Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.mft
File:                     QGHbehW9JPvKFGzRLMcNQTnIW58.mft (raw, json)
Hash identifier:          wWTZF1vp0HpDoHPeEunD2lMf7OnQV2FG0Bl4ly1tYhE=
Subject key identifier:   B2:BA:E1:7D:05:67:A5:C3:50:6B:0C:65:53:91:EE:29:5B:D5:A2:16
Authority key identifier: 40:61:DB:7A:15:BD:24:FB:CA:14:6C:D1:2C:C7:0D:41:39:C8:5B:9F
Certificate issuer:       /CN=4061db7a15bd24fbca146cd12cc70d4139c85b9f
Certificate serial:       019652A520B72269AA03CA82F75A149EC863
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QGHbehW9JPvKFGzRLMcNQTnIW58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.mft
Manifest number:          14C9
Signing time:             Sun 20 Apr 2025 10:01:15 +0000
Manifest this update:     Sun 20 Apr 2025 10:01:15 +0000
Manifest next update:     Mon 21 Apr 2025 10:01:15 +0000
Files and hashes:         1: QGHbehW9JPvKFGzRLMcNQTnIW58.crl (hash: CWEt2o15FZZbi6a4g4ew7p2czpDRYsH0vo6jz7W2lxk=)
                          2: o-ZlaW1WgunU3TjJVwdOR6husz0.roa (hash: 4yZiG/NqXqcKJ1Bdf8yQPmHJloI/I/ZH5JktUOUh3mY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QGHbehW9JPvKFGzRLMcNQTnIW58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a5:20:b7:22:69:aa:03:ca:82:f7:5a:14:9e:c8:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4061db7a15bd24fbca146cd12cc70d4139c85b9f
        Validity
            Not Before: Apr 20 10:01:15 2025 GMT
            Not After : Apr 21 10:01:15 2025 GMT
        Subject: CN=b2bae17d0567a5c3506b0c655391ee295bd5a216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:51:7e:59:0d:e2:45:2e:44:e5:db:2a:16:4e:
                    82:1a:61:2e:b1:af:fd:c5:4d:50:b3:2c:ac:3e:d3:
                    68:4a:c3:66:71:c7:6b:84:ba:10:fc:87:7e:d7:fe:
                    3a:0b:2a:72:8f:d8:6f:f1:34:d3:83:a9:8c:30:68:
                    90:2f:95:29:be:0e:f1:39:b4:18:03:33:dd:b6:c9:
                    eb:54:8a:10:64:ac:d4:87:c1:a4:db:5f:ec:b1:42:
                    10:c7:fd:3c:e5:73:32:69:8a:ea:1b:fc:fe:ba:12:
                    68:bc:cf:c1:27:c0:8c:36:d4:c6:3f:1f:11:49:58:
                    69:21:1b:35:40:15:e8:fa:52:f5:f6:45:c4:cd:46:
                    af:d5:fb:2e:3f:8a:31:4b:c4:f5:73:c4:db:51:9d:
                    37:2b:0c:c5:0e:46:13:88:38:62:dc:4d:bf:7f:83:
                    f0:14:2a:22:a5:c1:c1:6e:44:24:72:bd:6b:6d:69:
                    0e:08:0d:b2:61:c3:cf:b2:da:d6:23:53:07:f1:e4:
                    74:fc:ad:d5:a6:ae:69:7d:8d:24:34:1d:fc:83:9a:
                    5b:26:6f:e7:2e:43:e3:96:07:3a:24:31:2d:75:7a:
                    59:b4:7f:87:26:c5:1a:28:95:43:f0:f9:0d:1a:cb:
                    54:08:fc:73:90:a1:4f:ce:d7:73:e8:1d:bf:f0:5f:
                    d3:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:BA:E1:7D:05:67:A5:C3:50:6B:0C:65:53:91:EE:29:5B:D5:A2:16
            X509v3 Authority Key Identifier:
                keyid:40:61:DB:7A:15:BD:24:FB:CA:14:6C:D1:2C:C7:0D:41:39:C8:5B:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGHbehW9JPvKFGzRLMcNQTnIW58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/004c3b-aa3f-4d8b-826f-199d14c06bcb/1/QGHbehW9JPvKFGzRLMcNQTnIW58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:8b:bf:f7:64:33:88:14:54:d5:bd:99:5b:43:16:38:bd:93:
         fb:0a:9b:a3:df:7e:23:88:30:89:e9:5e:24:5b:c3:46:98:1b:
         6d:81:46:7c:8f:33:cd:04:51:94:c3:be:ee:50:6a:d3:20:0f:
         56:df:26:3f:a2:e5:ba:2d:e5:cd:e9:6b:0f:46:a8:8b:db:01:
         5b:01:18:06:87:55:38:ff:5c:c5:3a:c0:35:8c:d4:d9:00:1c:
         03:ee:07:17:a8:b9:84:21:6c:2e:78:8d:f0:25:c1:7c:b2:af:
         95:1f:9c:3a:73:76:7a:38:55:65:75:53:1e:21:46:3b:62:e6:
         fe:71:be:03:85:98:5a:da:6f:a9:18:4d:d8:71:a1:ec:e0:b4:
         ca:6c:35:78:27:08:3b:30:a0:cc:f1:f8:98:1e:79:de:0e:e9:
         45:ca:da:6a:11:af:d9:4e:f0:1a:79:b3:1b:cc:2c:0c:db:aa:
         01:7b:09:89:eb:40:de:32:2a:d8:5f:6f:e5:8c:23:4b:c7:da:
         b5:84:b1:5d:82:c5:6a:d9:cf:b9:3e:ed:a4:1c:97:b4:2e:f8:
         ec:f7:db:d8:e7:26:95:09:bf:21:1f:ab:b7:86:64:cc:13:2e:
         5e:4c:ef:a6:1b:02:2e:d5:bc:7a:fc:72:84:12:e2:03:da:bb:
         1f:50:1d:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpSC3ImmqA8qC91oUnshjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjFkYjdhMTViZDI0ZmJjYTE0NmNkMTJjYzcwZDQxMzlj
ODViOWYwHhcNMjUwNDIwMTAwMTE1WhcNMjUwNDIxMTAwMTE1WjAzMTEwLwYDVQQD
EyhiMmJhZTE3ZDA1NjdhNWMzNTA2YjBjNjU1MzkxZWUyOTViZDVhMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1F+WQ3iRS5E5dsqFk6CGmEusa/9
xU1QsyysPtNoSsNmccdrhLoQ/Id+1/46Cypyj9hv8TTTg6mMMGiQL5Upvg7xObQY
AzPdtsnrVIoQZKzUh8Gk21/ssUIQx/085XMyaYrqG/z+uhJovM/BJ8CMNtTGPx8R
SVhpIRs1QBXo+lL19kXEzUav1fsuP4oxS8T1c8TbUZ03KwzFDkYTiDhi3E2/f4Pw
FCoipcHBbkQkcr1rbWkOCA2yYcPPstrWI1MH8eR0/K3Vpq5pfY0kNB38g5pbJm/n
LkPjlgc6JDEtdXpZtH+HJsUaKJVD8PkNGstUCPxzkKFPztdz6B2/8F/TvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLK64X0FZ6XDUGsMZVOR7ilb1aIWMB8GA1UdIwQY
MBaAFEBh23oVvST7yhRs0SzHDUE5yFufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdIYmVoVzlKUHZLRkd6UkxNY05RVG5JVzU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMDRjM2ItYWEzZi00ZDhiLTgyNmYt
MTk5ZDE0YzA2YmNiLzEvUUdIYmVoVzlKUHZLRkd6UkxNY05RVG5JVzU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMDRjM2ItYWEzZi00ZDhiLTgyNmYtMTk5ZDE0YzA2YmNi
LzEvUUdIYmVoVzlKUHZLRkd6UkxNY05RVG5JVzU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR4u/92Qz
iBRU1b2ZW0MWOL2T+wqbo99+I4gwieleJFvDRpgbbYFGfI8zzQRRlMO+7lBq0yAP
Vt8mP6Llui3lzelrD0aoi9sBWwEYBodVOP9cxTrANYzU2QAcA+4HF6i5hCFsLniN
8CXBfLKvlR+cOnN2ejhVZXVTHiFGO2Lm/nG+A4WYWtpvqRhN2HGh7OC0ymw1eCcI
OzCgzPH4mB553g7pRcraahGv2U7wGnmzG8wsDNuqAXsJietA3jIq2F9v5YwjS8fa
tYSxXYLFatnPuT7tpByXtC747Pfb2OcmlQm/IR+rt4ZkzBMuXkzvphsCLtW8evxy
hBLiA9q7H1AdjQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:27 2025 by rpki-client