Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
File:                     qfCQLHsw_sPg3PXyO_7fUBgjQps.mft (raw, json)
Hash identifier:          yxq27aaj9ahTJlmg8+9E7k4KiN0DgSFqiTn/Pf+FTzA=
Subject key identifier:   E1:21:F4:AD:7B:1C:1E:71:04:74:76:62:C1:15:40:B8:CF:1E:46:DB
Authority key identifier: A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
Certificate issuer:       /CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
Certificate serial:       0196BE25A30773DF1D806603097802ED57F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
Manifest number:          03C3
Signing time:             Sun 11 May 2025 07:00:59 +0000
Manifest this update:     Sun 11 May 2025 07:00:59 +0000
Manifest next update:     Mon 12 May 2025 07:00:59 +0000
Files and hashes:         1: qfCQLHsw_sPg3PXyO_7fUBgjQps.crl (hash: XaJnnx3gObMe2I3kAj0HiTjT7xSBWssT5q9hV0CkizY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:25:a3:07:73:df:1d:80:66:03:09:78:02:ed:57:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
        Validity
            Not Before: May 11 07:00:59 2025 GMT
            Not After : May 12 07:00:59 2025 GMT
        Subject: CN=e121f4ad7b1c1e7104747662c11540b8cf1e46db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:42:32:30:e8:e3:7b:87:e2:ea:65:36:62:aa:
                    8a:f4:60:86:33:45:c4:2a:e1:40:24:2c:77:ab:f2:
                    f6:e5:cb:cb:8c:8d:3b:ad:8a:d7:53:79:b0:75:56:
                    80:57:07:3c:d5:c0:15:f5:32:06:a8:84:11:5e:b7:
                    b6:24:ae:5a:2a:cf:cf:51:e9:6c:69:1a:0a:18:78:
                    36:22:8f:62:47:c7:a0:44:df:07:18:a6:51:08:c6:
                    0d:88:e6:ab:60:ac:1f:ee:9c:0f:a2:41:1d:ea:2b:
                    b9:78:51:43:54:a2:72:bd:5a:61:0c:47:ff:ba:14:
                    77:3a:92:bc:72:b7:f2:29:ea:a6:64:b3:ee:81:a7:
                    e8:4d:fb:78:3f:d5:8a:e7:af:91:5b:a0:3e:f9:f1:
                    fe:35:12:0d:64:dc:b0:be:bf:1e:f7:b5:a4:18:67:
                    29:dd:d4:e3:7b:73:83:d5:9c:d0:6b:6d:f3:f3:36:
                    9b:0f:00:79:f6:e4:1f:1b:4a:f8:0e:00:c5:cf:52:
                    db:1a:d4:62:ec:56:84:d5:82:19:b0:bc:e8:22:79:
                    84:4a:eb:e4:8b:89:02:53:68:90:bd:17:0f:55:72:
                    66:72:d4:26:ad:8c:1c:d9:de:b1:c1:30:e0:4d:af:
                    9e:a9:b8:b8:5d:2f:99:e8:b3:aa:14:53:19:0d:16:
                    e2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:21:F4:AD:7B:1C:1E:71:04:74:76:62:C1:15:40:B8:CF:1E:46:DB
            X509v3 Authority Key Identifier:
                keyid:A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:d4:c0:77:d9:d8:a6:88:a6:ce:1b:c7:67:c1:8e:2f:94:8e:
         85:8a:02:d2:36:3f:9f:e0:1e:f0:fb:08:79:e0:1d:1e:8a:3f:
         84:37:4f:c7:71:5f:c8:05:ef:92:28:87:7b:94:04:d6:89:4b:
         92:50:3d:36:95:d1:93:90:ea:e8:30:b4:c3:46:d5:0e:50:21:
         6f:af:5b:e0:0f:00:36:64:46:af:2c:a7:66:7f:cc:1f:23:53:
         2e:80:7a:cc:00:33:07:81:14:c4:28:75:bc:3c:95:88:51:87:
         7f:7b:4b:95:d7:4f:a5:0e:81:54:8a:40:d4:c3:a9:22:1b:dc:
         98:02:35:59:97:55:1b:c5:eb:35:56:c2:ab:85:7d:24:b6:d5:
         5a:b3:a6:f6:bb:8e:86:a0:4a:db:e1:e5:88:5f:ca:d5:1d:50:
         15:dc:5c:83:26:1c:ad:97:df:e9:ab:e6:76:6c:b2:2f:3e:f5:
         43:a5:7e:ad:c7:3a:4c:27:34:21:80:6c:5c:bb:e0:6d:7e:30:
         8e:0f:00:24:84:f8:43:06:57:55:c8:a7:86:08:71:f1:af:8d:
         1d:46:66:1f:b2:29:16:64:ec:24:e2:44:b5:32:de:8a:db:ab:
         25:d7:ad:b6:a5:5c:dc:7e:1b:61:38:6f:72:48:c9:f5:c1:9d:
         89:65:bb:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JaMHc98dgGYDCXgC7VfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjA5MDJjN2IzMGZlYzNlMGRjZjVmMjNiZmVkZjUwMTgy
MzQyOWIwHhcNMjUwNTExMDcwMDU5WhcNMjUwNTEyMDcwMDU5WjAzMTEwLwYDVQQD
EyhlMTIxZjRhZDdiMWMxZTcxMDQ3NDc2NjJjMTE1NDBiOGNmMWU0NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UIyMOjje4fi6mU2YqqK9GCGM0XE
KuFAJCx3q/L25cvLjI07rYrXU3mwdVaAVwc81cAV9TIGqIQRXre2JK5aKs/PUels
aRoKGHg2Io9iR8egRN8HGKZRCMYNiOarYKwf7pwPokEd6iu5eFFDVKJyvVphDEf/
uhR3OpK8crfyKeqmZLPugafoTft4P9WK56+RW6A++fH+NRINZNywvr8e97WkGGcp
3dTje3OD1ZzQa23z8zabDwB59uQfG0r4DgDFz1LbGtRi7FaE1YIZsLzoInmESuvk
i4kCU2iQvRcPVXJmctQmrYwc2d6xwTDgTa+eqbi4XS+Z6LOqFFMZDRbiOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEh9K17HB5xBHR2YsEVQLjPHkbbMB8GA1UdIwQY
MBaAFKnwkCx7MP7D4Nz18jv+31AYI0KbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUt
ODk2ODU2NWRmNjNhLzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUtODk2ODU2NWRmNjNh
LzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj9TAd9nY
poimzhvHZ8GOL5SOhYoC0jY/n+Ae8PsIeeAdHoo/hDdPx3FfyAXvkiiHe5QE1olL
klA9NpXRk5Dq6DC0w0bVDlAhb69b4A8ANmRGryynZn/MHyNTLoB6zAAzB4EUxCh1
vDyViFGHf3tLlddPpQ6BVIpA1MOpIhvcmAI1WZdVG8XrNVbCq4V9JLbVWrOm9ruO
hqBK2+HliF/K1R1QFdxcgyYcrZff6avmdmyyLz71Q6V+rcc6TCc0IYBsXLvgbX4w
jg8AJIT4QwZXVcinhghx8a+NHUZmH7IpFmTsJOJEtTLeiturJdettqVc3H4bYThv
ckjJ9cGdiWW75Q==
-----END CERTIFICATE-----