Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          oKAPLeUWHJqbvUE0a6hdYAbxIJ9mDqm9FGqn4aUWA/g=
Subject key identifier:   FC:E3:A6:5A:7C:83:B9:3A:AA:AE:D7:1A:4F:C6:72:DB:54:86:B7:E8
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019768BBC2A8F483EBC9AF72C3A9C95F2299
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1431
Signing time:             Fri 13 Jun 2025 10:00:24 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:24 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:24 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: CXkC7X1Pu8kiD5jIZrTrDHnEd29RZZlWVePrIFQmyLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:c2:a8:f4:83:eb:c9:af:72:c3:a9:c9:5f:22:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Jun 13 10:00:24 2025 GMT
            Not After : Jun 14 10:00:24 2025 GMT
        Subject: CN=fce3a65a7c83b93aaaaed71a4fc672db5486b7e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a2:72:ce:54:ca:0c:a5:17:ba:b6:c8:cd:64:
                    b0:78:0f:9a:d2:b6:4b:e4:2c:9d:76:55:00:03:56:
                    0f:82:23:c4:75:b9:c5:ab:11:2e:5d:86:47:06:9c:
                    ca:1a:b3:a0:b4:ea:b1:5d:78:46:76:05:74:61:be:
                    7c:61:1c:2f:8c:93:89:0f:91:b2:e1:f9:1c:1d:f6:
                    62:b9:ba:97:82:99:0d:aa:e4:89:f7:61:9c:de:fc:
                    ea:ab:1b:a4:fb:14:85:53:ff:5d:51:16:d3:ad:b0:
                    bb:63:0f:36:27:71:c0:a9:55:ec:2e:f0:ad:b2:70:
                    cd:55:97:23:e4:45:dc:fa:e1:11:2a:af:0a:43:81:
                    50:db:39:ab:34:42:78:83:90:a7:49:9e:64:2e:12:
                    ba:9f:0c:3e:c6:c1:8d:75:08:ab:ae:8e:16:04:b6:
                    6a:23:a8:b0:99:0c:a0:21:8a:e2:9d:36:0f:9a:0a:
                    74:53:2a:2f:26:15:67:ac:9c:c6:aa:41:8e:5c:5f:
                    dd:1f:63:14:d0:24:77:2f:c6:c0:a3:b8:b9:d9:52:
                    9d:7f:e6:f3:73:d9:25:9d:fd:91:36:e1:94:fa:85:
                    fe:a5:96:f4:41:5a:f7:29:7d:c7:eb:96:9f:65:74:
                    3e:e4:35:1b:13:e4:aa:00:39:5d:49:a8:4c:97:10:
                    91:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:E3:A6:5A:7C:83:B9:3A:AA:AE:D7:1A:4F:C6:72:DB:54:86:B7:E8
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:d2:13:92:03:8c:8e:ca:8f:27:63:5b:b4:77:98:09:43:a4:
         c5:c9:86:78:da:25:e7:d3:34:f4:d6:31:41:b0:f6:d5:ba:8c:
         b6:4f:7d:33:49:8a:8e:b0:3d:d3:1b:f3:a1:76:5d:3f:df:98:
         c0:dd:17:54:e9:ca:16:1f:60:c3:b9:a8:42:a3:0c:0a:a3:9d:
         49:e4:74:fa:66:2a:b9:d3:ba:cf:d2:ec:29:6d:86:be:11:59:
         5b:88:a6:0f:b4:c6:b0:e1:cf:e5:80:0d:46:2c:c6:91:74:5d:
         93:3c:1d:ea:c5:ff:49:81:6f:4f:1b:e0:38:29:dc:a9:fe:d2:
         06:33:91:6e:7b:47:fa:23:d8:98:7b:fb:16:a3:13:9b:24:89:
         29:51:cd:9b:20:0c:d9:98:13:1a:9e:d3:06:d5:44:bb:96:49:
         59:d2:1f:ea:f4:ea:83:c7:17:fb:b1:a1:3e:61:cf:7d:fc:0e:
         71:ce:31:18:65:19:61:5e:95:16:2a:a5:8d:3b:c1:75:6d:01:
         d6:4c:8b:5b:5b:67:ee:a4:64:51:85:b5:9a:4d:05:23:65:f8:
         37:0d:ee:06:43:26:b7:5b:68:f4:3d:46:e9:5a:fe:a9:83:1e:
         f2:6c:bc:16:9a:e5:29:a5:87:9b:ea:22:6e:ba:ab:b7:fc:57:
         b3:41:25:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou8Ko9IPrya9yw6nJXyKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwNjEzMTAwMDI0WhcNMjUwNjE0MTAwMDI0WjAzMTEwLwYDVQQD
EyhmY2UzYTY1YTdjODNiOTNhYWFhZWQ3MWE0ZmM2NzJkYjU0ODZiN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6JyzlTKDKUXurbIzWSweA+a0rZL
5CyddlUAA1YPgiPEdbnFqxEuXYZHBpzKGrOgtOqxXXhGdgV0Yb58YRwvjJOJD5Gy
4fkcHfZiubqXgpkNquSJ92Gc3vzqqxuk+xSFU/9dURbTrbC7Yw82J3HAqVXsLvCt
snDNVZcj5EXc+uERKq8KQ4FQ2zmrNEJ4g5CnSZ5kLhK6nww+xsGNdQirro4WBLZq
I6iwmQygIYrinTYPmgp0UyovJhVnrJzGqkGOXF/dH2MU0CR3L8bAo7i52VKdf+bz
c9klnf2RNuGU+oX+pZb0QVr3KX3H65afZXQ+5DUbE+SqADldSahMlxCRKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzjplp8g7k6qq7XGk/GcttUhrfoMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZNITkgOM
jsqPJ2NbtHeYCUOkxcmGeNol59M09NYxQbD21bqMtk99M0mKjrA90xvzoXZdP9+Y
wN0XVOnKFh9gw7moQqMMCqOdSeR0+mYqudO6z9LsKW2GvhFZW4imD7TGsOHP5YAN
RizGkXRdkzwd6sX/SYFvTxvgOCncqf7SBjORbntH+iPYmHv7FqMTmySJKVHNmyAM
2ZgTGp7TBtVEu5ZJWdIf6vTqg8cX+7GhPmHPffwOcc4xGGUZYV6VFiqljTvBdW0B
1kyLW1tn7qRkUYW1mk0FI2X4Nw3uBkMmt1to9D1G6Vr+qYMe8my8FprlKaWHm+oi
brqrt/xXs0ElpA==
-----END CERTIFICATE-----