Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          6dA9ViEDpV0pP2ASdlO7ku+xnHdsL6a/Q0xT+btNPr4=
Subject key identifier:   7F:BE:86:C4:38:2F:9E:5A:51:C1:C6:B1:E4:B3:C3:52:0C:7C:B9:D0
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       01975BDC1F3F2D6F59379EE363BAFCE7B490
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          0319
Signing time:             Tue 10 Jun 2025 22:00:41 +0000
Manifest this update:     Tue 10 Jun 2025 22:00:41 +0000
Manifest next update:     Wed 11 Jun 2025 22:00:41 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: rK0vHCLl6D4xkP4gw/yVkaz9ddcis/DWVOn5FUuXluQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 22:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:dc:1f:3f:2d:6f:59:37:9e:e3:63:ba:fc:e7:b4:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Jun 10 22:00:41 2025 GMT
            Not After : Jun 11 22:00:41 2025 GMT
        Subject: CN=7fbe86c4382f9e5a51c1c6b1e4b3c3520c7cb9d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d6:5e:59:b7:b3:9f:5c:a3:4a:51:aa:68:14:
                    95:2f:db:40:4b:de:64:7e:6a:ed:b3:58:77:18:2d:
                    f6:c8:de:8f:8d:e5:fe:87:52:fc:0f:cd:6e:56:db:
                    2f:b9:a6:3c:e1:51:1d:08:47:d6:9f:09:29:d9:18:
                    66:a0:e7:a6:e2:e1:25:a2:d2:90:4a:d7:44:62:12:
                    12:8b:77:1e:8d:9f:5e:40:15:f0:8d:8c:ef:82:67:
                    a8:e4:37:9f:49:4b:83:27:34:32:bd:0e:8c:e0:06:
                    ff:0c:fc:4e:63:d4:e7:65:81:ce:b8:aa:83:91:84:
                    3d:de:28:ae:de:61:33:0e:a5:5a:f1:34:ed:17:55:
                    2f:f7:a7:4b:99:2b:a7:67:88:1b:26:d6:ef:76:34:
                    1d:d3:66:b8:5d:f2:f3:d6:fd:89:7c:79:cc:38:2b:
                    19:df:e0:d2:ea:f6:59:f2:1d:35:a0:8e:16:6e:de:
                    05:9d:bc:fa:f4:3c:3d:fc:7f:37:d9:42:6d:e5:7d:
                    ca:0d:eb:a3:a2:be:5b:43:34:dd:bb:cc:58:29:ab:
                    69:c0:72:c5:c9:4c:49:f6:e1:66:d1:55:9c:bc:26:
                    b7:b6:17:14:6b:a2:a7:20:1b:0d:65:21:24:1e:f8:
                    75:5f:e3:dc:84:b2:91:e9:ba:f5:a0:08:92:fe:98:
                    83:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:BE:86:C4:38:2F:9E:5A:51:C1:C6:B1:E4:B3:C3:52:0C:7C:B9:D0
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:22:90:82:72:a0:1f:de:25:f1:96:cf:c9:31:fa:22:1e:55:
         7b:9a:72:fd:26:a8:4c:fd:7c:6e:0e:29:29:44:76:74:ee:05:
         39:7e:3b:8d:da:37:55:57:ed:1e:4f:61:36:22:e9:01:34:ec:
         b4:17:5e:aa:d6:96:0c:1b:51:f0:95:42:5b:b6:c0:99:c0:33:
         23:1e:6e:7a:e8:91:55:1a:bf:9e:d6:ee:e7:b6:bf:48:3d:eb:
         97:a8:66:40:c3:e3:31:38:82:48:03:c6:8f:c4:ac:ea:e1:7c:
         00:75:2c:75:f5:86:ed:6d:99:4b:35:fe:de:14:2f:37:38:0f:
         63:a9:66:a3:f8:a3:48:99:fd:06:28:cf:54:5b:2b:2a:26:5d:
         9d:0d:76:55:1c:0d:d9:54:6d:69:c4:96:32:e6:48:fd:b2:af:
         d9:ae:ff:48:01:29:c2:8a:49:82:81:8d:63:e9:19:fa:c1:f5:
         80:e9:a1:b1:0a:05:19:83:a1:f0:b0:cc:43:d9:37:59:74:dd:
         5d:18:5a:cb:ef:79:eb:76:ed:88:d5:00:ad:bf:1c:1e:61:58:
         9e:98:5b:f7:64:f5:01:29:88:32:4c:b9:fc:87:19:5d:23:d9:
         51:6a:60:79:d0:42:96:b1:41:5f:33:6e:be:b0:56:60:c7:03:
         f0:c7:0f:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb3B8/LW9ZN57jY7r857SQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjUwNjEwMjIwMDQxWhcNMjUwNjExMjIwMDQxWjAzMTEwLwYDVQQD
Eyg3ZmJlODZjNDM4MmY5ZTVhNTFjMWM2YjFlNGIzYzM1MjBjN2NiOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltZeWbezn1yjSlGqaBSVL9tAS95k
fmrts1h3GC32yN6PjeX+h1L8D81uVtsvuaY84VEdCEfWnwkp2RhmoOem4uElotKQ
StdEYhISi3cejZ9eQBXwjYzvgmeo5DefSUuDJzQyvQ6M4Ab/DPxOY9TnZYHOuKqD
kYQ93iiu3mEzDqVa8TTtF1Uv96dLmSunZ4gbJtbvdjQd02a4XfLz1v2JfHnMOCsZ
3+DS6vZZ8h01oI4Wbt4Fnbz69Dw9/H832UJt5X3KDeujor5bQzTdu8xYKatpwHLF
yUxJ9uFm0VWcvCa3thcUa6KnIBsNZSEkHvh1X+PchLKR6br1oAiS/piDUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH++hsQ4L55aUcHGseSzw1IMfLnQMB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiKQgnKg
H94l8ZbPyTH6Ih5Ve5py/SaoTP18bg4pKUR2dO4FOX47jdo3VVftHk9hNiLpATTs
tBdeqtaWDBtR8JVCW7bAmcAzIx5ueuiRVRq/ntbu57a/SD3rl6hmQMPjMTiCSAPG
j8Ss6uF8AHUsdfWG7W2ZSzX+3hQvNzgPY6lmo/ijSJn9BijPVFsrKiZdnQ12VRwN
2VRtacSWMuZI/bKv2a7/SAEpwopJgoGNY+kZ+sH1gOmhsQoFGYOh8LDMQ9k3WXTd
XRhay+9563btiNUArb8cHmFYnphb92T1ASmIMky5/IcZXSPZUWpgedBClrFBXzNu
vrBWYMcD8McPJw==
-----END CERTIFICATE-----