Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
File:                     Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json)
Hash identifier:          vgJ/7xPNuv7oIP93UWohsu2t5qRD7X3qrb37Waq2C4M=
Subject key identifier:   68:46:B4:3C:6A:46:58:96:AC:55:42:7F:60:05:32:9F:5C:A5:1F:2A
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Certificate issuer:       /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial:       0197597F9D1DB12A8D581EA2ABFB5B79CE0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
Manifest number:          1586
Signing time:             Tue 10 Jun 2025 11:00:24 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:24 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:24 +0000
Files and hashes:         1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: w6FBp8NQKxQV10bgGEbBL5CrS0yAs2CXf+SDbpkFSnQ=)
                          2: tBcUVtef6rZ0kSSzgGFNQ0aGmXk.roa (hash: axGcXX34atfoTeccVW4HcK4Aoj164U97BqMvxhWQBsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:7f:9d:1d:b1:2a:8d:58:1e:a2:ab:fb:5b:79:ce:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
        Validity
            Not Before: Jun 10 11:00:24 2025 GMT
            Not After : Jun 11 11:00:24 2025 GMT
        Subject: CN=6846b43c6a465896ac55427f6005329f5ca51f2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b9:84:64:3e:5c:38:73:60:6a:9a:7a:3e:c3:
                    ea:f7:16:b2:d4:cc:bb:c4:5d:14:b9:57:57:5f:9d:
                    64:1c:7f:b6:ca:37:60:6d:87:f3:b0:ea:13:9a:55:
                    9f:d7:34:96:76:a4:98:1e:61:3b:54:0d:f4:4e:24:
                    51:ab:4c:d9:8b:00:f5:b5:90:7d:92:4c:80:68:d2:
                    8c:31:89:fc:ea:40:9b:19:d4:22:91:ab:7e:16:32:
                    23:fe:a1:63:c4:00:68:70:c8:fd:b6:18:06:81:b5:
                    83:7f:1a:d4:a1:91:6c:71:ac:1f:20:84:65:d2:09:
                    43:0d:63:ac:de:c3:ab:a8:f1:86:a5:e4:3f:d0:ca:
                    c4:06:32:22:40:8a:ba:52:41:c6:81:c0:9f:79:ad:
                    d8:cc:56:e9:1d:62:17:1f:2a:5f:a4:c4:ae:d8:bd:
                    53:13:59:db:bc:af:99:35:fd:b5:d0:db:2e:6a:10:
                    8b:fd:8e:3c:ee:07:d7:bb:3a:fd:06:e4:5e:a0:38:
                    18:7c:70:6c:17:e0:f0:39:90:7b:47:7c:ae:29:86:
                    b8:5c:7a:30:ff:77:d6:f6:54:2d:ac:dc:cf:9d:10:
                    81:57:dd:3c:34:1c:40:38:68:fa:b4:47:53:ed:49:
                    57:19:fc:95:e2:e8:26:bf:99:20:fe:5b:49:26:80:
                    eb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:46:B4:3C:6A:46:58:96:AC:55:42:7F:60:05:32:9F:5C:A5:1F:2A
            X509v3 Authority Key Identifier:
                keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:87:25:80:13:3b:2e:6a:1b:5b:9e:4c:2b:df:7d:08:9f:6f:
         65:5e:88:0f:10:f5:51:61:36:af:f6:59:b6:06:56:26:0e:3d:
         66:fc:ff:24:a0:1a:1a:e8:d3:0f:8b:88:c9:8d:1a:30:34:24:
         b9:33:6b:9d:47:a7:61:f8:44:0e:b0:c1:71:2a:30:bb:97:48:
         4c:0c:ef:87:5c:10:bd:ed:32:d6:b5:6e:e1:40:f2:18:51:fb:
         08:ee:e5:f8:32:94:ec:71:f6:a8:d2:98:b2:db:9f:84:b9:31:
         d6:a7:70:3d:b9:2f:35:a2:0a:69:70:79:41:76:0b:e4:2f:ea:
         cb:8b:28:30:2d:7b:4f:06:f3:15:78:b8:34:ce:75:5b:8d:62:
         d6:6f:95:11:6d:cd:c8:41:00:2e:33:e3:37:e2:25:06:b0:4f:
         c4:5e:87:8d:14:16:b4:18:19:0d:8a:4c:db:5e:b6:ac:47:cb:
         a1:ed:3b:6b:de:47:66:d3:89:67:ba:6a:60:19:be:fe:09:0c:
         fe:4e:80:4d:6d:c4:8d:41:66:e3:04:a5:76:2b:a3:4e:02:7d:
         86:17:4f:f1:dc:f2:d8:78:90:1f:61:8e:a4:2d:dc:3a:0d:07:
         68:d2:e0:a5:26:93:8b:20:72:4f:d1:55:b9:5c:80:4a:a8:22:
         8f:4a:61:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf50dsSqNWB6iq/tbec4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjUwNjEwMTEwMDI0WhcNMjUwNjExMTEwMDI0WjAzMTEwLwYDVQQD
Eyg2ODQ2YjQzYzZhNDY1ODk2YWM1NTQyN2Y2MDA1MzI5ZjVjYTUxZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbmEZD5cOHNgapp6PsPq9xay1My7
xF0UuVdXX51kHH+2yjdgbYfzsOoTmlWf1zSWdqSYHmE7VA30TiRRq0zZiwD1tZB9
kkyAaNKMMYn86kCbGdQikat+FjIj/qFjxABocMj9thgGgbWDfxrUoZFscawfIIRl
0glDDWOs3sOrqPGGpeQ/0MrEBjIiQIq6UkHGgcCfea3YzFbpHWIXHypfpMSu2L1T
E1nbvK+ZNf210NsuahCL/Y487gfXuzr9BuReoDgYfHBsF+DwOZB7R3yuKYa4XHow
/3fW9lQtrNzPnRCBV908NBxAOGj6tEdT7UlXGfyV4ugmv5kg/ltJJoDrTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhGtDxqRliWrFVCf2AFMp9cpR8qMB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIclgBM7
LmobW55MK999CJ9vZV6IDxD1UWE2r/ZZtgZWJg49Zvz/JKAaGujTD4uIyY0aMDQk
uTNrnUenYfhEDrDBcSowu5dITAzvh1wQve0y1rVu4UDyGFH7CO7l+DKU7HH2qNKY
stufhLkx1qdwPbkvNaIKaXB5QXYL5C/qy4soMC17TwbzFXi4NM51W41i1m+VEW3N
yEEALjPjN+IlBrBPxF6HjRQWtBgZDYpM2162rEfLoe07a95HZtOJZ7pqYBm+/gkM
/k6ATW3EjUFm4wSldiujTgJ9hhdP8dzy2HiQH2GOpC3cOg0HaNLgpSaTiyByT9FV
uVyASqgij0phLw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:22:56 2025 by rpki-client