Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          9KkeDOa95YRA0jWT8nce8vm9eX+5zF1EdbMfCWyZtQo=
Subject key identifier:   B5:B2:C5:34:EC:85:96:47:4A:E3:C6:4D:83:EE:36:BC:D6:D4:C8:7C
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       0194C4D0F0C5F2D8D7F8D7141DB8E03A0DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          01EB
Signing time:             Sun 02 Feb 2025 04:00:14 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:14 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:14 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: y05NRlsDbIU/pTaQpiUKI9vvL9Kd6iYhBoypp2VBC2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d0:f0:c5:f2:d8:d7:f8:d7:14:1d:b8:e0:3a:0d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Feb  2 04:00:14 2025 GMT
            Not After : Feb  3 04:00:14 2025 GMT
        Subject: CN=b5b2c534ec8596474ae3c64d83ee36bcd6d4c87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c3:4b:56:cf:d6:d8:8a:53:3c:5a:c3:19:5c:
                    68:1b:4e:d5:05:6d:c1:e7:f6:71:5e:fb:59:c0:9b:
                    fb:eb:80:c1:98:b1:a8:c1:65:40:fa:4b:ac:55:4d:
                    d7:1a:fd:41:6e:c6:b6:27:a5:ba:3a:88:7a:26:da:
                    44:6d:1a:52:ff:17:0f:a5:85:0b:a3:b7:af:d7:a4:
                    38:e5:aa:ce:d2:e0:34:73:68:99:54:15:8b:07:11:
                    7a:78:41:b2:d1:95:6f:7b:fb:31:3e:83:8b:32:42:
                    9d:b4:80:92:c3:9f:74:eb:60:bd:ac:f2:9c:54:d7:
                    55:01:90:74:e4:3e:bb:7a:ee:b6:df:2c:88:49:7a:
                    e1:c9:b1:84:67:bf:94:41:7d:0a:e3:7e:7b:fa:f8:
                    6f:21:39:56:40:e3:e5:14:3e:d4:16:16:ca:e4:d1:
                    f4:a8:61:13:de:8f:70:ae:6e:32:9c:63:a0:21:a6:
                    37:01:4f:21:e6:b8:aa:f4:0b:df:b2:e9:e8:81:58:
                    b7:9e:79:04:12:bc:30:8b:fa:93:84:9b:4c:c5:3f:
                    d3:71:5d:c6:3f:b3:28:69:b4:aa:d1:7a:3e:c8:41:
                    9f:6e:da:ef:13:c7:91:de:b6:50:8d:3b:c5:e1:7b:
                    1c:47:91:b8:02:e7:e3:4f:f6:d2:f5:f5:ed:96:d7:
                    06:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:B2:C5:34:EC:85:96:47:4A:E3:C6:4D:83:EE:36:BC:D6:D4:C8:7C
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:aa:81:6f:20:0d:34:80:ea:90:32:74:29:30:d5:38:77:74:
         a2:90:a5:ca:fc:8f:14:82:ad:98:2d:15:23:ba:12:bd:50:12:
         38:7f:0c:41:7b:a6:76:4e:2e:fe:ec:84:c6:10:5e:f5:7d:a4:
         c1:bf:0f:00:70:90:7d:15:3e:4a:c3:20:4a:59:55:c1:2a:61:
         60:f6:99:1e:54:39:58:cb:8b:5a:a9:69:69:e5:42:41:b0:37:
         48:89:6e:7a:0e:19:9c:d6:60:05:72:10:0b:3c:9c:94:fb:b9:
         5e:be:9a:dd:72:87:f4:b9:c3:a7:11:37:ce:03:a5:20:9a:a6:
         3c:06:f7:42:39:e0:26:6b:43:7f:f8:c0:78:fd:6d:81:c6:52:
         7b:ea:75:1d:ec:04:d5:d8:36:69:2b:a1:c5:4b:9c:cc:1f:ab:
         87:0f:54:e4:60:61:a0:01:df:46:a2:0d:39:61:c7:20:49:c2:
         af:26:2c:94:30:db:3b:1f:00:5e:41:4c:ba:ae:b7:52:2f:8e:
         89:91:d7:1f:c5:ec:73:d5:dc:a2:4c:e0:7f:56:b5:f5:81:0e:
         02:56:94:2c:af:0b:2f:e1:ea:92:fe:95:d0:f2:4e:63:49:1e:
         b4:7b:17:65:75:2a:58:3a:12:ae:73:cd:ce:61:2d:a3:f4:b1:
         9f:a4:3f:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0PDF8tjX+NcUHbjgOg3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwMjAyMDQwMDE0WhcNMjUwMjAzMDQwMDE0WjAzMTEwLwYDVQQD
EyhiNWIyYzUzNGVjODU5NjQ3NGFlM2M2NGQ4M2VlMzZiY2Q2ZDRjODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8NLVs/W2IpTPFrDGVxoG07VBW3B
5/ZxXvtZwJv764DBmLGowWVA+kusVU3XGv1Bbsa2J6W6Ooh6JtpEbRpS/xcPpYUL
o7ev16Q45arO0uA0c2iZVBWLBxF6eEGy0ZVve/sxPoOLMkKdtICSw59062C9rPKc
VNdVAZB05D67eu623yyISXrhybGEZ7+UQX0K4357+vhvITlWQOPlFD7UFhbK5NH0
qGET3o9wrm4ynGOgIaY3AU8h5riq9AvfsunogVi3nnkEErwwi/qThJtMxT/TcV3G
P7MoabSq0Xo+yEGfbtrvE8eR3rZQjTvF4XscR5G4AufjT/bS9fXtltcGuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWyxTTshZZHSuPGTYPuNrzW1Mh8MB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6qBbyAN
NIDqkDJ0KTDVOHd0opClyvyPFIKtmC0VI7oSvVASOH8MQXumdk4u/uyExhBe9X2k
wb8PAHCQfRU+SsMgSllVwSphYPaZHlQ5WMuLWqlpaeVCQbA3SIlueg4ZnNZgBXIQ
CzyclPu5Xr6a3XKH9LnDpxE3zgOlIJqmPAb3QjngJmtDf/jAeP1tgcZSe+p1HewE
1dg2aSuhxUuczB+rhw9U5GBhoAHfRqINOWHHIEnCryYslDDbOx8AXkFMuq63Ui+O
iZHXH8Xsc9Xcokzgf1a19YEOAlaULK8LL+Hqkv6V0PJOY0ketHsXZXUqWDoSrnPN
zmEto/Sxn6Q/8Q==
-----END CERTIFICATE-----