Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          EjibrKvDdn9knE4MgNfx8wOk8MK+jOi6riQVqxQow0U=
Subject key identifier:   1D:13:B5:AC:6D:5E:5A:F9:CD:61:88:67:91:6D:C5:74:B2:36:FE:F9
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       01976A0601188EA5CDC036016679279D67C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          069A
Signing time:             Fri 13 Jun 2025 16:01:07 +0000
Manifest this update:     Fri 13 Jun 2025 16:01:07 +0000
Manifest next update:     Sat 14 Jun 2025 16:01:07 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: YjtV8xEZAwteI2G7xsaZWnyJBOkkNC8bjfQzR1X0SuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:06:01:18:8e:a5:cd:c0:36:01:66:79:27:9d:67:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Jun 13 16:01:07 2025 GMT
            Not After : Jun 14 16:01:07 2025 GMT
        Subject: CN=1d13b5ac6d5e5af9cd618867916dc574b236fef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4a:8e:3e:21:9e:a6:ac:3a:0e:72:82:f7:d3:
                    21:af:ef:43:60:a2:31:01:ab:78:91:85:54:55:81:
                    9f:8f:cb:3a:aa:ff:4c:28:d6:86:62:34:25:24:61:
                    14:97:96:8d:8c:07:2b:fe:4f:a6:26:cf:16:a4:cc:
                    eb:16:92:b4:66:d6:9f:ce:ae:ba:10:72:45:4e:99:
                    a8:fe:f7:66:cc:57:78:0b:6e:0a:ae:cd:81:9d:86:
                    d7:26:54:67:00:bf:47:17:79:6f:a9:7a:6b:6a:fe:
                    49:ff:c4:16:7e:95:cb:e3:31:d7:d3:9f:cf:b8:d6:
                    e2:9a:74:b8:3c:15:83:b8:e3:89:49:03:d9:16:40:
                    9b:60:d9:79:c2:94:a4:40:05:1c:d7:13:0d:c9:4f:
                    3b:aa:c6:95:3c:2d:c0:10:52:3d:39:c1:86:b6:6b:
                    51:93:a6:d8:c1:59:29:a7:cc:a6:0b:45:09:c3:44:
                    33:69:53:44:73:fe:22:0b:a7:d1:0c:91:78:ae:85:
                    c8:18:a2:71:18:3f:a4:1f:b2:91:f4:a8:ca:64:b7:
                    c2:8a:0b:53:19:dc:c2:02:e1:63:6e:3c:b1:88:92:
                    4a:17:8c:01:06:df:fe:ea:97:2a:4c:64:d8:cc:ad:
                    2b:05:55:9d:c7:9d:48:aa:50:9c:32:0b:a9:76:35:
                    50:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:13:B5:AC:6D:5E:5A:F9:CD:61:88:67:91:6D:C5:74:B2:36:FE:F9
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:7b:ae:eb:77:36:87:02:44:23:85:76:32:e5:1a:fd:20:2f:
         e7:4e:05:96:67:f3:9a:bb:82:b6:79:39:97:63:37:12:3a:f3:
         fb:77:c5:25:76:f3:7b:4a:d6:b1:43:57:be:26:81:b7:50:32:
         ba:a9:5d:9d:7a:71:30:dc:d9:dd:8d:15:c2:f3:49:48:bf:c2:
         30:54:96:b5:83:72:e9:30:aa:7f:83:6b:95:5e:a6:4c:5e:92:
         54:2b:e1:7d:b5:aa:37:f3:ee:b2:de:18:b0:f9:d6:27:0e:77:
         00:cd:a8:52:d4:b7:63:67:e6:ab:b4:01:cf:55:8e:1c:da:e8:
         90:70:68:6a:58:34:0f:62:38:3d:ff:5b:32:76:18:b8:30:f6:
         0e:1b:3f:57:63:00:d0:85:52:00:9a:84:6c:ec:b2:c4:ba:60:
         d6:22:71:cb:33:f6:06:2a:ea:33:a0:5e:18:85:10:24:eb:6d:
         d3:6a:af:87:21:15:7e:bc:bc:f1:64:b0:65:10:3c:16:d2:3b:
         62:54:36:66:94:ec:a2:10:de:aa:2a:6b:f1:a0:e8:8f:de:8d:
         c6:11:fe:2d:42:2f:5e:1b:17:fc:d2:13:d2:d7:ca:14:5d:1c:
         5e:4b:b4:64:0c:a8:20:c6:be:bd:16:bd:eb:b5:76:88:00:aa:
         87:00:ae:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBgEYjqXNwDYBZnknnWfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjUwNjEzMTYwMTA3WhcNMjUwNjE0MTYwMTA3WjAzMTEwLwYDVQQD
EygxZDEzYjVhYzZkNWU1YWY5Y2Q2MTg4Njc5MTZkYzU3NGIyMzZmZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskqOPiGepqw6DnKC99Mhr+9DYKIx
Aat4kYVUVYGfj8s6qv9MKNaGYjQlJGEUl5aNjAcr/k+mJs8WpMzrFpK0Ztafzq66
EHJFTpmo/vdmzFd4C24Krs2BnYbXJlRnAL9HF3lvqXprav5J/8QWfpXL4zHX05/P
uNbimnS4PBWDuOOJSQPZFkCbYNl5wpSkQAUc1xMNyU87qsaVPC3AEFI9OcGGtmtR
k6bYwVkpp8ymC0UJw0QzaVNEc/4iC6fRDJF4roXIGKJxGD+kH7KR9KjKZLfCigtT
GdzCAuFjbjyxiJJKF4wBBt/+6pcqTGTYzK0rBVWdx51IqlCcMgupdjVQfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0TtaxtXlr5zWGIZ5FtxXSyNv75MB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3uu63c2
hwJEI4V2MuUa/SAv504FlmfzmruCtnk5l2M3Ejrz+3fFJXbze0rWsUNXviaBt1Ay
uqldnXpxMNzZ3Y0VwvNJSL/CMFSWtYNy6TCqf4NrlV6mTF6SVCvhfbWqN/Pust4Y
sPnWJw53AM2oUtS3Y2fmq7QBz1WOHNrokHBoalg0D2I4Pf9bMnYYuDD2Dhs/V2MA
0IVSAJqEbOyyxLpg1iJxyzP2BirqM6BeGIUQJOtt02qvhyEVfry88WSwZRA8FtI7
YlQ2ZpTsohDeqipr8aDoj96NxhH+LUIvXhsX/NIT0tfKFF0cXku0ZAyoIMa+vRa9
67V2iACqhwCuAA==
-----END CERTIFICATE-----