Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.mft
File:                     qqbmeSWCHkuHnIA-wKUiRflnOtA.mft (raw, json)
Hash identifier:          tt/vRll6f4iD7PpzW4XbA4B85vz1Ih9oeuYqraIKpX4=
Subject key identifier:   63:41:C0:5C:CC:2A:0D:15:0D:4A:B4:29:C9:1C:2F:FF:DF:55:96:F2
Authority key identifier: AA:A6:E6:79:25:82:1E:4B:87:9C:80:3E:C0:A5:22:45:F9:67:3A:D0
Certificate issuer:       /CN=aaa6e67925821e4b879c803ec0a52245f9673ad0
Certificate serial:       0196C38269AAF62624DEBA20A637236AC7E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qqbmeSWCHkuHnIA-wKUiRflnOtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.mft
Manifest number:          02D9
Signing time:             Mon 12 May 2025 08:00:25 +0000
Manifest this update:     Mon 12 May 2025 08:00:25 +0000
Manifest next update:     Tue 13 May 2025 08:00:25 +0000
Files and hashes:         1: qqbmeSWCHkuHnIA-wKUiRflnOtA.crl (hash: JIbDdJZI/oOpQ1V2vy4j4z4AQxhXF5mUHVCN/nRwOkg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qqbmeSWCHkuHnIA-wKUiRflnOtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 08:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:82:69:aa:f6:26:24:de:ba:20:a6:37:23:6a:c7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaa6e67925821e4b879c803ec0a52245f9673ad0
        Validity
            Not Before: May 12 08:00:25 2025 GMT
            Not After : May 13 08:00:25 2025 GMT
        Subject: CN=6341c05ccc2a0d150d4ab429c91c2fffdf5596f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e6:da:a3:54:42:e6:62:0b:7b:bd:26:c7:f9:
                    80:e1:1c:1a:79:bb:af:7d:65:5f:16:44:b0:97:1a:
                    e8:80:19:d6:42:b1:d2:ff:36:98:48:3b:f8:a7:03:
                    0c:33:5a:87:8f:3f:1b:0a:28:45:12:7e:c4:51:e5:
                    24:87:49:af:ed:57:cb:3a:9b:82:4c:20:6c:9b:2d:
                    a3:1b:85:53:e6:4a:a0:5a:f1:e2:f7:9f:d1:56:53:
                    26:b2:4a:73:f3:6a:cb:9a:e1:bd:89:18:80:b7:aa:
                    9d:da:3c:23:6b:91:58:62:86:5a:97:59:61:04:d0:
                    78:f8:ae:f1:a2:45:31:e9:3a:6e:dd:22:61:fe:c1:
                    75:12:82:91:3f:9a:e9:9f:67:8a:77:38:0e:d4:3f:
                    a2:81:23:f7:54:26:2d:6b:a6:ad:94:a5:3f:53:7f:
                    8e:32:c9:0a:91:8a:79:56:4f:dd:4c:5e:ec:24:fb:
                    1e:e8:2e:76:9b:a3:bc:5a:c8:f3:53:69:1b:3f:a2:
                    4b:b3:3a:0a:76:cd:04:02:e6:8a:c2:da:a9:2e:54:
                    03:66:08:e4:2c:3f:e3:74:fc:79:4c:4f:5a:24:ff:
                    16:a7:2f:ef:35:20:a8:93:eb:61:15:37:c7:b8:ec:
                    8a:65:67:de:50:e6:7f:c3:0d:76:44:5b:3c:35:f4:
                    b8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:41:C0:5C:CC:2A:0D:15:0D:4A:B4:29:C9:1C:2F:FF:DF:55:96:F2
            X509v3 Authority Key Identifier:
                keyid:AA:A6:E6:79:25:82:1E:4B:87:9C:80:3E:C0:A5:22:45:F9:67:3A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqbmeSWCHkuHnIA-wKUiRflnOtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/64ae5a-8622-45e2-9327-512f565ac011/1/qqbmeSWCHkuHnIA-wKUiRflnOtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:b8:20:8e:3d:01:09:2f:fb:b7:85:de:99:05:a6:38:d7:7a:
         cc:d0:26:f1:67:e1:b4:2d:29:01:ee:21:8c:a7:f2:36:15:30:
         34:5f:b3:98:f4:f6:c6:a2:63:0e:43:26:d3:e2:6d:e0:98:4a:
         52:8f:a7:83:8c:8d:f9:a5:79:80:47:23:00:e0:90:69:97:2a:
         45:ee:2e:04:73:47:6b:0a:69:9d:fc:a4:b5:7b:1c:49:86:e3:
         bb:bf:40:c1:df:ec:5a:67:df:a8:cb:fc:d6:61:88:10:0a:37:
         1e:83:2b:64:3a:96:d9:80:d0:6a:e2:05:a2:6e:bc:6c:85:76:
         d0:24:30:e8:80:94:9d:1d:c4:ad:ba:1c:54:0f:57:b8:df:29:
         5a:ab:f8:a9:a9:f0:57:1d:a3:90:a0:d0:8f:b0:07:c7:a1:9e:
         cf:5f:5f:9c:bd:bb:d7:2c:d0:b9:5f:e3:42:48:73:71:11:45:
         4a:e7:b8:89:35:ca:46:40:38:27:a0:38:8c:3f:59:71:48:ed:
         49:23:78:ac:58:1f:92:b5:4a:98:56:ff:4f:2b:2c:b8:75:59:
         4e:59:eb:14:d7:6a:81:a3:2b:ba:f8:7c:5b:78:a1:ce:4f:b7:
         79:ab:24:fa:ad:73:4d:6a:03:88:62:f6:17:13:c0:0b:51:6a:
         04:73:f9:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDgmmq9iYk3rogpjcjasfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYTZlNjc5MjU4MjFlNGI4NzljODAzZWMwYTUyMjQ1Zjk2
NzNhZDAwHhcNMjUwNTEyMDgwMDI1WhcNMjUwNTEzMDgwMDI1WjAzMTEwLwYDVQQD
Eyg2MzQxYzA1Y2NjMmEwZDE1MGQ0YWI0MjljOTFjMmZmZmRmNTU5NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmubao1RC5mILe70mx/mA4Rwaebuv
fWVfFkSwlxrogBnWQrHS/zaYSDv4pwMMM1qHjz8bCihFEn7EUeUkh0mv7VfLOpuC
TCBsmy2jG4VT5kqgWvHi95/RVlMmskpz82rLmuG9iRiAt6qd2jwja5FYYoZal1lh
BNB4+K7xokUx6Tpu3SJh/sF1EoKRP5rpn2eKdzgO1D+igSP3VCYta6atlKU/U3+O
MskKkYp5Vk/dTF7sJPse6C52m6O8WsjzU2kbP6JLszoKds0EAuaKwtqpLlQDZgjk
LD/jdPx5TE9aJP8Wpy/vNSCok+thFTfHuOyKZWfeUOZ/ww12RFs8NfS4fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNBwFzMKg0VDUq0KckcL//fVZbyMB8GA1UdIwQY
MBaAFKqm5nklgh5Lh5yAPsClIkX5ZzrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXFibWVTV0NIa3VIbklBLXdLVWlSZmxuT3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82NGFlNWEtODYyMi00NWUyLTkzMjct
NTEyZjU2NWFjMDExLzEvcXFibWVTV0NIa3VIbklBLXdLVWlSZmxuT3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82NGFlNWEtODYyMi00NWUyLTkzMjctNTEyZjU2NWFjMDEx
LzEvcXFibWVTV0NIa3VIbklBLXdLVWlSZmxuT3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASrggjj0B
CS/7t4XemQWmONd6zNAm8WfhtC0pAe4hjKfyNhUwNF+zmPT2xqJjDkMm0+Jt4JhK
Uo+ng4yN+aV5gEcjAOCQaZcqRe4uBHNHawppnfyktXscSYbju79Awd/sWmffqMv8
1mGIEAo3HoMrZDqW2YDQauIFom68bIV20CQw6ICUnR3ErbocVA9XuN8pWqv4qanw
Vx2jkKDQj7AHx6Gez19fnL271yzQuV/jQkhzcRFFSue4iTXKRkA4J6A4jD9ZcUjt
SSN4rFgfkrVKmFb/TyssuHVZTlnrFNdqgaMruvh8W3ihzk+3eask+q1zTWoDiGL2
FxPAC1FqBHP5HA==
-----END CERTIFICATE-----