Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          g36g0j7zfgO7FViq6/Wrng0VHDp1nzGE7BDENGiWD6c=
Subject key identifier:   0B:72:D7:FE:41:89:84:95:10:1E:39:2E:30:FF:C2:D0:F5:14:A7:DE
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019872CF38186A3D231B40C2A898A6AE7E4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          0573
Signing time:             Mon 04 Aug 2025 02:00:39 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:39 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:39 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: 4ap7ov0bZcON0cIWctjVkyyjcm4w/FVyLMOUJmJ9Xb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:38:18:6a:3d:23:1b:40:c2:a8:98:a6:ae:7e:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Aug  4 02:00:39 2025 GMT
            Not After : Aug  5 02:00:39 2025 GMT
        Subject: CN=0b72d7fe41898495101e392e30ffc2d0f514a7de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7e:21:61:66:86:0e:be:0f:84:9a:1f:e2:3f:
                    d9:a3:05:cf:4b:8d:a7:6e:17:72:e2:2a:d7:31:ac:
                    9f:9c:6e:a9:ee:8d:8a:c0:98:fd:0b:dd:f3:f2:e8:
                    41:d2:b4:16:f6:54:57:25:c5:2c:96:0c:42:d9:33:
                    64:f9:e1:eb:24:c5:c4:64:70:8a:48:aa:be:40:63:
                    99:3b:2b:62:8d:c3:0e:2c:ab:85:23:cb:4b:be:e4:
                    af:01:12:8e:ac:4e:17:97:83:3d:b8:17:49:c5:d9:
                    a9:cd:f1:63:e1:cd:6b:2b:2b:14:cb:49:fd:60:7a:
                    6e:8f:7f:75:87:67:31:36:c4:60:b0:e6:36:8d:e5:
                    06:49:8c:24:17:98:4f:29:2b:f0:8f:97:f7:e5:f2:
                    13:ec:f0:45:57:e7:32:1e:25:e2:5f:f8:71:e3:ed:
                    a3:f4:fc:7c:ff:de:b9:d4:57:15:3d:04:fa:d7:82:
                    78:9d:fb:61:df:1f:e4:f0:e7:aa:c7:43:1a:b2:a3:
                    db:90:97:a0:62:a2:8a:50:a3:0a:e1:20:9a:50:50:
                    c2:03:d7:21:bc:81:fc:3a:b4:3f:82:e4:f0:c5:8d:
                    18:ff:d5:39:df:50:32:d3:aa:8b:8d:41:cc:4b:a0:
                    ca:a1:69:79:71:e1:7d:e1:3a:50:d0:b6:38:3a:7c:
                    44:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:72:D7:FE:41:89:84:95:10:1E:39:2E:30:FF:C2:D0:F5:14:A7:DE
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ab:c7:16:a4:49:c5:e5:fe:fb:17:49:92:6f:d0:63:32:05:
         20:2c:56:de:99:a6:97:88:df:32:7d:0e:11:ca:5c:a2:d4:f3:
         6f:9c:da:1d:a8:e1:b1:e6:3b:f2:fa:8a:42:8c:c4:16:56:cc:
         2c:42:49:e4:2a:58:9a:da:28:f5:49:3a:21:ac:27:0d:98:5e:
         d3:63:4d:cd:c7:db:23:de:b2:0f:6d:a7:ed:15:a8:f7:d3:fa:
         81:51:be:07:5d:73:04:92:55:0e:56:81:ca:30:e9:f8:86:ba:
         64:26:cc:c5:7b:81:81:d8:9a:d3:1e:e7:13:78:3a:c5:52:fc:
         85:3a:a5:b5:5a:14:4c:09:4e:d5:92:82:dd:18:dc:85:ab:62:
         45:ee:1d:96:79:6c:fc:ef:33:b4:1d:4b:3d:4a:83:fb:cd:ee:
         bc:03:1f:f7:e5:e9:1b:21:14:47:22:60:97:0e:7a:3f:e2:5a:
         9b:bd:0f:c1:0e:4c:42:69:0b:f7:8a:d3:5d:ba:35:5d:57:f4:
         82:10:75:ca:d4:cc:a3:2f:3a:1e:5a:ac:bf:3b:f7:e7:70:ce:
         5e:4d:61:ef:6d:1a:30:19:58:f3:16:73:02:6d:08:3b:a5:82:
         32:5e:15:d7:7d:46:22:e0:4f:07:1e:6f:c1:9d:5c:3a:3b:1c:
         f7:b3:07:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyzzgYaj0jG0DCqJimrn5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUwODA0MDIwMDM5WhcNMjUwODA1MDIwMDM5WjAzMTEwLwYDVQQD
EygwYjcyZDdmZTQxODk4NDk1MTAxZTM5MmUzMGZmYzJkMGY1MTRhN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX4hYWaGDr4PhJof4j/ZowXPS42n
bhdy4irXMayfnG6p7o2KwJj9C93z8uhB0rQW9lRXJcUslgxC2TNk+eHrJMXEZHCK
SKq+QGOZOytijcMOLKuFI8tLvuSvARKOrE4Xl4M9uBdJxdmpzfFj4c1rKysUy0n9
YHpuj391h2cxNsRgsOY2jeUGSYwkF5hPKSvwj5f35fIT7PBFV+cyHiXiX/hx4+2j
9Px8/9651FcVPQT614J4nfth3x/k8Oeqx0MasqPbkJegYqKKUKMK4SCaUFDCA9ch
vIH8OrQ/guTwxY0Y/9U531Ay06qLjUHMS6DKoWl5ceF94TpQ0LY4OnxE4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAty1/5BiYSVEB45LjD/wtD1FKfeMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6vHFqRJ
xeX++xdJkm/QYzIFICxW3pmml4jfMn0OEcpcotTzb5zaHajhseY78vqKQozEFlbM
LEJJ5CpYmtoo9Uk6IawnDZhe02NNzcfbI96yD22n7RWo99P6gVG+B11zBJJVDlaB
yjDp+Ia6ZCbMxXuBgdia0x7nE3g6xVL8hTqltVoUTAlO1ZKC3RjchatiRe4dlnls
/O8ztB1LPUqD+83uvAMf9+XpGyEURyJglw56P+Jam70PwQ5MQmkL94rTXbo1XVf0
ghB1ytTMoy86Hlqsvzv353DOXk1h720aMBlY8xZzAm0IO6WCMl4V131GIuBPBx5v
wZ1cOjsc97MH1w==
-----END CERTIFICATE-----