Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
File:                     Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json)
Hash identifier:          InFeHVPe7d0U8s0taE464BRUQggU1btjbcl//Vcnq7Y=
Subject key identifier:   78:CA:DA:0C:60:45:87:52:48:34:50:21:3F:74:F2:4B:7B:7A:03:E7
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Certificate issuer:       /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial:       01975D5CD993A45BE4D405683C7FF4BE75E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
Manifest number:          1588
Signing time:             Wed 11 Jun 2025 05:00:55 +0000
Manifest this update:     Wed 11 Jun 2025 05:00:55 +0000
Manifest next update:     Thu 12 Jun 2025 05:00:55 +0000
Files and hashes:         1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: Jz/16Z/9y9YJXWH4d9RBTj24P8Qat9WvTsL0ARq5Ims=)
                          2: tBcUVtef6rZ0kSSzgGFNQ0aGmXk.roa (hash: axGcXX34atfoTeccVW4HcK4Aoj164U97BqMvxhWQBsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:5c:d9:93:a4:5b:e4:d4:05:68:3c:7f:f4:be:75:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
        Validity
            Not Before: Jun 11 05:00:55 2025 GMT
            Not After : Jun 12 05:00:55 2025 GMT
        Subject: CN=78cada0c60458752483450213f74f24b7b7a03e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:76:65:82:54:d1:30:c2:af:d1:43:04:3f:62:
                    70:ab:39:fc:47:80:70:26:c7:51:49:78:2f:62:0c:
                    e7:45:c4:76:ff:99:16:20:0a:3c:ff:62:15:f9:3e:
                    4f:43:97:77:1b:df:f8:01:90:11:5f:c4:a6:eb:ff:
                    90:54:f0:5f:08:0a:ce:31:8d:e6:69:a9:a2:1f:e2:
                    d0:bc:83:d1:93:9a:f7:fa:f2:37:68:71:45:d7:7b:
                    0b:9a:e2:2e:90:63:b7:fc:96:3b:3c:3e:d3:c0:65:
                    13:b2:5a:32:a6:6b:1c:23:f2:42:dd:4e:94:20:4f:
                    7d:4a:00:ef:4a:31:04:b8:47:cc:63:70:ae:b0:70:
                    4a:08:9b:a4:d7:1d:43:7c:59:13:aa:f7:47:8c:ff:
                    cd:27:84:34:a1:7b:11:eb:bb:6f:1d:38:19:19:57:
                    67:50:9e:15:ad:f7:e3:ee:85:20:30:23:38:f5:d5:
                    59:c5:04:d4:36:d0:65:fd:23:f9:bb:8f:ac:46:0a:
                    16:ac:c6:71:f3:c3:a7:51:63:b4:6c:24:ba:f7:bf:
                    ae:88:d0:eb:ea:53:c5:f0:ed:f4:ae:aa:9c:89:a6:
                    70:db:18:1c:eb:ec:11:fc:49:ca:49:5e:f7:7d:5b:
                    8d:62:45:e9:44:b9:5e:c8:2c:cf:d2:48:2c:b6:38:
                    6e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:CA:DA:0C:60:45:87:52:48:34:50:21:3F:74:F2:4B:7B:7A:03:E7
            X509v3 Authority Key Identifier:
                keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:7e:5b:ce:0b:f5:92:61:d8:3e:03:0f:e8:df:75:22:35:7d:
         76:c3:2f:39:ac:24:41:03:80:f6:e9:6d:d7:5f:27:46:21:fc:
         d1:54:c2:b6:81:0c:21:af:73:0e:e2:82:04:48:1a:5a:1f:f2:
         ac:c2:9d:29:ff:86:46:5c:6f:7c:05:26:1a:b9:cc:5b:38:19:
         be:6d:b4:67:77:db:fb:ef:53:b7:80:b2:1c:b3:94:50:a6:4e:
         85:35:34:d7:68:57:24:99:89:67:ff:35:a4:5a:ef:f5:e4:eb:
         f3:44:e3:0b:c3:20:67:65:e6:25:01:80:ae:e4:17:58:9c:15:
         5c:0c:e3:d0:f5:62:0a:b4:0c:e1:7c:12:c5:b0:17:0b:ae:98:
         12:39:ab:fd:14:0a:f2:31:1a:9d:e8:a0:79:85:a1:96:25:a5:
         60:95:1b:d8:e3:9e:43:a2:20:90:6a:9b:cf:c0:8b:e6:13:a5:
         6a:ce:48:30:8e:e7:16:12:36:30:c4:42:33:75:16:10:fe:3c:
         5d:10:cb:22:c3:17:a1:52:0c:23:06:19:ad:56:7d:a2:b6:70:
         70:b9:37:21:f9:4a:1e:2a:73:a9:4a:2e:23:57:b3:dd:6c:c9:
         f2:7d:fd:61:de:07:69:a7:42:21:68:54:a1:4e:3c:c8:ea:07:
         4b:57:be:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddXNmTpFvk1AVoPH/0vnXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjUwNjExMDUwMDU1WhcNMjUwNjEyMDUwMDU1WjAzMTEwLwYDVQQD
Eyg3OGNhZGEwYzYwNDU4NzUyNDgzNDUwMjEzZjc0ZjI0YjdiN2EwM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3ZlglTRMMKv0UMEP2Jwqzn8R4Bw
JsdRSXgvYgznRcR2/5kWIAo8/2IV+T5PQ5d3G9/4AZARX8Sm6/+QVPBfCArOMY3m
aamiH+LQvIPRk5r3+vI3aHFF13sLmuIukGO3/JY7PD7TwGUTsloypmscI/JC3U6U
IE99SgDvSjEEuEfMY3CusHBKCJuk1x1DfFkTqvdHjP/NJ4Q0oXsR67tvHTgZGVdn
UJ4Vrffj7oUgMCM49dVZxQTUNtBl/SP5u4+sRgoWrMZx88OnUWO0bCS697+uiNDr
6lPF8O30rqqciaZw2xgc6+wR/EnKSV73fVuNYkXpRLleyCzP0kgstjhuAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjK2gxgRYdSSDRQIT908kt7egPnMB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkX5bzgv1
kmHYPgMP6N91IjV9dsMvOawkQQOA9ult118nRiH80VTCtoEMIa9zDuKCBEgaWh/y
rMKdKf+GRlxvfAUmGrnMWzgZvm20Z3fb++9Tt4CyHLOUUKZOhTU012hXJJmJZ/81
pFrv9eTr80TjC8MgZ2XmJQGAruQXWJwVXAzj0PViCrQM4XwSxbAXC66YEjmr/RQK
8jEaneigeYWhliWlYJUb2OOeQ6IgkGqbz8CL5hOlas5IMI7nFhI2MMRCM3UWEP48
XRDLIsMXoVIMIwYZrVZ9orZwcLk3IflKHipzqUouI1ez3WzJ8n39Yd4HaadCIWhU
oU48yOoHS1e+aQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:17:01 2025 by rpki-client