Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          /HxfTCuGlsOMrHnLA589I8dMyeNldOVknTT/NtEFeF4=
Subject key identifier:   68:25:9B:73:72:F7:F9:E1:84:52:7A:F9:A1:EA:29:EA:D8:A4:1D:5F
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       0197B7454347A3CCE69ACF6F8C06FE75391A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          04D9
Signing time:             Sat 28 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:59 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: ZA/Q+ghxgzp5xtK47cS9eTLpSI94PAU1HD9PiKJk7xY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:43:47:a3:cc:e6:9a:cf:6f:8c:06:fe:75:39:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Jun 28 16:00:59 2025 GMT
            Not After : Jun 29 16:00:59 2025 GMT
        Subject: CN=68259b7372f7f9e184527af9a1ea29ead8a41d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:91:fb:64:1f:48:e6:df:a5:71:74:93:0e:57:
                    68:a8:06:74:88:7e:f6:07:c2:79:e1:c4:2a:fc:c0:
                    da:f8:60:18:7b:6c:be:63:f6:6c:ac:46:ee:56:a4:
                    c9:72:ff:75:93:0a:b7:28:a3:66:34:bf:25:52:8a:
                    0c:9f:17:0e:96:65:ff:33:e9:d1:10:9d:05:5a:b7:
                    20:11:89:4e:b7:2c:b7:a0:cf:98:ae:7a:d5:7d:96:
                    d3:05:eb:e5:83:72:d1:7b:c4:f8:64:de:2f:e2:2b:
                    e8:be:8a:48:2e:25:36:35:21:62:a8:a2:6c:49:2b:
                    69:2b:cc:57:fc:47:d4:9a:99:fc:f5:0c:0d:9a:22:
                    e3:b2:76:12:bf:6b:99:b3:98:15:3c:08:f4:59:d1:
                    01:67:fb:be:bd:7a:9a:80:6c:ef:70:4b:b6:bb:0b:
                    06:cc:c0:d6:84:02:86:61:16:8a:38:05:00:ba:98:
                    18:56:1d:4a:32:05:a9:b3:73:8f:3e:c9:21:f8:46:
                    33:06:84:ae:96:59:99:36:e4:d6:55:be:62:d1:86:
                    bc:c3:e2:3d:74:51:2e:6a:31:8e:33:05:a1:de:9a:
                    07:04:89:df:94:44:3f:7e:a8:cc:82:4a:b6:37:2c:
                    ff:f0:36:7a:a5:c3:2b:06:4b:0d:cc:bc:dd:c6:d1:
                    77:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:25:9B:73:72:F7:F9:E1:84:52:7A:F9:A1:EA:29:EA:D8:A4:1D:5F
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:e8:47:08:c1:7c:4a:19:f2:3b:8b:77:97:b4:d6:b1:8d:49:
         79:8c:aa:2d:8f:14:3b:8d:92:ca:46:0c:8d:9c:cc:e0:6d:f5:
         d0:4e:e3:52:f3:f3:e9:ee:57:1b:87:ea:bc:fd:57:21:82:33:
         25:5d:d4:c9:48:94:cc:70:4e:85:4f:4c:7c:39:91:17:f9:ec:
         67:e5:c5:dc:bd:03:c4:43:4f:b3:72:e1:86:87:d4:02:d8:90:
         96:00:80:19:0c:b9:e9:a6:b0:fb:e5:c3:7d:bc:c3:51:9e:ee:
         e4:0c:9e:9f:b1:10:9e:8d:28:f9:7a:fa:65:82:ee:95:68:e0:
         12:f0:b2:d3:42:38:76:85:88:86:05:80:23:f0:18:81:a3:3e:
         f3:a2:5d:1f:77:5e:68:67:d5:c4:bd:4a:a5:0d:12:15:39:9c:
         68:1b:e3:71:7e:22:a0:18:05:5a:b2:e2:b9:77:8c:50:d3:e4:
         00:26:eb:57:41:fe:ed:27:ec:ad:0b:9a:64:5f:cd:f5:90:4e:
         7c:0b:7e:1a:02:40:65:87:82:81:92:d8:de:5b:8a:0c:b2:ce:
         1b:f5:ea:54:1e:25:55:bc:d8:2b:0c:33:2e:e0:dd:94:ba:99:
         6d:cc:7e:f8:9d:dd:4f:ee:36:20:d3:26:38:37:83:f1:bd:f0:
         00:ec:e3:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RUNHo8zmms9vjAb+dTkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUwNjI4MTYwMDU5WhcNMjUwNjI5MTYwMDU5WjAzMTEwLwYDVQQD
Eyg2ODI1OWI3MzcyZjdmOWUxODQ1MjdhZjlhMWVhMjllYWQ4YTQxZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJH7ZB9I5t+lcXSTDldoqAZ0iH72
B8J54cQq/MDa+GAYe2y+Y/ZsrEbuVqTJcv91kwq3KKNmNL8lUooMnxcOlmX/M+nR
EJ0FWrcgEYlOtyy3oM+YrnrVfZbTBevlg3LRe8T4ZN4v4ivovopILiU2NSFiqKJs
SStpK8xX/EfUmpn89QwNmiLjsnYSv2uZs5gVPAj0WdEBZ/u+vXqagGzvcEu2uwsG
zMDWhAKGYRaKOAUAupgYVh1KMgWps3OPPskh+EYzBoSullmZNuTWVb5i0Ya8w+I9
dFEuajGOMwWh3poHBInflEQ/fqjMgkq2Nyz/8DZ6pcMrBksNzLzdxtF37QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGglm3Ny9/nhhFJ6+aHqKerYpB1fMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXuhHCMF8
ShnyO4t3l7TWsY1JeYyqLY8UO42SykYMjZzM4G310E7jUvPz6e5XG4fqvP1XIYIz
JV3UyUiUzHBOhU9MfDmRF/nsZ+XF3L0DxENPs3LhhofUAtiQlgCAGQy56aaw++XD
fbzDUZ7u5Ayen7EQno0o+Xr6ZYLulWjgEvCy00I4doWIhgWAI/AYgaM+86JdH3de
aGfVxL1KpQ0SFTmcaBvjcX4ioBgFWrLiuXeMUNPkACbrV0H+7SfsrQuaZF/N9ZBO
fAt+GgJAZYeCgZLY3luKDLLOG/XqVB4lVbzYKwwzLuDdlLqZbcx++J3dT+42INMm
ODeD8b3wAOzjqA==
-----END CERTIFICATE-----