Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          7wBzQINqDixKRmLc7RbJlPKbYdf4X0HiODtfISaM7dg=
Subject key identifier:   71:99:10:F7:13:B5:87:22:88:88:10:F3:CE:40:48:28:8C:26:F5:AE
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       01967AC4B6F19E5E53D13D2443DD08F4D9B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0BE0
Signing time:             Mon 28 Apr 2025 05:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 05:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 05:00:34 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: TDzuWpO5FGf+0hNsZ+8ypr9UdR0XCnnkDZlc3PA0tIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:c4:b6:f1:9e:5e:53:d1:3d:24:43:dd:08:f4:d9:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Apr 28 05:00:34 2025 GMT
            Not After : Apr 29 05:00:34 2025 GMT
        Subject: CN=719910f713b58722888810f3ce4048288c26f5ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:a4:9c:98:89:37:61:e9:76:cf:ed:89:c8:
                    22:d3:9c:b6:64:6d:9f:ed:ff:d2:27:62:6f:f6:73:
                    07:de:2a:50:2f:a5:6c:a2:21:a3:f2:35:43:42:f2:
                    df:97:f0:33:2b:ea:08:3d:a6:97:dc:db:89:4b:6a:
                    e5:2d:3d:d1:e9:81:df:c8:03:d3:3c:7c:2a:1d:4d:
                    15:a0:24:e1:d7:56:4e:37:ed:da:26:76:53:9e:ec:
                    4c:37:79:c7:47:f9:cb:df:d2:d2:68:38:dc:65:c9:
                    72:96:55:0f:dc:b4:23:a2:f4:ed:4f:9d:5a:c1:27:
                    5a:05:ab:73:d7:ef:8e:a5:b8:9f:c7:28:fd:13:21:
                    19:52:19:7a:08:da:63:82:cc:03:ed:ad:85:95:de:
                    2f:1f:af:cc:50:1b:90:39:cc:fe:a3:00:b2:e9:24:
                    60:13:0d:70:d5:e0:58:6f:fe:47:a5:8d:9e:34:c5:
                    24:37:b6:d8:da:fd:b4:96:3d:05:f6:c4:a3:7d:d0:
                    16:e3:40:3a:1e:00:f5:08:55:54:20:c2:42:3f:bc:
                    f1:18:1c:d1:35:61:30:11:ef:09:53:df:e9:45:a3:
                    7b:e5:f1:7a:18:f2:bf:db:df:a2:28:5e:29:75:24:
                    bf:8e:68:64:84:e3:b0:ac:36:ed:1e:92:95:b1:0a:
                    f6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:99:10:F7:13:B5:87:22:88:88:10:F3:CE:40:48:28:8C:26:F5:AE
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:a0:21:96:5b:a7:3b:fa:3d:71:ac:5f:fb:3b:f6:d7:d1:f1:
         8f:b4:90:d5:c4:66:4d:e7:0a:34:83:6e:ba:44:c1:d8:9a:19:
         1f:a7:0f:f9:1b:c0:04:17:77:13:73:38:f2:fa:dd:ad:14:5e:
         4d:e9:6d:a2:e8:c6:ba:3b:c6:1d:20:a8:63:b0:9f:4e:10:cf:
         57:95:55:f3:22:b3:25:20:53:e4:65:65:fa:26:42:49:8c:31:
         76:98:70:4a:a2:1e:36:e8:12:3a:a8:23:b2:3b:fb:1a:71:ad:
         10:49:2f:1b:7b:17:49:ac:dd:38:2c:f6:2e:d2:85:34:b4:83:
         0f:d5:1c:2f:59:41:45:68:0e:42:4a:ae:f0:e9:d2:15:98:af:
         76:f4:20:4b:26:2d:81:1c:00:63:cc:9d:3f:7d:0e:c7:4a:65:
         2d:fe:fe:67:9d:82:72:f2:c3:b4:2b:80:c7:89:b8:12:51:81:
         88:17:3a:6e:11:2f:a9:bb:9d:87:74:2a:49:e8:2b:35:e8:e9:
         58:98:cd:8b:5d:b5:fb:ee:8d:f6:c0:3d:ba:cb:b9:19:cc:b9:
         35:9a:36:db:0e:6e:84:21:6c:86:fb:1c:c0:79:59:74:ec:51:
         ec:07:5c:96:34:c3:ab:a0:e3:a2:15:54:86:fb:68:26:26:9e:
         04:6a:28:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6xLbxnl5T0T0kQ90I9Nm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwNDI4MDUwMDM0WhcNMjUwNDI5MDUwMDM0WjAzMTEwLwYDVQQD
Eyg3MTk5MTBmNzEzYjU4NzIyODg4ODEwZjNjZTQwNDgyODhjMjZmNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvGknJiJN2Hpds/ticgi05y2ZG2f
7f/SJ2Jv9nMH3ipQL6VsoiGj8jVDQvLfl/AzK+oIPaaX3NuJS2rlLT3R6YHfyAPT
PHwqHU0VoCTh11ZON+3aJnZTnuxMN3nHR/nL39LSaDjcZclyllUP3LQjovTtT51a
wSdaBatz1++Opbifxyj9EyEZUhl6CNpjgswD7a2Fld4vH6/MUBuQOcz+owCy6SRg
Ew1w1eBYb/5HpY2eNMUkN7bY2v20lj0F9sSjfdAW40A6HgD1CFVUIMJCP7zxGBzR
NWEwEe8JU9/pRaN75fF6GPK/29+iKF4pdSS/jmhkhOOwrDbtHpKVsQr2lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGZEPcTtYciiIgQ885ASCiMJvWuMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJKAhllun
O/o9caxf+zv219Hxj7SQ1cRmTecKNINuukTB2JoZH6cP+RvABBd3E3M48vrdrRRe
TeltoujGujvGHSCoY7CfThDPV5VV8yKzJSBT5GVl+iZCSYwxdphwSqIeNugSOqgj
sjv7GnGtEEkvG3sXSazdOCz2LtKFNLSDD9UcL1lBRWgOQkqu8OnSFZivdvQgSyYt
gRwAY8ydP30Ox0plLf7+Z52CcvLDtCuAx4m4ElGBiBc6bhEvqbudh3QqSegrNejp
WJjNi121++6N9sA9usu5Gcy5NZo22w5uhCFshvscwHlZdOxR7AdcljTDq6DjohVU
hvtoJiaeBGoofQ==
-----END CERTIFICATE-----