Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          A6limEZNs1WUU6vzpO7ghUrjeuDlpTEiVfBzx68oSNg=
Subject key identifier:   DD:B8:69:10:B5:78:3F:71:1C:06:D9:10:4A:E5:C7:42:DC:3D:02:1D
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019649A1745A4A1A3CD8A3D91818E5D92977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0C99
Signing time:             Fri 18 Apr 2025 16:00:39 +0000
Manifest this update:     Fri 18 Apr 2025 16:00:39 +0000
Manifest next update:     Sat 19 Apr 2025 16:00:39 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: lgaM1OrbX00PxDDvH7dpwZMYRA9R6iGb0p3q6JlreAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a1:74:5a:4a:1a:3c:d8:a3:d9:18:18:e5:d9:29:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Apr 18 16:00:39 2025 GMT
            Not After : Apr 19 16:00:39 2025 GMT
        Subject: CN=ddb86910b5783f711c06d9104ae5c742dc3d021d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8c:58:94:54:b7:e8:61:62:cd:10:02:10:ad:
                    5a:7a:46:3e:5e:dc:1a:3e:42:57:05:d0:2d:30:ff:
                    38:7b:31:73:10:ae:23:38:24:df:08:a1:67:36:22:
                    93:c5:07:21:37:b7:b0:4f:19:66:d9:1e:0b:60:91:
                    54:0f:ad:15:f5:0f:76:81:d2:12:47:3e:e7:7e:17:
                    d6:1e:06:01:fa:5c:e8:f4:54:41:be:42:95:50:2a:
                    61:32:96:90:63:f8:de:be:52:ba:81:4a:89:1b:48:
                    26:21:cf:0d:8b:57:f3:3c:22:02:ee:14:1e:af:7f:
                    0d:e2:7b:9f:92:f2:ff:18:3a:12:61:a2:7f:55:1a:
                    f8:86:9a:f4:93:fb:d5:0b:54:10:1e:97:6f:c8:ad:
                    fe:41:ff:36:a1:8d:d6:06:d8:ab:1a:3d:75:01:d4:
                    57:ab:85:2c:fd:6b:4e:51:57:3c:20:e5:34:9f:7a:
                    57:ee:01:d8:b8:b6:8a:d5:5c:3c:79:9f:c0:3a:f8:
                    d8:53:b3:2b:84:66:13:b1:90:d5:70:e3:37:61:81:
                    26:58:ed:1f:77:b0:1f:5d:1a:59:3b:08:aa:0e:4f:
                    75:d2:49:51:80:78:a4:c6:e4:52:eb:4f:1e:14:dd:
                    7a:7d:54:dd:56:b2:b3:42:24:28:75:9a:0d:01:6c:
                    50:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:B8:69:10:B5:78:3F:71:1C:06:D9:10:4A:E5:C7:42:DC:3D:02:1D
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:35:59:4c:f3:bb:e4:52:f3:f9:90:67:a9:8f:70:3c:ca:bb:
         d3:f0:88:4b:f3:b7:50:21:df:ea:37:2b:e5:86:f3:a2:f5:33:
         e0:03:1b:8d:d2:77:ce:35:af:5b:ea:3a:b0:de:cd:ca:a5:24:
         b2:79:a2:c0:90:ef:03:16:39:a6:c8:48:e9:ee:0e:4c:86:17:
         55:03:6e:ad:19:a9:82:d9:53:c0:29:6d:d9:94:d4:47:da:34:
         bb:2f:3c:99:0d:93:ab:74:a6:d9:4a:4a:e2:69:7f:1d:8e:8c:
         ca:6b:03:34:cb:09:a6:9a:d4:b6:19:c5:86:81:75:72:61:95:
         fd:85:04:50:44:fb:d4:fa:05:ca:78:1f:3b:0b:7e:5e:11:f5:
         12:37:a1:7c:27:f3:e8:a0:ea:84:e8:5a:85:9c:43:85:3f:69:
         89:e0:fe:1d:f4:d8:d2:58:ae:30:7b:76:b7:41:17:ec:87:dd:
         52:32:ec:d7:14:ca:29:84:8f:3c:d6:cd:0d:82:43:7c:45:11:
         46:1c:6a:4e:0d:ff:f0:10:24:d9:57:a2:77:53:5a:d9:13:ae:
         98:df:b9:f7:cc:5a:97:8b:e0:79:fc:56:be:6b:82:71:ab:a0:
         cd:52:d3:0e:6f:10:45:b1:9a:82:aa:a2:64:99:de:bd:3e:95:
         b1:34:a7:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJoXRaSho82KPZGBjl2Sl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwNDE4MTYwMDM5WhcNMjUwNDE5MTYwMDM5WjAzMTEwLwYDVQQD
EyhkZGI4NjkxMGI1NzgzZjcxMWMwNmQ5MTA0YWU1Yzc0MmRjM2QwMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IxYlFS36GFizRACEK1aekY+Xtwa
PkJXBdAtMP84ezFzEK4jOCTfCKFnNiKTxQchN7ewTxlm2R4LYJFUD60V9Q92gdIS
Rz7nfhfWHgYB+lzo9FRBvkKVUCphMpaQY/jevlK6gUqJG0gmIc8Ni1fzPCIC7hQe
r38N4nufkvL/GDoSYaJ/VRr4hpr0k/vVC1QQHpdvyK3+Qf82oY3WBtirGj11AdRX
q4Us/WtOUVc8IOU0n3pX7gHYuLaK1Vw8eZ/AOvjYU7MrhGYTsZDVcOM3YYEmWO0f
d7AfXRpZOwiqDk910klRgHikxuRS608eFN16fVTdVrKzQiQodZoNAWxQxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN24aRC1eD9xHAbZEErlx0LcPQIdMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABzVZTPO7
5FLz+ZBnqY9wPMq70/CIS/O3UCHf6jcr5YbzovUz4AMbjdJ3zjWvW+o6sN7NyqUk
snmiwJDvAxY5pshI6e4OTIYXVQNurRmpgtlTwClt2ZTUR9o0uy88mQ2Tq3Sm2UpK
4ml/HY6MymsDNMsJpprUthnFhoF1cmGV/YUEUET71PoFyngfOwt+XhH1EjehfCfz
6KDqhOhahZxDhT9pieD+HfTY0liuMHt2t0EX7IfdUjLs1xTKKYSPPNbNDYJDfEUR
RhxqTg3/8BAk2Veid1Na2ROumN+598xal4vgefxWvmuCcaugzVLTDm8QRbGagqqi
ZJnevT6VsTSneg==
-----END CERTIFICATE-----