Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File:                     qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier:          sE6pikWGJ5aAKIe2xdbroTGif+7kjbRiLSNVogrJmjw=
Subject key identifier:   87:36:3C:C5:FA:44:DE:FD:E5:DB:CF:FB:56:F1:8D:1F:E5:CE:5E:E7
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer:       /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial:       0197B6A0807FFD50E54BA16B9CAC226629A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:01 +0000
Files and hashes:         1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: aLbXYUAQQCqZ+glTN/px9ugacCrWWvUU6iI0Yd7fiis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:80:7f:fd:50:e5:4b:a1:6b:9c:ac:22:66:29:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
        Validity
            Not Before: Jun 28 13:01:01 2025 GMT
            Not After : Jun 29 13:01:01 2025 GMT
        Subject: CN=87363cc5fa44defde5dbcffb56f18d1fe5ce5ee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b4:10:a7:54:cb:06:76:21:6e:e3:ce:ae:48:
                    3d:17:66:66:17:d1:76:b0:c8:d2:db:16:25:a7:bc:
                    9e:62:ae:43:d4:ea:16:3b:ce:80:4f:bb:03:58:2d:
                    6b:d9:d7:7d:0c:34:8b:c2:9e:af:d3:15:42:7c:50:
                    93:95:d8:2b:17:30:46:41:48:49:e2:06:c4:34:06:
                    4f:0a:a2:50:43:37:38:9f:2e:00:43:ce:ab:09:bd:
                    50:cd:c0:b0:a8:13:62:d2:37:31:4b:38:4e:b9:9b:
                    a7:2b:d5:7e:c8:23:b0:b0:5c:c4:c1:0b:69:d0:f4:
                    b9:40:35:62:81:57:2b:ec:15:3f:41:02:1a:0b:50:
                    8e:66:ce:b5:a5:cf:55:d6:b0:7f:fd:7e:1c:ec:3a:
                    2d:43:0e:f7:66:5f:9c:d0:50:ad:50:30:b2:98:85:
                    68:57:d4:fc:71:1f:ea:52:92:55:b3:f7:40:b7:82:
                    29:8d:17:1a:84:fa:b6:46:0e:4d:bc:26:a0:bb:0a:
                    37:38:92:64:60:70:24:2b:9c:46:5c:0b:e3:09:26:
                    10:9d:8e:27:0f:78:02:9d:e3:6d:c3:80:cf:4c:5c:
                    5c:1c:4d:72:64:b0:68:06:39:0b:68:32:38:4c:e2:
                    c0:f3:ed:59:76:ef:d9:20:51:4a:c8:9b:b4:a2:87:
                    48:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:36:3C:C5:FA:44:DE:FD:E5:DB:CF:FB:56:F1:8D:1F:E5:CE:5E:E7
            X509v3 Authority Key Identifier:
                keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:66:f0:18:6e:9e:de:93:29:81:a1:50:1b:8b:fb:f7:93:24:
         e3:5b:11:48:5c:fc:09:b9:a5:a4:d5:ef:9b:ac:ad:4b:32:66:
         37:5f:01:2f:ef:a5:88:14:26:2f:2d:a4:7a:b0:e4:dd:30:e2:
         ad:e9:ce:b4:ab:fa:50:30:31:87:eb:ce:54:ef:f8:69:c9:9e:
         4c:5d:42:70:b5:f2:60:a6:24:36:ff:d4:c2:2c:b5:ee:d3:d7:
         53:f3:e9:72:db:49:47:66:a3:84:4e:63:66:a1:5f:6d:0d:4c:
         9c:47:c7:e6:a2:da:f3:57:6e:a4:74:59:e6:1e:ce:8a:1f:3a:
         93:0b:de:5e:e2:9c:27:91:ce:64:5c:c3:c9:bf:3d:f3:11:6f:
         a2:c0:47:0f:f2:49:eb:85:67:20:2c:f7:78:31:98:31:57:a8:
         40:56:78:63:40:76:a1:6b:78:c6:b3:82:41:b7:f6:46:5f:a0:
         48:f7:48:0d:3a:9e:02:d7:41:57:35:4b:24:9b:fe:01:a4:57:
         9b:92:90:c3:53:9f:56:02:06:4d:e4:c1:e6:a3:f5:06:c3:a9:
         28:67:40:89:5e:a0:96:95:e9:3e:9a:4f:26:a1:0e:1f:30:8a:
         0e:72:10:71:8e:41:c7:27:c9:2e:65:5d:be:fc:41:29:06:ce:
         f3:3e:8a:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIB//VDlS6FrnKwiZimmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjUwNjI4MTMwMTAxWhcNMjUwNjI5MTMwMTAxWjAzMTEwLwYDVQQD
Eyg4NzM2M2NjNWZhNDRkZWZkZTVkYmNmZmI1NmYxOGQxZmU1Y2U1ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bQQp1TLBnYhbuPOrkg9F2ZmF9F2
sMjS2xYlp7yeYq5D1OoWO86AT7sDWC1r2dd9DDSLwp6v0xVCfFCTldgrFzBGQUhJ
4gbENAZPCqJQQzc4ny4AQ86rCb1QzcCwqBNi0jcxSzhOuZunK9V+yCOwsFzEwQtp
0PS5QDVigVcr7BU/QQIaC1COZs61pc9V1rB//X4c7DotQw73Zl+c0FCtUDCymIVo
V9T8cR/qUpJVs/dAt4IpjRcahPq2Rg5NvCaguwo3OJJkYHAkK5xGXAvjCSYQnY4n
D3gCneNtw4DPTFxcHE1yZLBoBjkLaDI4TOLA8+1Zdu/ZIFFKyJu0oodIvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIc2PMX6RN795dvP+1bxjR/lzl7nMB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmbwGG6e
3pMpgaFQG4v795Mk41sRSFz8CbmlpNXvm6ytSzJmN18BL++liBQmLy2kerDk3TDi
renOtKv6UDAxh+vOVO/4acmeTF1CcLXyYKYkNv/Uwiy17tPXU/PpcttJR2ajhE5j
ZqFfbQ1MnEfH5qLa81dupHRZ5h7Oih86kwveXuKcJ5HOZFzDyb898xFvosBHD/JJ
64VnICz3eDGYMVeoQFZ4Y0B2oWt4xrOCQbf2Rl+gSPdIDTqeAtdBVzVLJJv+AaRX
m5KQw1OfVgIGTeTB5qP1BsOpKGdAiV6glpXpPppPJqEOHzCKDnIQcY5BxyfJLmVd
vvxBKQbO8z6K7g==
-----END CERTIFICATE-----