Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
File:                     Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft (raw, json)
Hash identifier:          aqHi5bXyJsgg0odrRn3y0afZoDYD9uTwwSe8MBPxTgY=
Subject key identifier:   A8:03:16:15:B8:47:AF:A1:3D:D0:16:29:C8:71:B5:3A:53:B9:93:6C
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Certificate issuer:       /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial:       019610202B7CF94C5F4C75CEE050F5F83F37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
Manifest number:          084D
Signing time:             Mon 07 Apr 2025 12:01:05 +0000
Manifest this update:     Mon 07 Apr 2025 12:01:05 +0000
Manifest next update:     Tue 08 Apr 2025 12:01:05 +0000
Files and hashes:         1: 0pA9jqxxzLz7rK77xH9_gAV2Ddc.roa (hash: kuW3cMupmnzRroMZH+onX29Wp3xp+NRO+gRxYcXjYi4=)
                          2: 2TnqZvmmysxhyiNZrk30acF9SlI.roa (hash: WiwIIXJhkAErUqVwl7rpQhJM1V3EKt+e61vZ4TyGts0=)
                          3: Dw3X8fWhKPYb3Mn-3k0h1r_9KbU.roa (hash: TMxwGgTVPG6mIC+cdCWlxe1kZRGY132KC9x3rO2T5lU=)
                          4: DwPcfSHFXNqM7rUhdUmfwPDUgE4.roa (hash: TJWMP4o9L/gCTxpzvrb7aiWTaCJtkInjMyTtZ8ZQv6w=)
                          5: I0so05T8WJ0IrbDuX6UjLySLqmI.roa (hash: dR+mdnDCO20UWtvzil7AKdca65/eFTAOBYqBvQ7au8Y=)
                          6: Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl (hash: u9B1r5Gi16TWKV8ro4pTA7Q4FAwolyR0x2uEyxNFSm4=)
                          7: SFaGChEcecBfMkYfUdNCUJpmOZs.roa (hash: urAyNSsYssS08ZQ9VO9nXj8k0R3NhqQ1uecoM5zn4Xg=)
                          8: VdXHdlxLvSXMtikY4Tkq1ivw7b0.roa (hash: d4XyYarFCX7iHNvauLVhaF+5yte4Mx2+kXf0dxCZBfg=)
                          9: VzB0p7pCZsQMiGHUlZc1UelTzYY.roa (hash: BzzAqeicP4DohtRLpuezZoWn//Z3/wAyEJHVc5sVYtU=)
                          10: XkP13qdKiUI4ksMyPnhV_Dq7ZH8.roa (hash: YloS2aXtag5qQ1JTIqYqkyKRVfkw4jImfuhbP08yNwU=)
                          11: _okwze0rSlq8LhXlB7FWi8OlsK4.roa (hash: 3wzhS+5DOCgktIdxwao39vX+OQv7jnEn/glBS5LioaY=)
                          12: aaPCQ3vYc10mi-8M5KP_x-4UjqI.roa (hash: k87j6NF+EKH8P+VssVknz/tteS+89PmRGUWHWReOd5U=)
                          13: keRc_cuZtJ4i5Jvsc90Pj2Jghdg.roa (hash: gciROLJg7+/w52qQUKA87ZvQS+qeyeOp3E1ngvwPEK4=)
                          14: mReJXjEFw2vH3gsylG3516bpkxI.roa (hash: orfciGxm8QNpQKbu93OyqVEi/aKCukxyiFS74rnLbXg=)
                          15: t2p4-i0-AMgrPWWbLPjsZticI0E.roa (hash: /e/8T+eYaFYAkJQaQBKZKZelhBajXo5oP/zmVdgWK8A=)
                          16: wXmD77ivrLBnzkfNVUx9GVYS9fw.roa (hash: tE/07N+y9ScJvAqYYnDp5CmkVEB1T6atwgfCQwskaeM=)
                          17: xzcqcrFf-ra6k9gJVEfYsUOL7r0.roa (hash: tLEmQ4Ip0nJAlYr4VF0AY9UERYkLlEbUUc3k5bIYBQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 12:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:20:2b:7c:f9:4c:5f:4c:75:ce:e0:50:f5:f8:3f:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
        Validity
            Not Before: Apr  7 12:01:05 2025 GMT
            Not After : Apr  8 12:01:05 2025 GMT
        Subject: CN=a8031615b847afa13dd01629c871b53a53b9936c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e4:44:2e:86:2a:30:0a:b6:ec:38:f2:1f:9c:
                    c4:65:c3:14:28:39:fe:7e:2f:93:2f:21:7a:92:20:
                    6c:5a:91:75:11:84:95:96:18:5e:6d:b9:42:8f:d1:
                    03:83:8b:4c:d6:e3:ab:f1:4d:c1:ba:39:d9:1c:5c:
                    fc:92:7b:ef:d9:da:87:31:03:a2:19:ee:25:91:f3:
                    d9:e2:3f:33:81:94:72:ef:65:bc:50:95:86:d4:5d:
                    ac:e3:55:7d:ec:e6:eb:de:40:30:ca:96:ec:dd:c4:
                    ea:2a:e3:ef:86:9e:cb:d8:be:11:98:b8:da:82:5f:
                    3c:c6:f7:6f:7a:31:ff:2a:20:3f:58:c0:d5:c1:7d:
                    91:77:9c:97:c0:9b:3e:09:f6:09:60:25:37:9a:b9:
                    98:67:c6:fc:cc:38:21:17:66:46:41:58:25:dd:2d:
                    4b:ed:e1:6a:c9:7d:df:b9:0c:61:55:75:27:0e:ae:
                    bb:a0:83:ee:13:f3:9c:1f:4d:75:be:ac:7f:ec:2f:
                    d3:9b:e9:e2:74:5e:f0:f8:00:60:b1:d5:73:a7:a6:
                    b2:df:d1:d3:e8:64:8e:fa:02:81:e2:82:63:81:68:
                    e6:02:d2:4e:d9:2b:22:63:4d:aa:72:63:2b:09:b1:
                    7e:2e:1d:5e:69:a4:3a:85:27:b9:7d:67:d8:ab:a4:
                    7d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:03:16:15:B8:47:AF:A1:3D:D0:16:29:C8:71:B5:3A:53:B9:93:6C
            X509v3 Authority Key Identifier:
                keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:12:ce:31:27:d5:97:7a:b1:45:21:70:d6:e7:45:e3:aa:d9:
         2c:c7:61:e8:03:8e:cf:89:34:16:6a:d3:dd:4e:9f:00:25:b8:
         09:39:a4:cf:67:07:02:84:0b:9a:72:61:78:1c:9b:da:2d:8f:
         a4:4d:d9:bd:e6:99:f6:0c:bc:86:7a:3a:49:6c:b5:3a:0e:78:
         ad:e8:80:11:8c:91:52:0c:48:5a:64:e8:8f:66:3a:61:58:d0:
         87:d8:de:52:bd:c0:f9:26:49:e3:88:78:eb:08:73:75:47:66:
         51:2e:18:88:5d:70:5c:b4:fe:24:75:95:ea:2b:19:c3:a5:72:
         2a:79:e2:a0:c0:43:a0:63:87:82:75:5f:68:db:b6:f3:c4:90:
         cc:81:6a:59:4f:9f:3d:36:56:c9:6d:39:28:d7:ed:3f:5d:c0:
         f5:58:7b:00:26:84:0d:01:e9:11:ff:18:e0:ad:d4:aa:9f:2c:
         bd:08:41:23:08:2e:3a:53:04:0b:12:5d:e0:87:7d:da:54:23:
         c8:6b:49:8e:a0:b7:54:6e:9e:ee:e9:ef:d4:56:f0:fe:b0:3b:
         f0:72:c7:74:ae:18:fe:b0:af:40:d3:ea:33:6a:2e:81:a3:23:
         68:e6:f3:35:da:a0:ca:3e:74:46:b2:06:56:92:4d:b3:8d:05:
         2f:76:ab:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQICt8+UxfTHXO4FD1+D83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwNDA3MTIwMTA1WhcNMjUwNDA4MTIwMTA1WjAzMTEwLwYDVQQD
EyhhODAzMTYxNWI4NDdhZmExM2RkMDE2MjljODcxYjUzYTUzYjk5MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+RELoYqMAq27DjyH5zEZcMUKDn+
fi+TLyF6kiBsWpF1EYSVlhhebblCj9EDg4tM1uOr8U3BujnZHFz8knvv2dqHMQOi
Ge4lkfPZ4j8zgZRy72W8UJWG1F2s41V97Obr3kAwypbs3cTqKuPvhp7L2L4RmLja
gl88xvdvejH/KiA/WMDVwX2Rd5yXwJs+CfYJYCU3mrmYZ8b8zDghF2ZGQVgl3S1L
7eFqyX3fuQxhVXUnDq67oIPuE/OcH011vqx/7C/Tm+nidF7w+ABgsdVzp6ay39HT
6GSO+gKB4oJjgWjmAtJO2SsiY02qcmMrCbF+Lh1eaaQ6hSe5fWfYq6R9QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgDFhW4R6+hPdAWKchxtTpTuZNsMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVBLOMSfV
l3qxRSFw1udF46rZLMdh6AOOz4k0FmrT3U6fACW4CTmkz2cHAoQLmnJheByb2i2P
pE3ZveaZ9gy8hno6SWy1Og54reiAEYyRUgxIWmToj2Y6YVjQh9jeUr3A+SZJ44h4
6whzdUdmUS4YiF1wXLT+JHWV6isZw6VyKnnioMBDoGOHgnVfaNu288SQzIFqWU+f
PTZWyW05KNftP13A9Vh7ACaEDQHpEf8Y4K3Uqp8svQhBIwguOlMECxJd4Id92lQj
yGtJjqC3VG6e7unv1Fbw/rA78HLHdK4Y/rCvQNPqM2ougaMjaObzNdqgyj50RrIG
VpJNs40FL3arDA==
-----END CERTIFICATE-----