Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          AxNbRXCeHwPd8oYWM4tc4neomXMSDZ6jH0Ie+euEn5M=
Subject key identifier:   83:1E:14:9D:F2:85:E1:B5:13:E7:F0:6B:99:3A:7E:81:0E:75:88:00
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       0198733DC546ADF87F7A08096F1040C713DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          14BB
Signing time:             Mon 04 Aug 2025 04:01:24 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:24 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:24 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: Rjk7nCwn0oo8Qk0wpBIkFCGj18Uc9Nyli5ETCTgXm3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:c5:46:ad:f8:7f:7a:08:09:6f:10:40:c7:13:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Aug  4 04:01:24 2025 GMT
            Not After : Aug  5 04:01:24 2025 GMT
        Subject: CN=831e149df285e1b513e7f06b993a7e810e758800
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8d:10:cf:a1:07:78:25:20:b9:4a:0b:dc:40:
                    34:e4:cd:b8:81:3e:ee:ee:75:90:65:39:f5:19:63:
                    b3:dc:09:22:82:99:63:4c:a3:0a:5e:4a:12:ad:f7:
                    e9:d2:d9:3b:46:68:01:36:6e:79:f4:d5:5e:71:5b:
                    0b:e3:d3:77:f5:81:93:ef:e7:6c:44:80:d2:79:80:
                    17:c0:29:09:b2:dc:07:c2:0b:bd:ee:b3:b0:3f:5b:
                    e3:1b:14:b8:66:72:a3:69:54:db:55:c1:48:2a:d8:
                    fb:a7:6e:3e:cb:b1:62:19:f3:2d:ef:b9:09:5e:04:
                    4a:09:a4:c7:4b:5c:26:e7:8d:fb:cc:c4:20:d8:f1:
                    48:19:2d:f3:64:5f:d2:c6:5b:9d:9b:1a:4e:10:7e:
                    0f:54:35:2d:17:71:e3:45:21:71:0a:6d:6b:be:1d:
                    b0:48:be:48:70:c0:99:bf:2a:e0:0c:8d:09:2e:10:
                    39:e2:09:7f:1d:b5:19:35:e7:e3:d8:7c:7c:ef:40:
                    7f:cd:b8:56:df:55:42:d0:18:09:4d:a3:d1:03:b2:
                    0a:59:d8:cc:8e:8b:a3:59:31:47:1a:3c:77:9e:29:
                    c3:2f:14:15:d2:0d:a5:90:89:4e:35:36:95:35:7f:
                    c3:b9:84:2e:59:83:e2:2b:95:c4:a8:94:81:da:6a:
                    1c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:1E:14:9D:F2:85:E1:B5:13:E7:F0:6B:99:3A:7E:81:0E:75:88:00
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:ef:7c:90:1f:5c:25:f2:25:eb:3d:2f:a2:bf:5d:07:d9:05:
         63:05:2c:63:97:24:5f:b7:d7:bd:63:d6:46:aa:60:ed:f8:70:
         d0:b6:4e:16:cb:33:65:22:8e:d3:b9:45:77:82:8a:ca:b2:c5:
         a6:59:d1:1e:c7:5d:af:88:78:78:e4:d2:08:ed:36:db:2a:59:
         db:f1:54:88:e0:a2:92:4b:5c:83:77:c7:b5:2a:36:01:89:a8:
         dd:d7:97:3e:04:03:73:ca:af:77:40:13:3b:40:8d:d3:e0:93:
         5d:a6:40:23:82:74:7f:d0:a5:2e:c8:ad:78:3c:9c:e9:40:3c:
         b9:cc:3f:f8:ed:e7:0b:d3:5b:fd:33:ca:52:0d:26:27:51:e2:
         13:67:10:ed:b2:b2:d4:87:3b:3d:8c:6f:f4:eb:30:f2:c3:16:
         18:63:42:87:2a:37:e7:06:25:cc:5e:7e:f2:3e:de:d3:1d:80:
         f9:1c:8f:a7:e0:94:9e:a2:8e:e1:a2:95:9a:8c:1e:3a:2f:e6:
         9d:9b:56:b8:f2:5b:be:c7:af:b3:91:78:fa:49:02:fe:e6:6a:
         5a:c0:7c:81:a9:ce:e2:f6:31:f7:41:6d:eb:db:a5:81:c4:60:
         a9:c5:05:17:f9:4b:3e:5f:1e:6c:04:dd:dd:f8:f1:01:f8:7b:
         0e:ac:48:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPcVGrfh/eggJbxBAxxPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwODA0MDQwMTI0WhcNMjUwODA1MDQwMTI0WjAzMTEwLwYDVQQD
Eyg4MzFlMTQ5ZGYyODVlMWI1MTNlN2YwNmI5OTNhN2U4MTBlNzU4ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY0Qz6EHeCUguUoL3EA05M24gT7u
7nWQZTn1GWOz3AkigpljTKMKXkoSrffp0tk7RmgBNm559NVecVsL49N39YGT7+ds
RIDSeYAXwCkJstwHwgu97rOwP1vjGxS4ZnKjaVTbVcFIKtj7p24+y7FiGfMt77kJ
XgRKCaTHS1wm5437zMQg2PFIGS3zZF/SxludmxpOEH4PVDUtF3HjRSFxCm1rvh2w
SL5IcMCZvyrgDI0JLhA54gl/HbUZNefj2Hx870B/zbhW31VC0BgJTaPRA7IKWdjM
joujWTFHGjx3ninDLxQV0g2lkIlONTaVNX/DuYQuWYPiK5XEqJSB2mocHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMeFJ3yheG1E+fwa5k6foEOdYgAMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxO98kB9c
JfIl6z0vor9dB9kFYwUsY5ckX7fXvWPWRqpg7fhw0LZOFsszZSKO07lFd4KKyrLF
plnRHsddr4h4eOTSCO022ypZ2/FUiOCikktcg3fHtSo2AYmo3deXPgQDc8qvd0AT
O0CN0+CTXaZAI4J0f9ClLsiteDyc6UA8ucw/+O3nC9Nb/TPKUg0mJ1HiE2cQ7bKy
1Ic7PYxv9Osw8sMWGGNChyo35wYlzF5+8j7e0x2A+RyPp+CUnqKO4aKVmoweOi/m
nZtWuPJbvsevs5F4+kkC/uZqWsB8ganO4vYx90Ft69ulgcRgqcUFF/lLPl8ebATd
3fjxAfh7DqxI6Q==
-----END CERTIFICATE-----