Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          0b1s9O66LbaCjz+cNO/4E8NRulO7lSnDZmRWNPPzvbQ=
Subject key identifier:   8B:72:37:0D:0D:C3:9B:FF:A7:49:BF:75:1D:E3:40:E5:05:CD:B0:8A
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       01976D74817CD3E181FF3D3FBEDC9EB36719
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          03F8
Signing time:             Sat 14 Jun 2025 08:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 08:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 08:00:41 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: p2mamWlUdGNKfIouiZNkya4IyrZ6x7Bkwkahg+9nzM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:74:81:7c:d3:e1:81:ff:3d:3f:be:dc:9e:b3:67:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Jun 14 08:00:41 2025 GMT
            Not After : Jun 15 08:00:41 2025 GMT
        Subject: CN=8b72370d0dc39bffa749bf751de340e505cdb08a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:8f:81:2b:91:93:d7:f7:98:2f:17:47:c4:18:
                    78:f9:68:da:15:dc:de:b2:44:bc:8c:00:e3:0a:c0:
                    7e:df:ae:31:57:b0:7c:0f:16:1c:79:e8:37:e2:89:
                    68:1d:ac:8a:7c:ff:70:e1:16:91:e7:4d:b5:db:3f:
                    d2:3b:32:3a:ff:50:c4:b3:57:f0:69:81:da:03:11:
                    72:49:64:f2:91:93:65:9e:c3:29:e1:51:62:4e:4b:
                    26:11:03:d6:2a:c5:c5:0f:c6:a3:9a:fc:0f:f8:2a:
                    2b:14:c2:45:a1:39:40:54:7f:6b:4e:53:7b:1c:7c:
                    5e:c4:b8:95:68:ee:25:7a:b3:fe:65:3a:59:4c:84:
                    eb:c7:1b:fa:be:6a:d2:22:24:c5:f0:22:1d:f5:3a:
                    ac:b4:4a:c9:38:65:4d:2e:f2:bf:df:5e:f4:a4:16:
                    28:f8:4c:cc:5c:14:23:75:6d:da:04:35:c0:75:9e:
                    3e:06:25:61:df:ef:fe:58:53:78:5a:95:96:25:83:
                    7b:c9:4d:2c:2f:c3:e2:44:a2:8e:87:9b:d7:34:91:
                    48:8e:c8:42:4d:6b:73:8c:fb:06:87:a4:3b:93:60:
                    7f:e6:88:1d:81:42:4c:11:6a:d0:85:f7:cc:1a:58:
                    b9:80:c5:20:50:59:20:ea:db:26:df:ac:20:a2:8c:
                    7d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:72:37:0D:0D:C3:9B:FF:A7:49:BF:75:1D:E3:40:E5:05:CD:B0:8A
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:89:fc:91:b5:46:43:dc:39:bd:ed:7d:2b:a7:09:e4:32:ba:
         09:2d:82:5e:a2:9e:c6:6b:dd:48:4b:de:3b:51:51:02:48:a6:
         c4:22:2f:0c:f7:19:2f:e5:d9:ef:5c:6d:52:ff:89:f1:f6:a2:
         b7:d3:ae:c5:a8:c0:28:55:1b:fb:d3:77:63:bd:f1:f8:8c:1e:
         e2:42:39:ee:01:f3:37:16:69:73:92:cc:eb:dc:92:99:b5:26:
         b3:99:05:df:c1:8b:f4:66:32:64:ec:92:46:33:2e:03:c9:44:
         ed:be:04:42:7a:3a:ca:4f:c5:cf:c3:f1:fe:31:ef:72:bc:a3:
         38:fe:e4:ca:56:2e:d8:ac:f4:2d:88:0e:88:60:e6:bf:d2:24:
         04:9d:21:5f:7a:8f:ee:d9:9c:00:72:1c:ed:ef:4c:a7:f0:41:
         6c:09:60:39:70:d4:b1:5a:fc:4a:89:4c:48:1f:44:41:32:f7:
         3a:80:0e:36:89:ea:31:cb:f3:7e:c1:f7:71:1b:56:87:e3:62:
         1e:60:74:47:85:21:c7:21:ad:2d:16:75:12:27:07:d4:c8:3c:
         11:3c:1a:3c:d0:6b:a5:c0:9c:6b:20:03:54:ae:6d:27:cb:92:
         65:6a:24:44:a7:1f:87:14:0e:cc:47:e2:1d:73:4f:bf:f6:f6:
         14:e4:e7:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtdIF80+GB/z0/vtyes2cZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwNjE0MDgwMDQxWhcNMjUwNjE1MDgwMDQxWjAzMTEwLwYDVQQD
Eyg4YjcyMzcwZDBkYzM5YmZmYTc0OWJmNzUxZGUzNDBlNTA1Y2RiMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24+BK5GT1/eYLxdHxBh4+WjaFdze
skS8jADjCsB+364xV7B8DxYceeg34oloHayKfP9w4RaR50212z/SOzI6/1DEs1fw
aYHaAxFySWTykZNlnsMp4VFiTksmEQPWKsXFD8ajmvwP+CorFMJFoTlAVH9rTlN7
HHxexLiVaO4lerP+ZTpZTITrxxv6vmrSIiTF8CId9TqstErJOGVNLvK/3170pBYo
+EzMXBQjdW3aBDXAdZ4+BiVh3+/+WFN4WpWWJYN7yU0sL8PiRKKOh5vXNJFIjshC
TWtzjPsGh6Q7k2B/5ogdgUJMEWrQhffMGli5gMUgUFkg6tsm36wgoox9cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItyNw0Nw5v/p0m/dR3jQOUFzbCKMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYn8kbVG
Q9w5ve19K6cJ5DK6CS2CXqKexmvdSEveO1FRAkimxCIvDPcZL+XZ71xtUv+J8fai
t9OuxajAKFUb+9N3Y73x+Iwe4kI57gHzNxZpc5LM69ySmbUms5kF38GL9GYyZOyS
RjMuA8lE7b4EQno6yk/Fz8Px/jHvcryjOP7kylYu2Kz0LYgOiGDmv9IkBJ0hX3qP
7tmcAHIc7e9Mp/BBbAlgOXDUsVr8SolMSB9EQTL3OoAONonqMcvzfsH3cRtWh+Ni
HmB0R4UhxyGtLRZ1EicH1Mg8ETwaPNBrpcCcayADVK5tJ8uSZWokRKcfhxQOzEfi
HXNPv/b2FOTnyg==
-----END CERTIFICATE-----