Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          xtN70/YZi+i5jhIl7D7l71cbp5lZlSp0xyQkqCNOZFg=
Subject key identifier:   65:7D:E7:EB:E4:0D:1E:4A:AB:E2:55:D5:AF:B0:5B:2F:F7:BE:6C:67
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       0197B5FBD8240ABE19D4F80707CE30265886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1459
Signing time:             Sat 28 Jun 2025 10:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:10 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: fhXU0LwTTQlFvFR/vO1lT7e6WQOPuRTAiPwicfgMUkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:d8:24:0a:be:19:d4:f8:07:07:ce:30:26:58:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Jun 28 10:01:10 2025 GMT
            Not After : Jun 29 10:01:10 2025 GMT
        Subject: CN=657de7ebe40d1e4aabe255d5afb05b2ff7be6c67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d5:58:8b:82:2e:d2:7f:3f:12:4a:85:39:71:
                    db:66:cd:8c:2b:4e:dd:93:e0:fa:79:cf:46:7d:c2:
                    0d:dc:8b:6b:e5:89:07:11:70:56:99:da:f7:ce:e4:
                    c8:d4:af:76:6e:44:1a:71:35:4a:71:a7:b1:15:23:
                    bd:23:2a:ec:2b:13:29:e5:98:21:8d:9f:07:bb:53:
                    ec:ab:6d:25:0f:ed:e1:e7:bd:8d:9e:24:3e:93:be:
                    3b:fd:37:e3:61:d4:39:f7:fe:59:1b:68:c8:f1:9a:
                    6e:be:4c:01:40:13:19:63:0f:cb:4f:4f:fa:a0:36:
                    26:cc:c6:10:82:19:66:84:a8:27:36:45:1e:ee:ab:
                    32:ae:43:48:b2:65:74:9b:78:bb:5e:ba:25:7d:e8:
                    47:a3:81:13:c8:1a:41:17:ca:96:4f:65:77:d0:0d:
                    6c:3f:8a:59:6d:5c:c8:fd:fa:83:b7:80:75:96:83:
                    17:87:f7:a0:0b:d9:c3:67:16:4d:e8:d5:14:6c:58:
                    d1:f1:3c:cc:fa:c5:1f:72:9b:25:61:25:7a:83:d6:
                    0a:6c:68:df:8d:23:bb:a6:26:1a:c8:01:6f:c8:99:
                    d3:57:fb:ef:42:cb:ea:59:15:91:14:d8:d9:c4:63:
                    11:c1:47:68:11:dc:55:1c:7e:d0:0a:83:a1:ba:57:
                    63:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:7D:E7:EB:E4:0D:1E:4A:AB:E2:55:D5:AF:B0:5B:2F:F7:BE:6C:67
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:cd:f0:6f:fe:5d:2f:57:0d:86:28:ca:2f:c6:6e:4b:d8:60:
         b3:33:87:8e:9c:ac:17:eb:bb:0b:5a:26:4c:65:0c:46:0c:c8:
         8a:e2:79:3d:53:92:5f:94:14:be:b2:5a:e2:33:55:1f:87:93:
         a0:1f:f4:b2:0c:45:fe:9f:44:e5:ef:71:04:15:75:de:3c:7b:
         ec:db:b7:99:af:81:02:d6:7f:77:5d:f8:95:53:9a:44:74:63:
         e8:5f:99:6f:84:4b:51:72:bf:ec:cb:90:77:19:12:0c:6d:9c:
         1c:81:c5:01:cc:cb:e3:76:26:74:cc:11:2b:d1:c7:0a:58:06:
         98:09:a8:b2:13:0e:07:33:64:f6:cc:57:89:30:6c:f7:00:99:
         00:ef:74:c1:bc:21:7d:b7:8e:2d:c3:e8:61:64:88:9e:57:4d:
         16:a2:f0:60:c8:c0:f6:a2:f4:28:6b:c8:d1:02:d8:03:b0:d1:
         03:69:f6:72:61:aa:ab:d5:ba:eb:e6:0d:04:c5:a8:54:d9:36:
         4a:91:fe:e9:8d:d3:8e:c6:e2:9d:39:10:9d:79:d9:42:95:8c:
         71:b1:ba:61:48:e9:7a:ba:66:83:e6:4d:70:99:db:70:e7:45:
         e2:a7:b3:fc:e0:26:7a:f5:ef:44:05:73:b0:6a:b7:67:95:c4:
         a0:32:1f:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1+9gkCr4Z1PgHB84wJliGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwNjI4MTAwMTEwWhcNMjUwNjI5MTAwMTEwWjAzMTEwLwYDVQQD
Eyg2NTdkZTdlYmU0MGQxZTRhYWJlMjU1ZDVhZmIwNWIyZmY3YmU2YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9VYi4Iu0n8/EkqFOXHbZs2MK07d
k+D6ec9GfcIN3Itr5YkHEXBWmdr3zuTI1K92bkQacTVKcaexFSO9IyrsKxMp5Zgh
jZ8Hu1Psq20lD+3h572NniQ+k747/TfjYdQ59/5ZG2jI8ZpuvkwBQBMZYw/LT0/6
oDYmzMYQghlmhKgnNkUe7qsyrkNIsmV0m3i7XrolfehHo4ETyBpBF8qWT2V30A1s
P4pZbVzI/fqDt4B1loMXh/egC9nDZxZN6NUUbFjR8TzM+sUfcpslYSV6g9YKbGjf
jSO7piYayAFvyJnTV/vvQsvqWRWRFNjZxGMRwUdoEdxVHH7QCoOhuldjuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGV95+vkDR5Kq+JV1a+wWy/3vmxnMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXM3wb/5d
L1cNhijKL8ZuS9hgszOHjpysF+u7C1omTGUMRgzIiuJ5PVOSX5QUvrJa4jNVH4eT
oB/0sgxF/p9E5e9xBBV13jx77Nu3ma+BAtZ/d134lVOaRHRj6F+Zb4RLUXK/7MuQ
dxkSDG2cHIHFAczL43YmdMwRK9HHClgGmAmoshMOBzNk9sxXiTBs9wCZAO90wbwh
fbeOLcPoYWSInldNFqLwYMjA9qL0KGvI0QLYA7DRA2n2cmGqq9W66+YNBMWoVNk2
SpH+6Y3TjsbinTkQnXnZQpWMcbG6YUjperpmg+ZNcJnbcOdF4qez/OAmevXvRAVz
sGq3Z5XEoDIf5w==
-----END CERTIFICATE-----