Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          Be9rlpjT+P+hi+aaNHwfRGvjRtqjWQKOQs6oSb/Qw0s=
Subject key identifier:   92:2E:23:A9:0E:46:98:AC:60:5D:D4:C8:AC:5C:15:D8:97:9B:39:F7
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       0194C5083372FC39DE31943BDB0FE9F1AC16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          08
Signing time:             Sun 02 Feb 2025 05:00:36 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:36 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:36 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: gx4XV5ZtZWyvYLqbDC3yssEkIZnLF8uZkg4RkE7AUSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:33:72:fc:39:de:31:94:3b:db:0f:e9:f1:ac:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Feb  2 05:00:36 2025 GMT
            Not After : Feb  3 05:00:36 2025 GMT
        Subject: CN=922e23a90e4698ac605dd4c8ac5c15d8979b39f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:fa:81:ed:db:ff:86:97:3f:5d:53:6b:8e:ca:
                    4a:a3:0b:4f:af:f5:98:7c:a6:e3:1d:89:59:fe:27:
                    3a:13:0d:c2:ab:77:85:20:d6:ce:46:56:3a:0d:ab:
                    da:88:68:54:38:cb:ab:37:df:83:ae:73:0e:dc:1d:
                    f6:3c:fc:e9:6a:00:50:e7:9f:d1:29:6a:0e:3b:ae:
                    b7:a5:49:e3:88:1b:a4:a4:2b:1e:77:d3:fb:76:76:
                    4b:0e:ae:a6:f9:2a:28:7c:65:94:a2:d6:b6:99:d3:
                    1e:28:41:85:95:87:1b:73:90:f5:45:44:6c:3e:5d:
                    f5:cd:24:b0:33:ad:9b:f4:56:26:e2:1e:9e:36:4b:
                    ac:0f:ed:1f:ad:58:1c:35:91:04:2a:d5:cf:d4:71:
                    62:6f:cc:d4:1a:d8:b4:99:32:a8:84:3e:bf:8f:b8:
                    78:4f:f0:87:51:7d:62:5e:cc:67:a2:6b:79:f3:2f:
                    4b:33:ab:42:33:c1:c0:cf:fb:c1:30:1a:99:8f:3d:
                    88:15:d4:a7:5f:1e:c1:7d:04:c7:1f:9f:43:2a:ef:
                    83:32:f5:b9:47:47:4e:7a:0b:01:9c:da:bf:53:a4:
                    2e:4b:c3:d7:8e:d9:cc:55:53:53:4a:ce:cd:90:5a:
                    9c:44:e4:fb:93:0c:3c:3e:df:8f:66:64:75:ff:d1:
                    2f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:2E:23:A9:0E:46:98:AC:60:5D:D4:C8:AC:5C:15:D8:97:9B:39:F7
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f8:96:fc:c7:b3:2f:6d:39:c1:33:c0:9d:4e:1a:6e:28:41:
         27:3a:00:5a:3d:4f:3d:9b:1f:74:12:75:b3:d3:53:22:dc:1b:
         67:a7:61:46:cd:98:14:bb:f7:02:72:ae:06:bc:24:9a:ba:3c:
         ec:3d:5b:18:33:14:d1:91:27:47:b7:00:06:d5:80:8e:af:4f:
         8f:36:e1:ad:4e:8f:5a:07:16:68:d7:8c:6a:a0:6b:d4:66:56:
         20:a9:bd:d7:75:f1:11:c0:d6:1f:f2:b7:fd:7c:37:1f:f9:83:
         1c:7c:eb:60:fb:45:0b:10:a7:2e:97:37:45:34:83:76:28:a9:
         cc:0e:e9:24:c4:b7:90:21:86:35:9d:fc:e6:f3:f1:88:67:89:
         08:0e:0d:a4:96:ec:5a:bc:a6:7f:a9:a2:77:e2:8e:bf:b2:eb:
         5a:68:8e:b4:81:de:3d:6d:75:ef:19:c7:8a:fa:c1:28:6e:34:
         60:af:00:bc:aa:17:19:04:3a:a0:5a:86:90:fd:35:18:20:8c:
         1b:14:7f:cb:98:ec:a5:2f:0f:c1:fb:6f:4c:15:29:e1:eb:e9:
         ec:65:93:93:5f:2f:d1:02:9f:03:10:05:85:f9:57:fb:7b:47:
         a7:27:1a:e4:d9:74:d8:76:a1:ea:75:c8:b4:f9:1a:59:c7:63:
         ba:e4:0d:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCDNy/DneMZQ72w/p8awWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjUwMjAyMDUwMDM2WhcNMjUwMjAzMDUwMDM2WjAzMTEwLwYDVQQD
Eyg5MjJlMjNhOTBlNDY5OGFjNjA1ZGQ0YzhhYzVjMTVkODk3OWIzOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPqB7dv/hpc/XVNrjspKowtPr/WY
fKbjHYlZ/ic6Ew3Cq3eFINbORlY6DavaiGhUOMurN9+DrnMO3B32PPzpagBQ55/R
KWoOO663pUnjiBukpCsed9P7dnZLDq6m+SoofGWUota2mdMeKEGFlYcbc5D1RURs
Pl31zSSwM62b9FYm4h6eNkusD+0frVgcNZEEKtXP1HFib8zUGti0mTKohD6/j7h4
T/CHUX1iXsxnomt58y9LM6tCM8HAz/vBMBqZjz2IFdSnXx7BfQTHH59DKu+DMvW5
R0dOegsBnNq/U6QuS8PXjtnMVVNTSs7NkFqcROT7kww8Pt+PZmR1/9EvqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIuI6kORpisYF3UyKxcFdiXmzn3MB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPiW/Mez
L205wTPAnU4abihBJzoAWj1PPZsfdBJ1s9NTItwbZ6dhRs2YFLv3AnKuBrwkmro8
7D1bGDMU0ZEnR7cABtWAjq9PjzbhrU6PWgcWaNeMaqBr1GZWIKm913XxEcDWH/K3
/Xw3H/mDHHzrYPtFCxCnLpc3RTSDdiipzA7pJMS3kCGGNZ385vPxiGeJCA4NpJbs
Wrymf6mid+KOv7LrWmiOtIHePW117xnHivrBKG40YK8AvKoXGQQ6oFqGkP01GCCM
GxR/y5jspS8PwftvTBUp4evp7GWTk18v0QKfAxAFhflX+3tHpyca5Nl02Hah6nXI
tPkaWcdjuuQNuQ==
-----END CERTIFICATE-----