4:98:0b:72:58:aa:31:29:29:2a:b3:8b:7d:f3:2c:
                    a7:8a:17:6b:af:0b:f1:85:08:b6:48:bd:aa:38:98:
                    46:df:2b:49:6d:c9:9f:c3:a7:e6:16:d0:92:eb:68:
                    08:66:e8:c3:25:bb:4f:0b:44:0e:53:f4:33:4c:71:
                    be:2b:07:f2:98:ba:0d:23:f5:d6:ab:0f:ba:94:22:
                    af:2f:34:b1:12:9a:0b:bf:4d:81:eb:3d:91:e8:f7:
                    85:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:25:6E:AA:B2:08:9E:1A:1A:D2:15:5D:8E:2E:0C:C7:B5:0B:62:1C
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ab:1b:1a:cf:0b:1d:ea:93:d1:d8:6e:4c:2e:f4:77:83:b0:
         80:a0:0b:43:05:d0:f7:ac:aa:09:b9:ca:9f:3d:b0:59:9e:59:
         9c:1a:f7:18:7b:1d:7f:98:b5:0c:86:61:21:ed:0c:96:28:88:
         d5:81:46:74:f6:ab:18:1b:4e:5e:e2:9b:bd:15:94:5d:fb:5d:
         72:62:c6:fb:0e:8e:00:d5:42:29:87:d6:73:ed:db:81:80:d2:
         4d:79:7e:2d:9e:64:57:5c:c6:0c:59:fa:03:bd:62:11:18:75:
         fe:b5:d8:98:e8:8e:21:52:98:c6:3b:ad:ee:c0:26:2f:87:6d:
         71:60:64:83:b4:bd:2f:48:61:24:cb:b4:62:25:42:bf:ae:34:
         44:90:1a:0b:d0:ef:bc:b7:88:a5:47:c6:ad:8b:23:7d:74:0b:
         d0:51:43:24:ed:13:32:ce:60:d3:08:27:c5:e0:14:74:9a:ee:
         c2:46:d5:56:64:0a:97:2f:c4:84:36:ed:cd:dc:83:46:7a:07:
         eb:01:fb:85:93:d2:53:cc:51:46:c5:00:d6:f2:c3:c7:86:6a:
         ad:1a:43:cf:86:4f:8f:dd:09:8b:54:ec:7d:c0:63:dd:f9:55:
         2a:82:57:1d:81:b9:29:83:13:4a:19:b6:c9:bd:88:48:a3:3e:
         bc:e2:aa:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9P85Q6YNWSROuB3MuoDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUxMTA0MTMwMTEwWhcNMjUxMTA1MTMwMTEwWjAzMTEwLwYDVQQD
EyhkNzI1NmVhYWIyMDg5ZTFhMWFkMjE1NWQ4ZTJlMGNjN2I1MGI2MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89KyBTQnYEfWynhE7Kqk749dt3Bb
no+fGHw/gBCISunyGr/zWN3siE6EE37hKfRLb5obG+RkIi49EVS0V7vBPQt3xUhW
9eagzFgL+E+qWdR/iwfLZ58E6ASlM0LqIb+AVzGwM2h1mnErpIJ/syPKq04VMOei
75QBxrwonCWFcnOXbaoG7znotQb8sAzIUocNl6jtvauj0ybkQ7GCIa5GwbCVk1nE
mAtyWKoxKSkqs4t98yynihdrrwvxhQi2SL2qOJhG3ytJbcmfw6fmFtCS62gIZujD
JbtPC0QOU/QzTHG+KwfymLoNI/XWqw+6lCKvLzSxEpoLv02B6z2R6PeFsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNclbqqyCJ4aGtIVXY4uDMe1C2IcMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6sbGs8L
HeqT0dhuTC70d4OwgKALQwXQ96yqCbnKnz2wWZ5ZnBr3GHsdf5i1DIZhIe0MliiI
1YFGdParGBtOXuKbvRWUXftdcmLG+w6OANVCKYfWc+3bgYDSTXl+LZ5kV1zGDFn6
A71iERh1/rXYmOiOIVKYxjut7sAmL4dtcWBkg7S9L0hhJMu0YiVCv640RJAaC9Dv
vLeIpUfGrYsjfXQL0FFDJO0TMs5g0wgnxeAUdJruwkbVVmQKly/EhDbtzdyDRnoH
6wH7hZPSU8xRRsUA1vLDx4ZqrRpDz4ZPj90Ji1TsfcBj3flVKoJXHYG5KYMTShm2
yb2ISKM+vOKqIA==
-----END CERTIFICATE-----