Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.mft
File:                     QqbmQBmAE94SolHwhgMM14xzJRY.mft (raw, json)
Hash identifier:          tO3/GF7kCxZLSx/n53E0LsH59cuQgxziBB2kOJPn2Os=
Subject key identifier:   F8:DA:30:04:32:39:00:1F:A7:82:8C:EC:51:05:0F:2D:F7:41:7C:72
Authority key identifier: 42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16
Certificate issuer:       /CN=42a6e640198013de12a251f086030cd78c732516
Certificate serial:       01975EA6768187AAFA0D0249955EE4B3B337
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.mft
Manifest number:          1517
Signing time:             Wed 11 Jun 2025 11:00:56 +0000
Manifest this update:     Wed 11 Jun 2025 11:00:56 +0000
Manifest next update:     Thu 12 Jun 2025 11:00:56 +0000
Files and hashes:         1: QqbmQBmAE94SolHwhgMM14xzJRY.crl (hash: BH5ZSJTOlaebGdcQ0Dc2sAQnJFBNTK15M07UVgRMAtU=)
                          2: j37XoMC3UG0E_oUwTDht88JJrh8.roa (hash: cqy63HfmTCUoUdF/JZjPLrFzuSfjpRSNk0rinu9lqNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:a6:76:81:87:aa:fa:0d:02:49:95:5e:e4:b3:b3:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a6e640198013de12a251f086030cd78c732516
        Validity
            Not Before: Jun 11 11:00:56 2025 GMT
            Not After : Jun 12 11:00:56 2025 GMT
        Subject: CN=f8da30043239001fa7828cec51050f2df7417c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c4:45:44:0c:08:84:ac:ad:87:01:d9:d4:3d:
                    ae:17:da:ce:90:57:19:8c:96:e4:db:82:0c:0a:4e:
                    b2:8a:54:a4:54:06:05:b4:42:ff:4f:d5:e2:a4:52:
                    f5:14:96:3c:5d:c6:fe:ae:f0:42:5c:fd:94:47:3f:
                    e6:c3:5a:a1:04:03:f8:99:ef:d5:f6:77:dc:b2:7e:
                    7e:a9:65:f2:31:7c:55:2c:63:75:0f:e3:46:e5:d0:
                    10:2f:9e:47:3a:24:9a:29:0c:46:fe:af:cb:f2:f6:
                    47:33:16:fc:e0:20:42:ec:7a:c6:31:7a:59:c0:8d:
                    13:e9:59:44:41:a4:43:24:ec:60:90:25:50:17:02:
                    9e:22:06:30:92:2c:a6:18:db:72:c6:de:fa:ff:4b:
                    50:16:06:f5:16:30:86:5d:ff:2c:e5:60:f9:db:10:
                    11:a6:df:dc:a0:dd:e8:3c:47:50:36:e3:45:c2:d6:
                    b0:74:2c:18:05:9f:d7:cc:d7:2c:e9:ac:35:2c:f6:
                    1a:c3:91:75:b5:9e:32:d8:00:58:1a:b2:a9:e4:df:
                    35:58:de:9a:48:27:91:34:5b:28:85:66:0e:f4:99:
                    ce:dc:63:8d:15:07:57:a9:a9:ee:8a:d5:f5:7a:7e:
                    38:ef:b2:21:10:20:15:5d:df:21:37:a6:6e:80:80:
                    3c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:DA:30:04:32:39:00:1F:A7:82:8C:EC:51:05:0F:2D:F7:41:7C:72
            X509v3 Authority Key Identifier:
                keyid:42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:22:56:8c:11:48:72:cb:d7:33:31:5c:25:b2:51:72:4a:da:
         1d:2f:e8:07:63:b8:54:b7:d7:bb:79:3a:b0:37:7d:dd:4e:a7:
         09:8b:96:8c:19:b7:5a:0a:a2:11:48:9c:d8:0b:4c:e3:7a:47:
         8c:fb:39:f4:a2:37:3f:28:4b:6c:9d:f7:bd:b3:c2:19:77:1b:
         b9:e3:65:32:19:95:47:76:21:1a:33:d2:97:28:8b:23:7f:5b:
         d9:d0:03:36:c0:82:25:41:bb:39:96:a5:35:42:bf:c9:71:9d:
         01:7a:ef:5d:ad:77:9c:84:6c:6e:f5:4b:95:93:0e:09:33:31:
         aa:e6:8c:bd:c8:1c:71:4c:e9:9e:b6:bd:4a:4e:0e:5c:53:6a:
         c4:25:69:be:b4:d7:7a:42:5a:79:7e:d0:9c:13:b6:0d:d3:11:
         e1:89:85:30:98:b1:a9:80:7b:51:6b:f2:3f:04:79:9a:65:54:
         76:7e:b8:f6:3d:a8:7c:c1:a7:06:d0:f8:27:b5:bf:87:ee:75:
         7b:17:a6:df:3a:71:04:13:06:3e:7e:a9:28:00:39:48:c5:61:
         12:4a:d6:0a:f7:46:3f:cf:c2:e9:24:bd:41:a0:04:a9:da:c3:
         6c:a8:90:88:05:47:16:1d:55:b1:89:03:46:48:51:95:e4:57:
         93:0f:f0:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdepnaBh6r6DQJJlV7ks7M3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYTZlNjQwMTk4MDEzZGUxMmEyNTFmMDg2MDMwY2Q3OGM3
MzI1MTYwHhcNMjUwNjExMTEwMDU2WhcNMjUwNjEyMTEwMDU2WjAzMTEwLwYDVQQD
EyhmOGRhMzAwNDMyMzkwMDFmYTc4MjhjZWM1MTA1MGYyZGY3NDE3YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8RFRAwIhKythwHZ1D2uF9rOkFcZ
jJbk24IMCk6yilSkVAYFtEL/T9XipFL1FJY8Xcb+rvBCXP2URz/mw1qhBAP4me/V
9nfcsn5+qWXyMXxVLGN1D+NG5dAQL55HOiSaKQxG/q/L8vZHMxb84CBC7HrGMXpZ
wI0T6VlEQaRDJOxgkCVQFwKeIgYwkiymGNtyxt76/0tQFgb1FjCGXf8s5WD52xAR
pt/coN3oPEdQNuNFwtawdCwYBZ/XzNcs6aw1LPYaw5F1tZ4y2ABYGrKp5N81WN6a
SCeRNFsohWYO9JnO3GONFQdXqanuitX1en4477IhECAVXd8hN6ZugIA8+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjaMAQyOQAfp4KM7FEFDy33QXxyMB8GA1UdIwQY
MBaAFEKm5kAZgBPeEqJR8IYDDNeMcyUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYt
YzI4NzY3MGNjZTUxLzEvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYtYzI4NzY3MGNjZTUx
LzEvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyJWjBFI
csvXMzFcJbJRckraHS/oB2O4VLfXu3k6sDd93U6nCYuWjBm3WgqiEUic2AtM43pH
jPs59KI3PyhLbJ33vbPCGXcbueNlMhmVR3YhGjPSlyiLI39b2dADNsCCJUG7OZal
NUK/yXGdAXrvXa13nIRsbvVLlZMOCTMxquaMvcgccUzpnra9Sk4OXFNqxCVpvrTX
ekJaeX7QnBO2DdMR4YmFMJixqYB7UWvyPwR5mmVUdn649j2ofMGnBtD4J7W/h+51
exem3zpxBBMGPn6pKAA5SMVhEkrWCvdGP8/C6SS9QaAEqdrDbKiQiAVHFh1VsYkD
RkhRleRXkw/wkg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:36:50 2025 by rpki-client