Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          0Omfe1GGKcZIRIzzrlqx0ciTdmz5UJ7ao6rY14MnUWQ=
Subject key identifier:   85:D0:AA:78:BA:44:A3:35:84:DA:1D:5E:AA:DB:18:E1:B8:E6:E0:12
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       0197CBDED1FD972CA33319ADDB3DDD4B115E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0D61
Signing time:             Wed 02 Jul 2025 16:01:06 +0000
Manifest this update:     Wed 02 Jul 2025 16:01:06 +0000
Manifest next update:     Thu 03 Jul 2025 16:01:06 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: aWiY0q4aPB0Gs67zaaLtXTR/yyw464HQ8usuLLf7h3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:de:d1:fd:97:2c:a3:33:19:ad:db:3d:dd:4b:11:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Jul  2 16:01:06 2025 GMT
            Not After : Jul  3 16:01:06 2025 GMT
        Subject: CN=85d0aa78ba44a33584da1d5eaadb18e1b8e6e012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7c:90:40:e0:1a:85:6f:46:5c:59:e1:92:56:
                    37:73:8b:7f:e5:db:68:fc:2f:62:0d:7a:bd:80:84:
                    2e:7e:8e:de:5e:3f:51:6d:19:0d:ef:fa:69:c5:2c:
                    85:5d:01:4f:b1:97:7b:ee:ce:b1:83:2d:9e:25:44:
                    c6:af:6b:e0:99:2d:ff:df:0b:3d:75:98:15:f2:19:
                    08:20:b0:37:08:ef:77:e3:d1:66:73:54:df:9b:b8:
                    44:a2:b7:2c:38:9f:84:ec:d6:5f:52:7e:54:42:e1:
                    23:53:a7:b3:c0:97:af:67:2a:7e:b5:65:bd:f5:71:
                    44:e3:82:bf:6e:4e:95:98:6d:75:3c:37:43:a6:9c:
                    82:77:7e:a2:72:ef:1b:2b:04:8f:08:33:1c:21:1b:
                    d2:0d:7d:a9:b9:e8:8f:3a:0a:44:01:98:35:0c:85:
                    e9:07:4d:ef:42:24:e9:15:2a:ec:ea:85:8a:70:00:
                    35:30:a4:4c:4f:6e:a3:95:06:c2:67:e6:a2:66:ea:
                    54:d5:73:4c:cd:da:24:9c:9d:73:a6:76:8a:17:70:
                    fe:78:1b:b1:b3:eb:7d:72:21:ec:1f:68:a1:4e:72:
                    b4:94:34:ca:32:2c:74:94:6c:f0:51:e7:23:22:0a:
                    44:70:a7:32:93:8b:8c:7c:ee:6c:a1:2e:b6:f4:91:
                    66:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D0:AA:78:BA:44:A3:35:84:DA:1D:5E:AA:DB:18:E1:B8:E6:E0:12
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:b2:f7:4e:6f:a2:06:54:13:c6:d2:f5:de:5e:1c:43:ec:86:
         02:1a:85:d2:7f:d9:02:9e:ce:0c:92:94:b5:f5:37:b6:a3:55:
         78:0e:90:2a:34:d9:c1:f8:1e:5b:47:35:ee:eb:16:cd:d0:13:
         67:24:e8:2e:78:22:57:d7:35:61:4c:44:96:a0:a1:4c:d4:8c:
         3d:8f:44:8c:d3:a9:20:b2:47:3f:9e:6c:ca:b2:07:f0:cd:9b:
         51:7d:17:5a:43:8e:c1:f8:27:bd:2c:1a:4f:ce:f9:3c:81:4f:
         56:c5:f9:6d:c2:40:f1:a4:7e:4f:9c:a7:b7:1f:fa:cf:59:41:
         8e:77:1e:49:b1:2e:d4:85:11:4c:9e:06:9e:57:4f:9a:c7:f1:
         24:1d:2b:a3:d0:3e:4a:81:b9:43:95:a9:2c:91:a7:46:9a:d7:
         7c:7d:4c:08:61:df:a9:9c:aa:b8:9f:78:fa:33:c4:1b:c5:b7:
         c5:a8:ae:30:c5:33:82:4b:b4:ca:47:a5:2d:e6:f0:d3:44:4f:
         21:8a:fa:ab:48:2d:56:55:c7:e1:b1:b3:66:28:f7:7c:81:21:
         66:bf:fd:ca:6d:8f:1f:84:f0:90:9e:90:f2:b0:91:e9:5f:f6:
         4b:f5:bc:42:78:9b:7c:01:db:24:1e:12:50:e8:52:23:85:3e:
         31:ff:10:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL3tH9lyyjMxmt2z3dSxFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwNzAyMTYwMTA2WhcNMjUwNzAzMTYwMTA2WjAzMTEwLwYDVQQD
Eyg4NWQwYWE3OGJhNDRhMzM1ODRkYTFkNWVhYWRiMThlMWI4ZTZlMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHyQQOAahW9GXFnhklY3c4t/5dto
/C9iDXq9gIQufo7eXj9RbRkN7/ppxSyFXQFPsZd77s6xgy2eJUTGr2vgmS3/3ws9
dZgV8hkIILA3CO9349Fmc1Tfm7hEorcsOJ+E7NZfUn5UQuEjU6ezwJevZyp+tWW9
9XFE44K/bk6VmG11PDdDppyCd36icu8bKwSPCDMcIRvSDX2pueiPOgpEAZg1DIXp
B03vQiTpFSrs6oWKcAA1MKRMT26jlQbCZ+aiZupU1XNMzdoknJ1zpnaKF3D+eBux
s+t9ciHsH2ihTnK0lDTKMix0lGzwUecjIgpEcKcyk4uMfO5soS629JFmswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXQqni6RKM1hNodXqrbGOG45uASMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLL3Tm+i
BlQTxtL13l4cQ+yGAhqF0n/ZAp7ODJKUtfU3tqNVeA6QKjTZwfgeW0c17usWzdAT
ZyToLngiV9c1YUxElqChTNSMPY9EjNOpILJHP55syrIH8M2bUX0XWkOOwfgnvSwa
T875PIFPVsX5bcJA8aR+T5yntx/6z1lBjnceSbEu1IURTJ4GnldPmsfxJB0ro9A+
SoG5Q5WpLJGnRprXfH1MCGHfqZyquJ94+jPEG8W3xaiuMMUzgku0ykelLebw00RP
IYr6q0gtVlXH4bGzZij3fIEhZr/9ym2PH4TwkJ6Q8rCR6V/2S/W8QnibfAHbJB4S
UOhSI4U+Mf8QQA==
-----END CERTIFICATE-----