Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
File:                     QTsVW4BGJkf4WUaogk0in-6q--Y.mft (raw, json)
Hash identifier:          ehU0IciNl5G8QnK9ybCHunwZC9FsMcm7xKiTDOLbQPI=
Subject key identifier:   D3:8B:5C:92:D3:47:AB:E1:62:79:FA:E6:57:28:76:0B:48:65:3D:DB
Authority key identifier: 41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6
Certificate issuer:       /CN=413b155b80462647f85946a8824d229feeaafbe6
Certificate serial:       01975CB7BC86843BE3C9A8DF3CF8EA8B835E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
Manifest number:          0108
Signing time:             Wed 11 Jun 2025 02:00:34 +0000
Manifest this update:     Wed 11 Jun 2025 02:00:34 +0000
Manifest next update:     Thu 12 Jun 2025 02:00:34 +0000
Files and hashes:         1: QTsVW4BGJkf4WUaogk0in-6q--Y.crl (hash: uhfgV5SaiBLkx4Qjl2IUaFHuoqdyveZVLrVsIW9HtZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:b7:bc:86:84:3b:e3:c9:a8:df:3c:f8:ea:8b:83:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=413b155b80462647f85946a8824d229feeaafbe6
        Validity
            Not Before: Jun 11 02:00:34 2025 GMT
            Not After : Jun 12 02:00:34 2025 GMT
        Subject: CN=d38b5c92d347abe16279fae65728760b48653ddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:38:80:80:a1:fe:75:ab:f5:ef:51:a2:fd:25:
                    b5:f4:eb:be:9b:5f:47:f3:78:99:ed:3c:84:e1:bd:
                    c5:32:bd:7e:e2:e9:18:fd:2a:28:64:4c:fc:e0:f7:
                    c5:2d:e9:fc:56:d1:29:91:0e:95:b1:02:c3:0b:d3:
                    0e:e4:fc:2a:34:71:b8:c4:08:00:96:f5:87:c7:7e:
                    67:fe:87:79:81:2e:cf:7b:b5:f1:85:79:5a:b3:e1:
                    8b:22:6c:16:bb:79:99:8d:c0:62:66:9a:af:76:60:
                    d3:c5:13:c6:3f:ac:f9:16:12:ee:c0:29:51:37:af:
                    71:1a:23:75:84:a2:85:cc:c3:28:6b:9e:2d:40:3b:
                    00:fc:2c:6d:19:ee:2e:6a:22:8c:aa:c2:74:12:a0:
                    ce:be:ff:41:4b:b1:10:e6:81:f2:af:85:7a:32:0f:
                    4e:ea:83:7e:b2:e1:96:33:57:41:f7:f1:9a:aa:b4:
                    d7:13:ae:20:01:c0:1f:a9:68:e3:39:35:54:66:c8:
                    f2:cd:b0:53:e8:a8:a8:97:cf:c2:a1:64:eb:ec:a5:
                    11:67:4e:18:75:d4:66:0b:8b:8c:e7:d4:e9:81:43:
                    65:22:b3:f8:39:51:02:72:15:aa:9c:e0:e2:39:79:
                    93:ca:ac:47:22:7e:8c:01:5b:5f:f5:5b:65:02:7b:
                    0a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:8B:5C:92:D3:47:AB:E1:62:79:FA:E6:57:28:76:0B:48:65:3D:DB
            X509v3 Authority Key Identifier:
                keyid:41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:4a:5e:b2:1b:59:f7:65:d2:0f:78:ad:75:3c:82:08:14:13:
         ca:9e:2b:87:6b:4f:2e:07:d8:34:13:54:57:fb:19:9c:72:5c:
         e7:eb:cb:ef:38:b7:45:3b:f3:83:76:f2:36:87:2b:3d:6b:52:
         2a:23:eb:70:46:c2:ba:aa:ba:16:35:14:1b:30:7d:f9:68:4c:
         38:6b:56:6b:c3:17:63:d5:5b:be:3e:14:d8:e6:60:ae:e2:f9:
         d8:5a:2f:20:9d:92:4e:47:1b:87:18:c4:22:80:e2:4d:b3:a4:
         ed:f4:37:6b:ae:46:ba:cc:17:4c:85:79:e8:36:22:d2:8f:0d:
         34:b4:fe:bc:06:1d:98:2d:29:b2:cc:c7:cd:a6:50:3f:e4:aa:
         6d:50:2c:1e:5b:60:e6:51:c6:a3:7a:1c:00:c6:a4:66:71:54:
         57:08:2f:5b:02:60:7f:2e:eb:51:51:54:a0:da:0d:23:37:e3:
         7e:ad:0b:43:20:97:79:97:53:1e:7a:4b:ed:9d:08:bf:dc:08:
         dc:cf:3d:8d:52:fc:95:d4:8c:14:47:a1:4a:f1:55:b4:7b:79:
         f8:49:68:17:e1:79:09:40:b1:17:34:d7:28:37:c3:31:bd:e8:
         33:47:21:46:be:17:ba:c0:88:75:b1:ce:60:7e:fc:a4:a9:5a:
         23:49:7f:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct7yGhDvjyajfPPjqi4NeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2IxNTViODA0NjI2NDdmODU5NDZhODgyNGQyMjlmZWVh
YWZiZTYwHhcNMjUwNjExMDIwMDM0WhcNMjUwNjEyMDIwMDM0WjAzMTEwLwYDVQQD
EyhkMzhiNWM5MmQzNDdhYmUxNjI3OWZhZTY1NzI4NzYwYjQ4NjUzZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjiAgKH+dav171Gi/SW19Ou+m19H
83iZ7TyE4b3FMr1+4ukY/SooZEz84PfFLen8VtEpkQ6VsQLDC9MO5PwqNHG4xAgA
lvWHx35n/od5gS7Pe7XxhXlas+GLImwWu3mZjcBiZpqvdmDTxRPGP6z5FhLuwClR
N69xGiN1hKKFzMMoa54tQDsA/CxtGe4uaiKMqsJ0EqDOvv9BS7EQ5oHyr4V6Mg9O
6oN+suGWM1dB9/GaqrTXE64gAcAfqWjjOTVUZsjyzbBT6Kiol8/CoWTr7KURZ04Y
ddRmC4uM59TpgUNlIrP4OVECchWqnODiOXmTyqxHIn6MAVtf9VtlAnsKZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOLXJLTR6vhYnn65lcodgtIZT3bMB8GA1UdIwQY
MBaAFEE7FVuARiZH+FlGqIJNIp/uqvvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUt
NGEyNTFjYmVjNzkxLzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUtNGEyNTFjYmVjNzkx
LzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEpeshtZ
92XSD3itdTyCCBQTyp4rh2tPLgfYNBNUV/sZnHJc5+vL7zi3RTvzg3byNocrPWtS
KiPrcEbCuqq6FjUUGzB9+WhMOGtWa8MXY9Vbvj4U2OZgruL52FovIJ2STkcbhxjE
IoDiTbOk7fQ3a65GuswXTIV56DYi0o8NNLT+vAYdmC0psszHzaZQP+SqbVAsHltg
5lHGo3ocAMakZnFUVwgvWwJgfy7rUVFUoNoNIzfjfq0LQyCXeZdTHnpL7Z0Iv9wI
3M89jVL8ldSMFEehSvFVtHt5+EloF+F5CUCxFzTXKDfDMb3oM0chRr4XusCIdbHO
YH78pKlaI0l/DQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:22:53 2025 by rpki-client