Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
File:                     QqjNSXm8XdMbENe3GFDvEurDz7U.mft (raw, json)
Hash identifier:          vWoNWzhbVJDkGQcm1GUaaUs6+Lb8Wswp/bEJA23KAW8=
Subject key identifier:   0C:DF:65:2E:EB:4F:96:F9:FB:2E:AD:2D:57:02:6A:A4:82:D1:76:00
Authority key identifier: 42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5
Certificate issuer:       /CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
Certificate serial:       01988DD8F75BD42BDBD7D80FD3FB54390D5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
Manifest number:          03AF
Signing time:             Sat 09 Aug 2025 08:01:03 +0000
Manifest this update:     Sat 09 Aug 2025 08:01:03 +0000
Manifest next update:     Sun 10 Aug 2025 08:01:03 +0000
Files and hashes:         1: QqjNSXm8XdMbENe3GFDvEurDz7U.crl (hash: WOEwGTy+vaj8ea3ruXnn4V9F02dYQtOmlgyE2B/Wzl8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8d:d8:f7:5b:d4:2b:db:d7:d8:0f:d3:fb:54:39:0d:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
        Validity
            Not Before: Aug  9 08:01:03 2025 GMT
            Not After : Aug 10 08:01:03 2025 GMT
        Subject: CN=0cdf652eeb4f96f9fb2ead2d57026aa482d17600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:cb:f6:ce:b7:c2:ae:e3:47:9b:5e:7c:a5:87:
                    8c:d5:f0:9a:71:9d:02:83:28:4b:af:86:90:27:5b:
                    01:cb:b6:45:4b:a9:32:c3:e1:80:e5:77:13:a6:39:
                    a8:e9:90:89:1f:cd:59:a1:ce:8e:88:4e:94:65:4d:
                    7b:b3:12:60:c2:d5:1b:01:9f:f1:87:24:19:6f:95:
                    64:c8:39:93:61:29:ba:74:7e:e5:99:30:c8:47:49:
                    f4:a7:dd:7f:e3:67:10:71:9f:06:09:8d:a4:83:65:
                    59:14:31:22:b1:46:37:4e:fd:aa:86:72:b9:48:f7:
                    b0:43:ce:a5:2a:c0:f4:25:02:6d:7c:b8:91:dd:dc:
                    25:21:2a:5e:23:c1:ca:22:af:50:cb:6c:c9:63:70:
                    c2:98:11:fa:ee:34:bc:52:b8:93:c3:ba:a7:ff:4d:
                    58:c2:57:6f:e2:a2:43:a2:38:4a:30:bf:f7:50:a6:
                    71:aa:d9:5e:9f:8f:ee:d3:f5:50:2d:01:69:3a:af:
                    b8:71:c8:0b:7d:b1:71:b6:66:a2:d6:12:a2:65:44:
                    13:b1:49:95:55:5d:49:62:af:b5:a2:e4:e9:b6:71:
                    6b:ac:48:b3:71:d6:25:5d:93:23:82:a1:8a:0c:b7:
                    dc:90:24:ef:79:b8:11:ba:39:f6:f3:99:8d:04:e3:
                    e1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DF:65:2E:EB:4F:96:F9:FB:2E:AD:2D:57:02:6A:A4:82:D1:76:00
            X509v3 Authority Key Identifier:
                keyid:42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:ac:2b:63:45:8c:59:0e:ad:a0:8d:b0:79:4f:f8:38:ed:57:
         ad:75:02:e0:b4:4c:4d:25:89:66:cb:76:59:ab:2a:42:9e:ac:
         f7:e8:f7:1a:70:46:f1:35:6e:cf:df:53:e3:9a:a3:94:2e:5c:
         09:f3:fd:ca:3c:0c:66:69:d2:fd:1a:a5:32:d3:db:e9:83:47:
         1d:24:31:35:11:09:4e:c7:fd:17:24:37:2d:f4:e3:68:ba:6e:
         de:63:1b:7d:c6:ac:49:52:d3:8f:98:a0:ac:f1:45:7f:75:5b:
         08:c9:6d:ee:35:95:e2:05:70:6e:21:aa:62:f1:95:87:f2:6d:
         80:ca:e1:a7:cf:25:5b:bc:d0:3e:d5:af:ab:fb:f1:d9:7d:ed:
         da:a4:b5:27:46:4b:b7:86:91:75:75:66:84:47:24:b0:ec:0a:
         43:79:23:88:61:ed:00:2d:f8:95:91:3f:fc:54:86:90:6e:23:
         8c:94:26:71:ab:02:87:50:6e:11:8c:5d:e9:dc:bd:04:62:85:
         19:fc:9f:ca:24:36:7f:81:17:47:94:13:94:3c:b8:1d:75:d6:
         08:4f:6e:94:eb:72:3a:67:49:0c:16:f2:40:46:18:0d:7a:a8:
         08:8c:bd:1b:4d:42:95:4f:ae:50:54:b0:05:88:a1:8d:8b:34:
         f7:16:72:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiN2Pdb1Cvb19gP0/tUOQ1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYThjZDQ5NzliYzVkZDMxYjEwZDdiNzE4NTBlZjEyZWFj
M2NmYjUwHhcNMjUwODA5MDgwMTAzWhcNMjUwODEwMDgwMTAzWjAzMTEwLwYDVQQD
EygwY2RmNjUyZWViNGY5NmY5ZmIyZWFkMmQ1NzAyNmFhNDgyZDE3NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcv2zrfCruNHm158pYeM1fCacZ0C
gyhLr4aQJ1sBy7ZFS6kyw+GA5XcTpjmo6ZCJH81Zoc6OiE6UZU17sxJgwtUbAZ/x
hyQZb5VkyDmTYSm6dH7lmTDIR0n0p91/42cQcZ8GCY2kg2VZFDEisUY3Tv2qhnK5
SPewQ86lKsD0JQJtfLiR3dwlISpeI8HKIq9Qy2zJY3DCmBH67jS8UriTw7qn/01Y
wldv4qJDojhKML/3UKZxqtlen4/u0/VQLQFpOq+4ccgLfbFxtmai1hKiZUQTsUmV
VV1JYq+1ouTptnFrrEizcdYlXZMjgqGKDLfckCTvebgRujn285mNBOPhJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzfZS7rT5b5+y6tLVcCaqSC0XYAMB8GA1UdIwQY
MBaAFEKozUl5vF3TGxDXtxhQ7xLqw8+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYt
YmU1YTBmZmI4Y2E1LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYtYmU1YTBmZmI4Y2E1
LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeawrY0WM
WQ6toI2weU/4OO1XrXUC4LRMTSWJZst2WasqQp6s9+j3GnBG8TVuz99T45qjlC5c
CfP9yjwMZmnS/RqlMtPb6YNHHSQxNREJTsf9FyQ3LfTjaLpu3mMbfcasSVLTj5ig
rPFFf3VbCMlt7jWV4gVwbiGqYvGVh/JtgMrhp88lW7zQPtWvq/vx2X3t2qS1J0ZL
t4aRdXVmhEcksOwKQ3kjiGHtAC34lZE//FSGkG4jjJQmcasCh1BuEYxd6dy9BGKF
GfyfyiQ2f4EXR5QTlDy4HXXWCE9ulOtyOmdJDBbyQEYYDXqoCIy9G01ClU+uUFSw
BYihjYs09xZysw==
-----END CERTIFICATE-----