Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          HQ+aTwz1NvtRm1bZwQNSLKPH/PQhSxUN/o+9e72RiRA=
Subject key identifier:   41:03:B9:CB:FB:D5:A7:9D:CE:B4:3B:59:60:C4:7D:E2:6C:57:F0:0D
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       0196BA11B92D91BD675E57B08566D51AF98A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 12:00:45 +0000
Manifest this update:     Sat 10 May 2025 12:00:45 +0000
Manifest next update:     Sun 11 May 2025 12:00:45 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: d38oZdFDrqvKL8urmB2IFnx4YpZKxJDacgyvGjPYI1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:11:b9:2d:91:bd:67:5e:57:b0:85:66:d5:1a:f9:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: May 10 12:00:45 2025 GMT
            Not After : May 11 12:00:45 2025 GMT
        Subject: CN=4103b9cbfbd5a79dceb43b5960c47de26c57f00d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d5:e7:84:c6:d5:38:da:ec:74:5a:84:68:00:
                    87:53:74:b7:11:35:7b:f3:15:51:eb:fb:48:91:4a:
                    78:e2:2b:7e:ff:db:a4:70:09:b2:e4:3d:8f:d7:8f:
                    f4:65:1a:9b:2f:97:2a:6f:42:fe:0d:57:92:41:46:
                    ac:8f:7a:95:a1:46:8c:8c:92:49:a4:76:95:8c:df:
                    b3:77:b3:c6:2c:cf:e5:cd:61:f1:18:87:19:1a:81:
                    44:cf:0c:9c:57:71:94:d3:c7:5a:bd:02:60:e4:46:
                    2b:9c:43:25:7c:78:06:1a:fe:52:5e:c1:1d:ba:b5:
                    9d:b6:22:7c:f3:b5:ee:51:4f:84:ed:08:a3:4e:77:
                    c6:9b:9f:fe:bb:a0:95:93:cf:1c:cd:dd:ca:ed:aa:
                    90:df:25:52:d1:54:1d:78:77:ab:fa:57:d5:e0:0a:
                    21:8f:78:7e:52:f6:6d:5b:6d:99:6c:76:cb:40:08:
                    35:dd:f9:b3:31:05:93:f4:48:13:47:c8:4f:31:86:
                    7c:39:ba:f3:6f:ea:2a:8d:63:50:5b:e8:2f:3d:87:
                    f5:87:c0:32:b9:6a:4e:cf:09:69:95:7f:c8:28:45:
                    98:9c:6d:21:5f:86:62:b9:37:5a:52:f6:ff:60:6e:
                    8e:00:4f:76:0b:be:70:73:68:8b:0b:a9:34:fc:7b:
                    74:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:03:B9:CB:FB:D5:A7:9D:CE:B4:3B:59:60:C4:7D:E2:6C:57:F0:0D
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:69:8c:7c:c0:0a:ca:39:f4:ee:04:e1:02:a5:e1:3a:77:17:
         29:79:23:9f:f0:84:78:d3:e2:dd:b6:31:fa:d5:f9:cf:c5:c6:
         6f:c4:d5:cd:38:a4:fc:2f:b0:67:c3:6a:1a:5f:d3:99:1d:1a:
         52:ad:52:34:47:ba:8a:77:57:f9:56:eb:8e:86:9c:b4:31:56:
         a9:d1:71:ed:d7:ad:2d:b4:c2:3b:78:80:e2:56:fe:51:0e:07:
         41:23:da:20:02:24:10:9b:ad:c2:ae:c2:30:71:e9:84:83:8a:
         19:71:7c:00:1e:d6:f0:7c:c7:88:b5:fb:53:a2:d3:e4:86:fc:
         f6:57:c8:7e:92:cf:55:0c:13:3b:28:bd:d0:b6:a0:13:73:b6:
         c1:db:eb:c5:9b:de:43:78:88:71:c1:78:34:25:4f:a3:05:b0:
         ed:c1:4f:bf:d0:a8:e2:02:3a:20:75:66:6c:95:97:90:d0:6a:
         23:2c:f3:27:ed:bc:84:4c:8d:1a:e6:a9:78:e2:0c:51:d1:7a:
         a4:dd:50:a3:98:84:8c:00:4a:dd:6a:fe:f4:84:96:e7:34:d8:
         02:fa:e1:2b:60:f0:85:4d:0f:d0:be:8b:8e:0e:a7:34:05:7a:
         23:24:d5:02:49:c1:1d:c7:ad:04:3b:14:f5:22:aa:f6:06:82:
         48:90:00:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6Ebktkb1nXlewhWbVGvmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwNTEwMTIwMDQ1WhcNMjUwNTExMTIwMDQ1WjAzMTEwLwYDVQQD
Eyg0MTAzYjljYmZiZDVhNzlkY2ViNDNiNTk2MGM0N2RlMjZjNTdmMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtXnhMbVONrsdFqEaACHU3S3ETV7
8xVR6/tIkUp44it+/9ukcAmy5D2P14/0ZRqbL5cqb0L+DVeSQUasj3qVoUaMjJJJ
pHaVjN+zd7PGLM/lzWHxGIcZGoFEzwycV3GU08davQJg5EYrnEMlfHgGGv5SXsEd
urWdtiJ887XuUU+E7QijTnfGm5/+u6CVk88czd3K7aqQ3yVS0VQdeHer+lfV4Aoh
j3h+UvZtW22ZbHbLQAg13fmzMQWT9EgTR8hPMYZ8Obrzb+oqjWNQW+gvPYf1h8Ay
uWpOzwlplX/IKEWYnG0hX4ZiuTdaUvb/YG6OAE92C75wc2iLC6k0/Ht06wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEDucv71aedzrQ7WWDEfeJsV/ANMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGmMfMAK
yjn07gThAqXhOncXKXkjn/CEeNPi3bYx+tX5z8XGb8TVzTik/C+wZ8NqGl/TmR0a
Uq1SNEe6indX+VbrjoactDFWqdFx7detLbTCO3iA4lb+UQ4HQSPaIAIkEJutwq7C
MHHphIOKGXF8AB7W8HzHiLX7U6LT5Ib89lfIfpLPVQwTOyi90LagE3O2wdvrxZve
Q3iIccF4NCVPowWw7cFPv9Co4gI6IHVmbJWXkNBqIyzzJ+28hEyNGuapeOIMUdF6
pN1Qo5iEjABK3Wr+9ISW5zTYAvrhK2DwhU0P0L6Ljg6nNAV6IyTVAknBHcetBDsU
9SKq9gaCSJAABw==
-----END CERTIFICATE-----