Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
File:                     Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json)
Hash identifier:          H1sZiD4tXWeiDwPG2afFpVW+LQHScgB9/KOmG6QBe0Q=
Subject key identifier:   E1:2A:D0:B7:D5:C3:6E:8B:90:AE:92:04:EE:C5:04:92:20:0C:B0:76
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Certificate issuer:       /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial:       01976327F190C413E3F4161B42551360CF2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
Manifest number:          158B
Signing time:             Thu 12 Jun 2025 08:00:51 +0000
Manifest this update:     Thu 12 Jun 2025 08:00:51 +0000
Manifest next update:     Fri 13 Jun 2025 08:00:51 +0000
Files and hashes:         1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: 3KWAFb+mtgDbDvAOmI5bb9i1pTiLP7YD8mAn1j2m9eU=)
                          2: tBcUVtef6rZ0kSSzgGFNQ0aGmXk.roa (hash: axGcXX34atfoTeccVW4HcK4Aoj164U97BqMvxhWQBsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 08:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:27:f1:90:c4:13:e3:f4:16:1b:42:55:13:60:cf:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
        Validity
            Not Before: Jun 12 08:00:51 2025 GMT
            Not After : Jun 13 08:00:51 2025 GMT
        Subject: CN=e12ad0b7d5c36e8b90ae9204eec50492200cb076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8e:da:f0:26:8c:7f:1e:16:8d:fc:36:7e:57:
                    fb:bc:de:b3:bf:f9:ee:ed:ab:94:a1:f3:78:31:45:
                    8a:fe:9f:11:9a:77:2e:c8:89:db:b3:67:2e:56:d6:
                    cc:81:98:4b:fd:f4:a6:1c:17:97:25:ed:f4:c4:e4:
                    6e:d4:d6:d7:74:7e:4e:cf:45:f9:d9:0d:36:cf:50:
                    13:fb:dd:be:0c:f5:fd:2c:25:3b:29:ae:0e:66:61:
                    cb:20:6d:0a:a2:4d:f8:01:cd:a8:74:5e:be:03:20:
                    77:ca:d6:42:84:77:e7:e0:71:93:c5:d4:4e:98:23:
                    fe:63:96:f2:d3:55:c6:3e:96:6f:9e:ff:5f:d8:7e:
                    c0:9b:16:a7:55:90:d6:3d:cc:ff:90:e1:6e:eb:ca:
                    53:ea:58:35:15:e8:3c:7b:c2:e5:7c:58:61:27:fe:
                    53:9d:62:5b:ce:b5:2b:07:07:16:ed:34:b3:da:b0:
                    0c:6b:91:a3:0d:94:3f:7a:58:18:d3:4b:72:28:bc:
                    ec:67:ca:53:99:64:df:1d:4e:dc:cf:d6:49:35:b4:
                    d8:e1:ba:5b:c8:ce:e0:7a:6a:c5:1c:98:6d:9e:75:
                    72:b2:78:92:d6:ea:1e:bb:bf:07:a3:a5:68:b3:e4:
                    1a:7d:00:4e:f8:ef:46:2a:e9:1a:d6:a3:85:61:38:
                    1c:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:2A:D0:B7:D5:C3:6E:8B:90:AE:92:04:EE:C5:04:92:20:0C:B0:76
            X509v3 Authority Key Identifier:
                keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:66:d0:b2:2d:69:33:04:78:37:29:bf:29:78:3a:e8:6e:60:
         4c:50:8e:15:5f:a0:93:b2:eb:5c:c8:c7:43:3b:7b:22:7a:05:
         d3:6d:75:70:15:c1:60:54:b3:b5:5b:a9:e2:cd:da:44:3c:b1:
         66:d3:d8:65:98:d4:16:62:2b:d1:4c:3b:d5:21:07:5c:db:a9:
         65:0d:e4:7d:63:3a:91:de:fd:d6:25:c4:ba:0f:f0:cf:f3:5c:
         c1:79:e6:f6:31:2d:47:b1:a4:13:97:1b:3e:8d:e2:c1:1e:1a:
         a0:b9:47:f0:4d:d5:f0:d4:50:f3:90:c7:99:13:69:8e:73:17:
         84:67:17:c9:13:75:8a:ff:89:e6:44:24:9b:05:f1:2e:76:2a:
         c7:f7:20:4a:61:f9:7d:0b:c8:7e:0d:1b:ec:7b:42:2c:be:a4:
         95:f3:b6:8e:e4:06:87:6a:12:01:ad:c4:3b:3c:62:83:25:54:
         7f:28:26:72:61:38:ea:8c:b4:d6:d5:7e:ea:d7:22:c0:b4:a1:
         b4:48:db:27:fc:9c:8e:46:bf:0d:03:50:ac:b0:a0:dc:16:57:
         54:9e:5a:e7:1f:eb:d7:2f:27:8a:54:2b:e0:79:e9:ea:49:32:
         e7:bb:ec:05:f1:b6:ec:eb:cb:f7:05:c0:fc:c4:af:1b:cd:a5:
         52:62:d9:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjJ/GQxBPj9BYbQlUTYM8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjUwNjEyMDgwMDUxWhcNMjUwNjEzMDgwMDUxWjAzMTEwLwYDVQQD
EyhlMTJhZDBiN2Q1YzM2ZThiOTBhZTkyMDRlZWM1MDQ5MjIwMGNiMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI7a8CaMfx4Wjfw2flf7vN6zv/nu
7auUofN4MUWK/p8RmncuyInbs2cuVtbMgZhL/fSmHBeXJe30xORu1NbXdH5Oz0X5
2Q02z1AT+92+DPX9LCU7Ka4OZmHLIG0Kok34Ac2odF6+AyB3ytZChHfn4HGTxdRO
mCP+Y5by01XGPpZvnv9f2H7AmxanVZDWPcz/kOFu68pT6lg1Feg8e8LlfFhhJ/5T
nWJbzrUrBwcW7TSz2rAMa5GjDZQ/elgY00tyKLzsZ8pTmWTfHU7cz9ZJNbTY4bpb
yM7gemrFHJhtnnVysniS1uoeu78Ho6Vos+QafQBO+O9GKuka1qOFYTgcPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEq0LfVw26LkK6SBO7FBJIgDLB2MB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmbQsi1p
MwR4Nym/KXg66G5gTFCOFV+gk7LrXMjHQzt7InoF0211cBXBYFSztVup4s3aRDyx
ZtPYZZjUFmIr0Uw71SEHXNupZQ3kfWM6kd791iXEug/wz/NcwXnm9jEtR7GkE5cb
Po3iwR4aoLlH8E3V8NRQ85DHmRNpjnMXhGcXyRN1iv+J5kQkmwXxLnYqx/cgSmH5
fQvIfg0b7HtCLL6klfO2juQGh2oSAa3EOzxigyVUfygmcmE46oy01tV+6tciwLSh
tEjbJ/ycjka/DQNQrLCg3BZXVJ5a5x/r1y8nilQr4Hnp6kky57vsBfG27OvL9wXA
/MSvG82lUmLZwA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:50:38 2025 by rpki-client