Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          ZcwmahgkD6GRRk2P9Eg9ZBz/WZlEE4X7Ilf4l7olmpo=
Subject key identifier:   2A:34:D9:73:3B:06:50:5D:CF:E2:C4:A7:08:C9:3F:88:19:96:EE:1B
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       0196579463FFE1098FFFF991BA55973FD19F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          054B
Signing time:             Mon 21 Apr 2025 09:01:04 +0000
Manifest this update:     Mon 21 Apr 2025 09:01:04 +0000
Manifest next update:     Tue 22 Apr 2025 09:01:04 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: qWJpbAv2g4ikFLOQ7Qn2HGXF68vHAt64FWO/n38e8mU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:94:63:ff:e1:09:8f:ff:f9:91:ba:55:97:3f:d1:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Apr 21 09:01:04 2025 GMT
            Not After : Apr 22 09:01:04 2025 GMT
        Subject: CN=2a34d9733b06505dcfe2c4a708c93f881996ee1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:56:b0:d7:ec:e6:46:cc:e4:96:6b:6e:3c:63:
                    31:12:f3:4c:7b:f2:98:2d:c9:9e:17:b1:22:8e:9a:
                    ea:a3:4a:17:be:78:08:54:24:6d:2c:47:00:82:50:
                    24:39:db:96:d7:9d:b2:2e:1c:4c:1d:ab:64:ad:6b:
                    fd:16:66:16:70:0b:0a:75:1d:89:1e:e2:53:ff:f6:
                    92:41:57:9b:07:65:29:c2:e3:51:d9:14:c4:48:7c:
                    1d:0e:b8:b0:7b:cc:35:04:87:3e:72:bd:2c:2e:04:
                    70:8f:9e:6a:9e:a4:86:81:bd:1f:81:cd:bf:b2:71:
                    df:45:89:d6:1a:29:a3:63:5c:16:c5:74:8f:a6:02:
                    df:24:56:df:ed:cc:19:67:74:14:c3:41:da:c1:4a:
                    8e:eb:30:d0:2d:ec:c4:e3:80:8b:58:4d:a1:50:b9:
                    3b:3d:b8:7d:46:63:e4:11:a6:0b:51:10:3d:8f:be:
                    d3:48:ca:88:d2:a3:f5:97:e4:e5:21:ba:5a:7a:c1:
                    b6:dd:0c:74:4a:db:18:9e:19:95:a6:c1:7f:ab:0e:
                    b5:be:7a:58:d9:a5:1e:04:73:bf:95:7b:60:87:2a:
                    f8:b3:bb:86:67:1f:4a:5a:46:4d:9d:f0:d9:95:dc:
                    20:9f:07:d9:a6:75:d8:8c:00:79:dd:2b:68:35:9c:
                    31:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:34:D9:73:3B:06:50:5D:CF:E2:C4:A7:08:C9:3F:88:19:96:EE:1B
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:b4:0c:91:c2:34:22:3d:a2:8e:04:5e:cb:71:23:20:28:15:
         a1:26:2f:e6:d4:98:fe:ce:41:3d:5a:cc:3f:0e:83:ac:15:6f:
         53:64:50:aa:f2:ba:2a:91:50:62:dc:ed:37:d6:10:7f:81:de:
         85:5f:58:6d:ed:d3:3c:5c:7c:d4:43:d5:0c:da:50:dd:5f:14:
         7f:25:91:ea:11:1c:2f:1f:57:20:2f:00:fe:5b:0b:bf:07:97:
         f9:ce:c1:59:ae:fc:dd:ea:42:5e:2b:af:a8:4c:ac:36:44:ec:
         e3:9d:fd:ef:b7:98:11:5e:8a:a1:fc:91:bd:dc:b2:5a:19:2e:
         3c:91:59:09:7c:6f:c6:cb:46:77:83:91:f1:b4:a6:9a:c2:df:
         d9:2d:6d:ad:80:b5:7f:04:2f:65:aa:a4:a1:0e:5f:bc:aa:46:
         e4:bd:93:a5:e3:1e:b5:51:b2:92:5f:49:e8:98:99:a7:2a:63:
         1c:29:06:e2:c8:f6:25:dd:88:6e:c8:8c:51:a8:5d:63:dd:0f:
         67:86:c2:fd:18:9f:2a:de:9b:88:23:5f:83:b0:b3:6a:53:bd:
         33:74:cc:bb:1f:46:f3:04:52:11:5d:40:b5:3c:e3:14:05:9a:
         a0:cd:28:58:79:b0:37:c1:28:0e:06:9e:e0:b2:ab:2f:9d:b6:
         e7:ad:a3:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXlGP/4QmP//mRulWXP9GfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjUwNDIxMDkwMTA0WhcNMjUwNDIyMDkwMTA0WjAzMTEwLwYDVQQD
EygyYTM0ZDk3MzNiMDY1MDVkY2ZlMmM0YTcwOGM5M2Y4ODE5OTZlZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1aw1+zmRszklmtuPGMxEvNMe/KY
LcmeF7Eijprqo0oXvngIVCRtLEcAglAkOduW152yLhxMHatkrWv9FmYWcAsKdR2J
HuJT//aSQVebB2UpwuNR2RTESHwdDriwe8w1BIc+cr0sLgRwj55qnqSGgb0fgc2/
snHfRYnWGimjY1wWxXSPpgLfJFbf7cwZZ3QUw0HawUqO6zDQLezE44CLWE2hULk7
Pbh9RmPkEaYLURA9j77TSMqI0qP1l+TlIbpaesG23Qx0StsYnhmVpsF/qw61vnpY
2aUeBHO/lXtghyr4s7uGZx9KWkZNnfDZldwgnwfZpnXYjAB53StoNZwx1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCo02XM7BlBdz+LEpwjJP4gZlu4bMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbQMkcI0
Ij2ijgRey3EjICgVoSYv5tSY/s5BPVrMPw6DrBVvU2RQqvK6KpFQYtztN9YQf4He
hV9Ybe3TPFx81EPVDNpQ3V8UfyWR6hEcLx9XIC8A/lsLvweX+c7BWa783epCXiuv
qEysNkTs453977eYEV6KofyRvdyyWhkuPJFZCXxvxstGd4OR8bSmmsLf2S1trYC1
fwQvZaqkoQ5fvKpG5L2TpeMetVGykl9J6JiZpypjHCkG4sj2Jd2IbsiMUahdY90P
Z4bC/RifKt6biCNfg7CzalO9M3TMux9G8wRSEV1AtTzjFAWaoM0oWHmwN8EoDgae
4LKrL522562jtg==
-----END CERTIFICATE-----