Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          vJOdgo/OWEWz/L+2jfLiBBzL3BhGJfTwC7WHHb3M5iw=
Subject key identifier:   E1:AE:BE:C2:83:96:37:AC:BE:12:63:6E:76:17:EB:CE:63:2C:47:96
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       019874BD7A45DB26B95489BBA217E5A96082
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0CE6
Signing time:             Mon 04 Aug 2025 11:00:31 +0000
Manifest this update:     Mon 04 Aug 2025 11:00:31 +0000
Manifest next update:     Tue 05 Aug 2025 11:00:31 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: E60iGxRPifM3LrRyraf4Qvf3gZn3N0vW61kKKLY/89I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 11:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:bd:7a:45:db:26:b9:54:89:bb:a2:17:e5:a9:60:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Aug  4 11:00:31 2025 GMT
            Not After : Aug  5 11:00:31 2025 GMT
        Subject: CN=e1aebec2839637acbe12636e7617ebce632c4796
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a0:ff:c8:45:1e:1c:18:83:98:ba:30:73:15:
                    32:1e:95:3d:dc:68:3e:5f:9c:2e:2c:59:0b:06:fc:
                    65:b9:2f:42:4b:7f:cf:a1:31:d7:5d:97:33:2f:b0:
                    b7:b1:3b:63:4a:55:62:a2:da:40:60:f0:ed:fb:1a:
                    64:fc:f6:5f:ec:d4:00:ce:76:12:a1:cc:c5:88:89:
                    af:0e:23:76:55:4c:8e:b1:e2:7c:24:26:ab:8c:a3:
                    25:8e:8e:2c:35:51:32:94:5b:5a:68:69:8c:9e:96:
                    c1:17:a2:46:30:46:33:03:11:dc:16:1d:4d:a0:e5:
                    50:69:e4:77:45:f1:e6:d0:a0:83:2f:df:c6:0b:50:
                    b4:b2:ce:7c:be:c4:08:9e:1f:fb:41:b5:ae:65:4a:
                    6b:a6:71:11:fb:65:21:14:7e:10:ea:6f:80:9d:64:
                    24:b8:af:72:5e:87:d2:c5:aa:16:44:e6:6e:fd:35:
                    a5:4c:57:7e:bc:7f:d5:66:61:f1:58:91:41:75:01:
                    b2:6c:40:64:f3:a3:f2:e5:f1:76:2b:02:42:f6:32:
                    9e:7c:fc:ba:89:01:4b:62:26:ed:0b:ac:41:69:1e:
                    db:c1:b7:f0:40:27:d2:fc:a7:29:ad:f4:f2:0b:93:
                    0e:85:d8:04:37:a6:dd:70:5b:84:31:f6:14:ae:13:
                    28:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:AE:BE:C2:83:96:37:AC:BE:12:63:6E:76:17:EB:CE:63:2C:47:96
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:bd:f2:9c:50:61:b3:e4:df:94:31:32:3f:96:ce:d6:4d:52:
         9c:cc:f4:f9:82:c4:41:5a:c2:c8:86:6c:52:74:4a:60:45:53:
         58:d2:ec:d6:9f:12:b7:bd:40:ce:85:19:ea:a7:75:0b:e9:90:
         65:dc:a5:76:e9:29:26:6b:27:6c:1e:65:80:0a:6e:df:2e:c8:
         bf:f2:50:08:b3:8f:7c:80:b7:ac:bf:69:70:f8:95:38:99:88:
         21:30:ec:12:cf:02:9a:fd:59:7a:47:ac:ee:6e:46:09:3a:04:
         cc:a5:bb:60:02:1e:73:c7:48:5b:56:13:ec:ef:44:bf:a1:e7:
         51:c8:90:c7:06:05:96:7d:0f:98:01:60:c1:ec:87:65:6f:38:
         fb:c0:55:6c:77:87:87:5e:98:70:18:31:03:4d:eb:ef:ff:07:
         c8:0b:fe:e7:39:ce:52:59:47:d8:2f:e9:43:a2:d4:96:69:e9:
         c6:b6:20:81:a1:03:a4:11:03:26:9d:65:4d:82:0b:72:f3:29:
         69:09:24:ac:23:ff:43:b7:2f:2c:fd:74:14:fd:7f:21:78:38:
         c5:ec:d3:29:2b:60:fe:78:4f:8d:c3:2a:7b:d3:82:9d:c8:ac:
         c6:75:25:09:39:f8:7b:bc:2e:37:d7:9e:6e:e4:7d:eb:9e:50:
         c0:71:91:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0vXpF2ya5VIm7ohflqWCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwODA0MTEwMDMxWhcNMjUwODA1MTEwMDMxWjAzMTEwLwYDVQQD
EyhlMWFlYmVjMjgzOTYzN2FjYmUxMjYzNmU3NjE3ZWJjZTYzMmM0Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaD/yEUeHBiDmLowcxUyHpU93Gg+
X5wuLFkLBvxluS9CS3/PoTHXXZczL7C3sTtjSlViotpAYPDt+xpk/PZf7NQAznYS
oczFiImvDiN2VUyOseJ8JCarjKMljo4sNVEylFtaaGmMnpbBF6JGMEYzAxHcFh1N
oOVQaeR3RfHm0KCDL9/GC1C0ss58vsQInh/7QbWuZUprpnER+2UhFH4Q6m+AnWQk
uK9yXofSxaoWROZu/TWlTFd+vH/VZmHxWJFBdQGybEBk86Py5fF2KwJC9jKefPy6
iQFLYibtC6xBaR7bwbfwQCfS/KcprfTyC5MOhdgEN6bdcFuEMfYUrhMo+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGuvsKDljesvhJjbnYX685jLEeWMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH73ynFBh
s+TflDEyP5bO1k1SnMz0+YLEQVrCyIZsUnRKYEVTWNLs1p8St71AzoUZ6qd1C+mQ
ZdyldukpJmsnbB5lgApu3y7Iv/JQCLOPfIC3rL9pcPiVOJmIITDsEs8Cmv1Zekes
7m5GCToEzKW7YAIec8dIW1YT7O9Ev6HnUciQxwYFln0PmAFgweyHZW84+8BVbHeH
h16YcBgxA03r7/8HyAv+5znOUllH2C/pQ6LUlmnpxrYggaEDpBEDJp1lTYILcvMp
aQkkrCP/Q7cvLP10FP1/IXg4xezTKStg/nhPjcMqe9OCncisxnUlCTn4e7wuN9ee
buR9655QwHGRYA==
-----END CERTIFICATE-----