Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          ya3HoI4ssFLG1x3hdPdU0nSR/zBepD0FQXXFBH+2kqE=
Subject key identifier:   D1:A4:12:2A:DB:D6:F2:49:85:C7:CA:CC:F9:1C:78:36:1A:A1:3A:AF
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       01964FA388C066849395F390A8CB7E849D20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          0364
Signing time:             Sat 19 Apr 2025 20:00:39 +0000
Manifest this update:     Sat 19 Apr 2025 20:00:39 +0000
Manifest next update:     Sun 20 Apr 2025 20:00:39 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: nGFfVE1xy5oQqAlTCWgi2BsMb83R+YndMuiFvvgTz+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 20:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:a3:88:c0:66:84:93:95:f3:90:a8:cb:7e:84:9d:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Apr 19 20:00:39 2025 GMT
            Not After : Apr 20 20:00:39 2025 GMT
        Subject: CN=d1a4122adbd6f24985c7caccf91c78361aa13aaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b7:34:b0:19:5a:d6:4c:0a:c4:1b:70:40:a5:
                    5c:7a:1f:fa:dd:cc:4c:11:1f:ed:68:b0:33:a6:82:
                    db:6f:87:a5:8e:ae:8d:71:ad:14:b3:a5:c2:7d:c4:
                    61:68:32:2b:15:bc:e4:bd:e1:8a:44:10:5b:9b:75:
                    9d:92:e6:69:75:2f:f8:11:61:65:64:d4:9e:f5:0d:
                    54:f7:12:36:7e:34:d8:ed:6f:72:5c:68:3d:8c:02:
                    48:2b:43:d4:b5:cb:85:90:c1:1d:de:d7:c6:ab:ea:
                    ae:d3:bc:82:2a:2b:a0:3c:c3:05:ed:53:c3:b8:d7:
                    eb:5e:25:ff:8d:5b:0b:a1:db:ed:23:4c:99:93:b9:
                    b6:55:b5:0a:96:13:ab:7e:53:7d:ca:c0:49:fb:1d:
                    6a:cb:0b:f0:32:a0:0e:e7:12:6a:21:f3:83:aa:bc:
                    cd:2a:af:19:c9:3f:2a:e9:49:03:fb:74:79:aa:7a:
                    41:2b:d5:40:06:80:74:8b:bd:c3:e1:9e:b4:f9:41:
                    9f:62:cb:62:e6:27:f9:6e:d9:e2:88:03:cd:20:2e:
                    c5:4f:d9:86:2e:80:74:e0:61:8f:29:dd:f5:5d:33:
                    88:54:34:ee:93:b9:8b:98:6f:1f:c2:66:ec:00:11:
                    e3:2f:81:5d:af:ac:95:65:7e:6e:3d:c7:13:05:7d:
                    d7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A4:12:2A:DB:D6:F2:49:85:C7:CA:CC:F9:1C:78:36:1A:A1:3A:AF
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:12:30:41:8d:0c:67:e4:e3:2f:c7:31:5e:8f:00:10:1e:ed:
         b9:3a:8a:fe:33:f8:b4:44:c7:8a:c5:a8:d1:3c:b2:77:d3:15:
         5a:8e:b6:62:32:32:d7:65:03:08:e0:46:1f:04:52:eb:4a:4d:
         1c:69:75:fb:75:e6:40:eb:54:bc:6e:f5:d5:ad:9f:a2:8d:b0:
         d3:04:53:3e:c9:ca:cd:14:42:7c:37:be:e2:16:cd:b6:de:a7:
         44:33:03:2c:b3:07:3d:3d:3a:fd:c5:5b:b9:5b:32:08:a9:75:
         60:0e:50:5c:3d:03:8d:59:60:c2:f3:82:22:8e:08:ba:65:49:
         c0:a7:8d:04:27:ab:93:0f:05:40:b7:6b:84:64:bc:e4:33:e6:
         11:ac:7f:0f:12:51:07:d7:e1:7a:86:30:73:41:fb:97:c4:94:
         cb:0d:a0:74:d1:29:6f:75:03:87:fc:c8:31:c4:dd:4c:48:ed:
         10:4e:8b:60:69:8d:d6:bf:f7:72:0e:3b:d1:95:d2:c4:2f:27:
         e0:76:b1:cd:58:4a:b5:4d:41:b4:81:18:46:1d:98:1d:e1:77:
         ff:c7:85:9d:26:51:2c:2e:3c:c4:10:bb:8c:75:b4:0a:e2:2c:
         04:be:ce:af:d5:7e:41:41:ea:83:80:af:60:69:95:de:d3:2b:
         d0:f8:cd:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPo4jAZoSTlfOQqMt+hJ0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwNDE5MjAwMDM5WhcNMjUwNDIwMjAwMDM5WjAzMTEwLwYDVQQD
EyhkMWE0MTIyYWRiZDZmMjQ5ODVjN2NhY2NmOTFjNzgzNjFhYTEzYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07c0sBla1kwKxBtwQKVceh/63cxM
ER/taLAzpoLbb4eljq6Nca0Us6XCfcRhaDIrFbzkveGKRBBbm3WdkuZpdS/4EWFl
ZNSe9Q1U9xI2fjTY7W9yXGg9jAJIK0PUtcuFkMEd3tfGq+qu07yCKiugPMMF7VPD
uNfrXiX/jVsLodvtI0yZk7m2VbUKlhOrflN9ysBJ+x1qywvwMqAO5xJqIfODqrzN
Kq8ZyT8q6UkD+3R5qnpBK9VABoB0i73D4Z60+UGfYsti5if5btniiAPNIC7FT9mG
LoB04GGPKd31XTOIVDTuk7mLmG8fwmbsABHjL4Fdr6yVZX5uPccTBX3XkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGkEirb1vJJhcfKzPkceDYaoTqvMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRIwQY0M
Z+TjL8cxXo8AEB7tuTqK/jP4tETHisWo0Tyyd9MVWo62YjIy12UDCOBGHwRS60pN
HGl1+3XmQOtUvG711a2foo2w0wRTPsnKzRRCfDe+4hbNtt6nRDMDLLMHPT06/cVb
uVsyCKl1YA5QXD0DjVlgwvOCIo4IumVJwKeNBCerkw8FQLdrhGS85DPmEax/DxJR
B9fheoYwc0H7l8SUyw2gdNEpb3UDh/zIMcTdTEjtEE6LYGmN1r/3cg470ZXSxC8n
4HaxzVhKtU1BtIEYRh2YHeF3/8eFnSZRLC48xBC7jHW0CuIsBL7Or9V+QUHqg4Cv
YGmV3tMr0PjN3Q==
-----END CERTIFICATE-----