Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          077KRuVM+3SQP15STX4P/sctBdGyXgt91Bam16RpY7E=
Subject key identifier:   09:D9:4E:75:0F:CF:74:16:B7:E4:4B:D9:AB:94:87:EC:BF:C3:3F:AC
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       0196474526480EF1BFF8C43C3DC66F7456CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          D0
Signing time:             Fri 18 Apr 2025 05:00:36 +0000
Manifest this update:     Fri 18 Apr 2025 05:00:36 +0000
Manifest next update:     Sat 19 Apr 2025 05:00:36 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: EOoaZ9mmhOG1BXlN9CHXF1Z7g/pDNFXB4U1JMVtgnTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:47:45:26:48:0e:f1:bf:f8:c4:3c:3d:c6:6f:74:56:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Apr 18 05:00:36 2025 GMT
            Not After : Apr 19 05:00:36 2025 GMT
        Subject: CN=09d94e750fcf7416b7e44bd9ab9487ecbfc33fac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:93:6b:7c:35:08:9a:d6:3a:ab:47:ad:88:b6:
                    4e:91:a2:38:4c:8a:c9:0a:2d:e3:e8:39:8e:10:95:
                    27:c2:1a:ed:67:0e:cc:ea:50:2a:9a:46:bb:d0:43:
                    c6:ff:3c:c7:5a:75:81:8d:1a:43:fb:44:0f:ab:25:
                    9b:87:b3:70:a0:e7:77:9d:97:e9:b8:53:8e:91:7a:
                    63:e8:d3:25:a6:b6:51:80:63:d2:32:04:b9:0a:37:
                    33:ff:6d:b4:28:d0:9c:36:a8:47:3f:76:45:e8:ab:
                    d3:19:fb:84:58:bc:ed:5d:0b:26:ec:0e:40:e2:31:
                    f5:0e:bd:3b:e8:ca:36:ee:f1:c2:92:dc:f6:6b:96:
                    91:60:55:41:d6:0d:58:97:26:20:a5:ab:e6:2f:cc:
                    ed:10:1c:3d:04:fc:58:0a:40:01:ed:35:cf:ca:31:
                    be:ab:d8:90:1d:2c:cb:43:69:00:d1:42:79:92:05:
                    7f:5d:d4:2a:1a:9f:87:cd:d9:24:b6:ea:47:ed:59:
                    a2:e4:85:be:76:5b:42:12:a1:61:cd:1b:86:9b:0e:
                    0e:dc:ca:ff:97:eb:28:60:30:0d:09:88:70:06:40:
                    9b:91:d9:c7:1e:5a:ed:ac:0d:9f:14:33:63:6f:5a:
                    20:99:25:de:ea:00:be:39:b3:15:3a:95:55:5f:c7:
                    be:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D9:4E:75:0F:CF:74:16:B7:E4:4B:D9:AB:94:87:EC:BF:C3:3F:AC
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:d5:5e:a6:40:91:5d:84:56:b5:60:28:04:87:74:95:47:1e:
         93:3d:e4:52:9f:65:43:05:e0:49:63:1a:56:90:53:ca:71:2b:
         7c:ff:2f:aa:2c:db:7e:6d:94:96:8a:61:94:e1:ac:6a:72:30:
         d3:d7:4b:f3:ac:0e:d4:a0:3a:fd:24:44:85:27:d3:09:fb:69:
         56:82:6e:0d:e2:98:48:71:ff:6f:09:00:61:10:be:73:77:a4:
         9a:16:c8:1a:70:23:01:22:d6:ec:27:cc:bf:b2:d4:51:63:1c:
         24:3b:45:a8:f8:98:06:ad:9a:b3:35:d6:5a:e5:07:7d:9a:17:
         3a:8d:7f:b6:9b:61:38:73:bb:0a:1f:61:7e:dd:b5:21:0e:60:
         d0:3b:c1:e5:94:c3:31:8d:9c:f3:95:62:49:49:28:4a:c2:1b:
         57:a1:66:80:c6:58:8b:84:2d:b0:3c:84:9f:4a:68:85:fd:48:
         67:54:15:ab:6a:10:22:aa:c5:04:a5:b4:f9:5d:2f:42:8e:dd:
         33:9e:2e:2f:ce:e9:9a:ac:6d:87:16:2c:0f:94:9d:62:a3:0b:
         be:25:6b:91:62:c6:a0:65:e9:75:83:87:9c:e4:7b:cd:d4:2b:
         22:74:49:72:e0:6c:9f:f9:73:d4:46:de:91:9f:42:ad:ee:39:
         a6:1d:10:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZHRSZIDvG/+MQ8PcZvdFbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjUwNDE4MDUwMDM2WhcNMjUwNDE5MDUwMDM2WjAzMTEwLwYDVQQD
EygwOWQ5NGU3NTBmY2Y3NDE2YjdlNDRiZDlhYjk0ODdlY2JmYzMzZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopNrfDUImtY6q0etiLZOkaI4TIrJ
Ci3j6DmOEJUnwhrtZw7M6lAqmka70EPG/zzHWnWBjRpD+0QPqyWbh7NwoOd3nZfp
uFOOkXpj6NMlprZRgGPSMgS5Cjcz/220KNCcNqhHP3ZF6KvTGfuEWLztXQsm7A5A
4jH1Dr076Mo27vHCktz2a5aRYFVB1g1YlyYgpavmL8ztEBw9BPxYCkAB7TXPyjG+
q9iQHSzLQ2kA0UJ5kgV/XdQqGp+HzdkktupH7Vmi5IW+dltCEqFhzRuGmw4O3Mr/
l+soYDANCYhwBkCbkdnHHlrtrA2fFDNjb1ogmSXe6gC+ObMVOpVVX8e+kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnZTnUPz3QWt+RL2auUh+y/wz+sMB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAONVepkCR
XYRWtWAoBId0lUcekz3kUp9lQwXgSWMaVpBTynErfP8vqizbfm2UlophlOGsanIw
09dL86wO1KA6/SREhSfTCftpVoJuDeKYSHH/bwkAYRC+c3ekmhbIGnAjASLW7CfM
v7LUUWMcJDtFqPiYBq2aszXWWuUHfZoXOo1/tpthOHO7Ch9hft21IQ5g0DvB5ZTD
MY2c85ViSUkoSsIbV6FmgMZYi4QtsDyEn0pohf1IZ1QVq2oQIqrFBKW0+V0vQo7d
M54uL87pmqxthxYsD5SdYqMLviVrkWLGoGXpdYOHnOR7zdQrInRJcuBsn/lz1Ebe
kZ9Cre45ph0Q4Q==
-----END CERTIFICATE-----