Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
File:                     QTsVW4BGJkf4WUaogk0in-6q--Y.mft (raw, json)
Hash identifier:          jb1XIRYM6bmbOGQqz4oRWXQOvzDGP6kmbeFbtbfzs+Y=
Subject key identifier:   85:09:74:02:49:E9:55:1C:9A:55:8B:80:EE:F3:9C:81:9A:1B:A7:7C
Authority key identifier: 41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6
Certificate issuer:       /CN=413b155b80462647f85946a8824d229feeaafbe6
Certificate serial:       0197530FC8BC8AB942BA4DD211EE29A3CACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
Manifest number:          0103
Signing time:             Mon 09 Jun 2025 05:00:32 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:32 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:32 +0000
Files and hashes:         1: QTsVW4BGJkf4WUaogk0in-6q--Y.crl (hash: aKPBF+LpYrlea6s2eirah9Q5+YMiz/avtscAIHc2YrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 05:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:0f:c8:bc:8a:b9:42:ba:4d:d2:11:ee:29:a3:ca:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=413b155b80462647f85946a8824d229feeaafbe6
        Validity
            Not Before: Jun  9 05:00:32 2025 GMT
            Not After : Jun 10 05:00:32 2025 GMT
        Subject: CN=8509740249e9551c9a558b80eef39c819a1ba77c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3f:15:fb:db:2f:7a:0e:25:fe:33:aa:72:ea:
                    cf:08:03:9e:28:10:30:14:dc:a9:d7:fc:16:0e:f3:
                    28:cc:fb:1f:a1:18:3a:c4:e0:bb:65:52:b8:d9:0a:
                    b7:b0:28:02:67:dd:b3:f0:92:50:af:07:1d:87:f7:
                    e3:d0:60:62:23:b8:71:7a:d0:b6:b4:85:da:1e:4f:
                    75:3e:9d:74:85:8e:b7:13:54:1d:60:09:ea:fd:3d:
                    d6:eb:d5:86:02:05:f9:62:ff:b1:66:ab:d4:80:58:
                    6c:b4:89:c0:49:42:61:5b:f3:28:06:c8:be:3e:27:
                    bc:28:6c:f1:2e:34:5d:a9:77:66:64:4d:66:e8:4c:
                    cd:86:08:46:0a:6e:1f:0c:15:22:33:a2:f4:01:59:
                    b3:f6:7a:ce:92:15:b7:e1:61:e1:8a:36:87:97:8c:
                    82:b6:ac:20:f8:bf:f0:3d:e5:56:71:b8:c7:69:1d:
                    9d:3e:79:fa:b4:9c:66:43:f0:09:e1:e8:f1:e3:18:
                    36:f3:63:42:e7:d4:bf:b3:0a:33:38:3f:49:5a:68:
                    47:66:da:84:f1:99:7a:75:c9:57:4a:68:2a:0b:87:
                    a1:22:d0:66:b1:ec:43:0e:02:e9:c6:bc:68:a9:57:
                    56:6e:40:79:e8:60:d7:e6:02:4e:34:f9:1f:55:18:
                    be:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:09:74:02:49:E9:55:1C:9A:55:8B:80:EE:F3:9C:81:9A:1B:A7:7C
            X509v3 Authority Key Identifier:
                keyid:41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:c3:40:3e:cb:0a:f2:b5:f8:01:91:af:19:96:9e:66:40:2b:
         f5:a6:d4:43:9e:54:73:b6:72:0f:df:24:a9:87:e4:87:0b:80:
         08:e8:53:65:0c:4c:bc:3b:c6:83:85:2f:cc:ed:4a:ba:cb:68:
         4b:5b:35:c6:af:53:db:97:15:a6:15:11:0c:b3:3c:75:d3:fb:
         c2:9d:53:f6:58:39:94:3b:8c:e7:33:33:df:a0:27:b8:34:f5:
         74:15:21:bd:02:16:7f:5c:22:5b:b9:31:1d:29:58:c6:6c:64:
         c1:7e:39:c1:78:8f:b2:27:bb:f8:4e:d5:8f:0f:39:3b:b4:49:
         a2:88:61:ff:30:8a:07:9e:6a:a1:40:1f:48:be:12:ef:8c:c8:
         5e:cf:57:69:f5:87:a3:9c:50:89:92:65:52:49:9f:a6:7e:93:
         2d:84:f1:d8:d5:ed:0c:cc:f7:6e:2c:b2:cb:c9:d2:bc:ee:7c:
         f8:3c:89:a6:ec:27:fc:5d:cf:86:3f:84:5f:5e:a8:5a:c3:cd:
         04:f3:2e:b7:75:86:45:4a:aa:f5:14:97:f7:b8:1f:17:cb:d0:
         1b:97:fb:e8:69:c2:f4:1c:6c:0b:64:67:5e:3b:39:5a:34:6a:
         82:5c:22:0a:10:ef:e7:64:76:d0:35:57:2d:6e:9d:1e:71:24:
         14:e7:4b:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTD8i8irlCuk3SEe4po8rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2IxNTViODA0NjI2NDdmODU5NDZhODgyNGQyMjlmZWVh
YWZiZTYwHhcNMjUwNjA5MDUwMDMyWhcNMjUwNjEwMDUwMDMyWjAzMTEwLwYDVQQD
Eyg4NTA5NzQwMjQ5ZTk1NTFjOWE1NThiODBlZWYzOWM4MTlhMWJhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD8V+9sveg4l/jOqcurPCAOeKBAw
FNyp1/wWDvMozPsfoRg6xOC7ZVK42Qq3sCgCZ92z8JJQrwcdh/fj0GBiI7hxetC2
tIXaHk91Pp10hY63E1QdYAnq/T3W69WGAgX5Yv+xZqvUgFhstInASUJhW/MoBsi+
Pie8KGzxLjRdqXdmZE1m6EzNhghGCm4fDBUiM6L0AVmz9nrOkhW34WHhijaHl4yC
tqwg+L/wPeVWcbjHaR2dPnn6tJxmQ/AJ4ejx4xg282NC59S/swozOD9JWmhHZtqE
8Zl6dclXSmgqC4ehItBmsexDDgLpxrxoqVdWbkB56GDX5gJONPkfVRi+PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUJdAJJ6VUcmlWLgO7znIGaG6d8MB8GA1UdIwQY
MBaAFEE7FVuARiZH+FlGqIJNIp/uqvvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUt
NGEyNTFjYmVjNzkxLzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUtNGEyNTFjYmVjNzkx
LzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcNAPssK
8rX4AZGvGZaeZkAr9abUQ55Uc7ZyD98kqYfkhwuACOhTZQxMvDvGg4UvzO1Kusto
S1s1xq9T25cVphURDLM8ddP7wp1T9lg5lDuM5zMz36AnuDT1dBUhvQIWf1wiW7kx
HSlYxmxkwX45wXiPsie7+E7Vjw85O7RJoohh/zCKB55qoUAfSL4S74zIXs9XafWH
o5xQiZJlUkmfpn6TLYTx2NXtDMz3biyyy8nSvO58+DyJpuwn/F3Phj+EX16oWsPN
BPMut3WGRUqq9RSX97gfF8vQG5f76GnC9BxsC2RnXjs5WjRqglwiChDv52R20DVX
LW6dHnEkFOdLqw==
-----END CERTIFICATE-----