Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          jJ4oTrTRlhL1wdKv4CcfEM6S5nj1Ycmzvb+sbbFOCew=
Subject key identifier:   42:55:BD:62:8F:EE:B3:41:AC:BF:76:E1:A1:B1:BA:DD:47:67:D5:BC
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       019510C7129354D40B4D7C1B353699929A58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:00:36 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:36 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:36 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: k3IqQpGgR5cuFdrZ3AMAsso1uHYKqsXEoQ1qDZaZdcw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:12:93:54:d4:0b:4d:7c:1b:35:36:99:92:9a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Feb 16 22:00:36 2025 GMT
            Not After : Feb 17 22:00:36 2025 GMT
        Subject: CN=4255bd628feeb341acbf76e1a1b1badd4767d5bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5a:c5:bf:19:12:6d:31:9b:ed:13:21:09:52:
                    19:f1:4d:92:ec:bd:b4:48:0e:f3:5f:8f:82:73:b6:
                    39:6a:4d:f6:97:1c:24:d8:ca:b3:25:09:63:1c:99:
                    d8:e6:c6:b0:e3:f7:88:ea:4b:92:50:e8:71:3f:be:
                    6b:5d:ee:4a:9f:2d:eb:f6:3b:30:11:c4:f9:5a:2b:
                    41:ab:77:4a:7d:97:04:ae:e5:67:19:19:47:53:cc:
                    76:1e:88:1c:f3:de:d5:28:6b:95:3a:f2:74:7a:b4:
                    77:7f:15:93:03:96:9f:14:7c:18:16:0e:87:bf:15:
                    c4:75:86:39:8c:84:6b:fa:6f:91:82:9d:16:8f:34:
                    ab:bc:6d:55:23:1a:c9:65:d2:63:c2:e6:36:ec:4e:
                    4b:9f:7f:de:78:e7:e2:cb:5d:81:86:54:6c:01:75:
                    f5:29:da:24:66:03:74:20:b5:c2:47:1a:42:e2:dd:
                    c2:82:6a:cf:e8:64:8d:8a:ef:f3:46:de:52:c8:3b:
                    ff:03:7f:b9:71:e6:38:44:e9:34:6f:84:f5:ed:71:
                    d7:0e:7e:de:67:56:1b:a6:0e:5b:77:ea:22:79:ce:
                    56:4c:cc:bd:3b:e9:39:f1:c0:85:ac:91:0a:d7:a3:
                    8d:3e:37:c3:89:e7:15:c9:74:83:d1:d7:88:3f:f3:
                    37:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:55:BD:62:8F:EE:B3:41:AC:BF:76:E1:A1:B1:BA:DD:47:67:D5:BC
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:5b:cc:77:48:a3:b6:a1:cf:65:8e:87:fe:3b:7f:25:79:07:
         03:11:5b:ae:24:db:9c:7b:47:a2:e4:b1:97:91:1c:71:26:ba:
         c1:4b:6b:9d:40:09:aa:ee:ba:d2:66:11:ee:f5:94:1d:64:5a:
         4c:36:6e:7f:59:bb:40:c8:f3:a2:9e:17:ca:6e:ef:a6:7d:a9:
         05:3f:a1:68:9d:96:4d:ef:26:b6:fc:00:f1:e2:61:dc:85:5a:
         02:e3:39:87:01:f3:9c:bf:82:83:0a:5a:73:9e:95:c2:77:ca:
         ee:9b:74:4a:af:de:99:83:51:8f:12:2e:15:85:88:7e:a1:3d:
         ea:69:64:37:79:a1:32:b0:0c:1a:04:4e:ea:c3:a8:5e:40:f2:
         41:18:e5:cd:8a:0d:71:aa:18:8c:93:b3:11:61:a2:2c:7b:c8:
         26:e0:43:3c:56:b6:45:fb:1f:14:1e:99:7a:ac:bf:6e:49:2d:
         5f:cc:11:d2:02:ff:ce:68:b2:e1:28:e2:46:aa:05:96:ed:6c:
         8d:f3:a8:a0:22:80:a3:ac:f1:e7:f4:e4:da:ee:26:59:5f:6b:
         83:31:bb:72:f6:d4:ba:ad:01:05:ce:fe:db:00:e6:be:e9:c9:
         ea:43:ff:79:5e:27:83:e1:d4:60:2b:cc:b3:25:bf:ff:4b:27:
         f9:4e:ed:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxxKTVNQLTXwbNTaZkppYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwMjE2MjIwMDM2WhcNMjUwMjE3MjIwMDM2WjAzMTEwLwYDVQQD
Eyg0MjU1YmQ2MjhmZWViMzQxYWNiZjc2ZTFhMWIxYmFkZDQ3NjdkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlrFvxkSbTGb7RMhCVIZ8U2S7L20
SA7zX4+Cc7Y5ak32lxwk2MqzJQljHJnY5saw4/eI6kuSUOhxP75rXe5Kny3r9jsw
EcT5WitBq3dKfZcEruVnGRlHU8x2Hogc897VKGuVOvJ0erR3fxWTA5afFHwYFg6H
vxXEdYY5jIRr+m+Rgp0WjzSrvG1VIxrJZdJjwuY27E5Ln3/eeOfiy12BhlRsAXX1
KdokZgN0ILXCRxpC4t3CgmrP6GSNiu/zRt5SyDv/A3+5ceY4ROk0b4T17XHXDn7e
Z1Ybpg5bd+oiec5WTMy9O+k58cCFrJEK16ONPjfDiecVyXSD0deIP/M3MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJVvWKP7rNBrL924aGxut1HZ9W8MB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFvMd0ij
tqHPZY6H/jt/JXkHAxFbriTbnHtHouSxl5EccSa6wUtrnUAJqu660mYR7vWUHWRa
TDZuf1m7QMjzop4Xym7vpn2pBT+haJ2WTe8mtvwA8eJh3IVaAuM5hwHznL+Cgwpa
c56VwnfK7pt0Sq/emYNRjxIuFYWIfqE96mlkN3mhMrAMGgRO6sOoXkDyQRjlzYoN
caoYjJOzEWGiLHvIJuBDPFa2RfsfFB6Zeqy/bkktX8wR0gL/zmiy4SjiRqoFlu1s
jfOooCKAo6zx5/Tk2u4mWV9rgzG7cvbUuq0BBc7+2wDmvunJ6kP/eV4ng+HUYCvM
syW//0sn+U7t0Q==
-----END CERTIFICATE-----