Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          4igW/kAOdh9UmUrbxjHEkFaTZljhA7OL/EDzjsUbtfo=
Subject key identifier:   FB:4C:2E:88:B5:F2:56:F0:E4:E8:E3:6A:28:39:6F:D1:72:B1:9E:82
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       01976D3E2E5D0EF191AE8BD7D279E057FEFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0D30
Signing time:             Sat 14 Jun 2025 07:01:20 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:20 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:20 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: LaiG3+0oT0Frb4r89XnB1GCG/oW5Cv6E1smKEh6VT6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:2e:5d:0e:f1:91:ae:8b:d7:d2:79:e0:57:fe:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Jun 14 07:01:20 2025 GMT
            Not After : Jun 15 07:01:20 2025 GMT
        Subject: CN=fb4c2e88b5f256f0e4e8e36a28396fd172b19e82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:83:da:e5:8a:52:ea:db:c4:c0:78:6d:59:ca:
                    84:2d:df:5a:ca:32:af:2d:35:44:4d:1b:5f:d9:93:
                    03:58:84:39:72:f6:69:20:07:60:6e:fe:d9:a5:3a:
                    aa:c2:32:b9:3b:0e:d0:68:85:a6:31:d5:8c:44:5b:
                    ec:c3:71:08:f6:1e:f0:e4:5d:46:ab:34:03:4b:23:
                    19:a0:31:03:6b:66:83:7e:d3:51:27:42:e0:cc:0c:
                    59:ec:68:c4:fc:28:e4:22:45:33:8e:59:44:31:15:
                    b4:43:09:db:a6:d4:64:9d:58:2c:de:1c:d7:fc:b7:
                    29:1e:17:90:36:48:4d:1b:25:5f:41:cd:1b:fb:9b:
                    0b:2b:40:31:bb:fb:34:ef:f2:b4:0c:b9:33:76:5f:
                    7b:4b:ea:f3:22:76:55:5e:76:ef:5a:4d:d2:d6:c4:
                    fc:d4:55:d3:29:1c:c2:fd:dd:7f:26:96:28:5e:33:
                    7f:7a:a8:a5:a3:ed:8a:fc:e1:d0:62:0b:10:09:72:
                    1d:f3:ba:8f:20:6e:5d:4a:80:25:06:92:7f:cd:b9:
                    f6:fe:f4:5e:84:7a:e6:6a:1f:df:9c:56:c9:5b:8e:
                    e6:1e:09:e8:3e:16:4f:bb:46:2c:fb:a0:91:ec:f7:
                    ff:00:1e:4a:e7:8c:3f:de:56:9a:f8:81:38:15:cb:
                    57:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:4C:2E:88:B5:F2:56:F0:E4:E8:E3:6A:28:39:6F:D1:72:B1:9E:82
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:92:21:87:f0:5d:95:6c:83:0c:fa:ba:25:e7:d1:c4:c7:dd:
         20:f1:56:01:3d:51:03:9c:ab:cf:c3:8a:4f:c5:06:eb:6e:68:
         13:be:03:78:ea:56:e4:4b:cd:f1:95:69:71:60:5e:fc:d7:a5:
         36:59:74:ee:29:bc:54:4d:2d:10:dc:55:ef:42:85:eb:bf:80:
         00:d7:b9:15:d0:1c:52:ca:c9:59:d3:b9:ee:84:7d:5f:55:ec:
         25:f9:9f:82:28:79:6a:35:7e:d8:c0:f9:28:f4:ba:26:41:ae:
         a0:4d:e2:ac:a4:4e:22:60:62:42:39:9a:4f:f9:b0:81:c9:0f:
         80:cc:fb:94:c5:b1:81:1d:69:ff:59:47:5c:56:6f:87:ae:53:
         9d:e8:9b:10:7c:cf:fd:6b:96:ce:10:74:50:2b:98:4f:3f:89:
         8a:4e:f0:dd:c4:67:23:e1:6e:be:f3:f4:98:86:b6:f2:3d:25:
         89:e9:bb:b1:3b:8f:e0:78:f6:d9:33:d1:bc:b9:6d:2e:06:91:
         fd:0c:5f:b2:5a:4f:29:75:02:02:4f:29:0a:62:d3:4b:85:3a:
         0e:bf:da:61:e7:47:09:ae:df:12:bc:23:f8:eb:3e:5b:d3:d3:
         16:3e:47:ba:ab:8f:5b:ff:e6:4c:8b:b7:18:b9:e0:5e:5f:df:
         02:0d:2f:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPi5dDvGRrovX0nngV/76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwNjE0MDcwMTIwWhcNMjUwNjE1MDcwMTIwWjAzMTEwLwYDVQQD
EyhmYjRjMmU4OGI1ZjI1NmYwZTRlOGUzNmEyODM5NmZkMTcyYjE5ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIPa5YpS6tvEwHhtWcqELd9ayjKv
LTVETRtf2ZMDWIQ5cvZpIAdgbv7ZpTqqwjK5Ow7QaIWmMdWMRFvsw3EI9h7w5F1G
qzQDSyMZoDEDa2aDftNRJ0LgzAxZ7GjE/CjkIkUzjllEMRW0QwnbptRknVgs3hzX
/LcpHheQNkhNGyVfQc0b+5sLK0Axu/s07/K0DLkzdl97S+rzInZVXnbvWk3S1sT8
1FXTKRzC/d1/JpYoXjN/eqilo+2K/OHQYgsQCXId87qPIG5dSoAlBpJ/zbn2/vRe
hHrmah/fnFbJW47mHgnoPhZPu0Ys+6CR7Pf/AB5K54w/3laa+IE4FctXowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtMLoi18lbw5Ojjaig5b9FysZ6CMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbJIhh/Bd
lWyDDPq6JefRxMfdIPFWAT1RA5yrz8OKT8UG625oE74DeOpW5EvN8ZVpcWBe/Nel
Nll07im8VE0tENxV70KF67+AANe5FdAcUsrJWdO57oR9X1XsJfmfgih5ajV+2MD5
KPS6JkGuoE3irKROImBiQjmaT/mwgckPgMz7lMWxgR1p/1lHXFZvh65TneibEHzP
/WuWzhB0UCuYTz+Jik7w3cRnI+FuvvP0mIa28j0liem7sTuP4Hj22TPRvLltLgaR
/QxfslpPKXUCAk8pCmLTS4U6Dr/aYedHCa7fErwj+Os+W9PTFj5HuquPW//mTIu3
GLngXl/fAg0vwQ==
-----END CERTIFICATE-----