Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
File:                     L-QXNib0YCZA6NTpa1ShoJar54s.mft (raw, json)
Hash identifier:          yn/Rg9AQhzMRQL1C4jkJ4r6rxaMhmcC9+vZDL2zM4Jg=
Subject key identifier:   21:F3:FF:02:99:8A:2B:E3:48:8A:FF:4B:AA:B9:D9:2C:14:E4:46:1B
Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
Certificate issuer:       /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Certificate serial:       0197531054BBD354C87C9408572FB5FDCA64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
Manifest number:          106F
Signing time:             Mon 09 Jun 2025 05:01:08 +0000
Manifest this update:     Mon 09 Jun 2025 05:01:08 +0000
Manifest next update:     Tue 10 Jun 2025 05:01:08 +0000
Files and hashes:         1: 8PzBSdujNIrE9ZxwXkq7Jh0bBAs.roa (hash: 4Awpnumk+tPfHQxPVq+VsOA860hCJdP+GfTQ/2K+zcA=)
                          2: L-QXNib0YCZA6NTpa1ShoJar54s.crl (hash: Ny1mifAa+fKe34jOSNqRCuN1By0GnPHYIOKbR2r+rbI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 05:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:10:54:bb:d3:54:c8:7c:94:08:57:2f:b5:fd:ca:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
        Validity
            Not Before: Jun  9 05:01:08 2025 GMT
            Not After : Jun 10 05:01:08 2025 GMT
        Subject: CN=21f3ff02998a2be3488aff4baab9d92c14e4461b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8a:d5:b7:d4:2b:d2:57:39:eb:d6:56:6d:35:
                    1c:5d:20:a4:9a:3a:37:9a:2c:11:be:1f:f7:49:c9:
                    df:d7:96:44:65:c0:3d:b9:cf:13:25:fa:98:47:ea:
                    e3:44:ee:f0:f6:de:76:2b:cf:cc:e3:c6:1e:e3:94:
                    9d:74:c5:5b:1b:84:f0:f3:5e:94:c9:00:bc:fa:f3:
                    cd:2c:44:b7:0a:5a:15:2f:c5:2d:23:0c:3d:18:c6:
                    e8:c8:eb:8f:4c:b1:b5:93:cd:10:0b:8b:b6:95:76:
                    8e:c9:a6:27:00:c1:ed:93:e4:d7:d2:d5:5f:cc:7e:
                    17:1a:1d:86:c0:82:da:c9:e2:06:1f:bf:37:54:ef:
                    f2:7f:0e:6a:63:4a:64:23:fc:e8:dc:c5:d7:6b:8e:
                    b4:26:df:0d:61:19:ce:88:1a:98:b3:ef:82:11:d2:
                    3e:1c:93:5a:b5:da:46:08:19:47:58:0b:cd:69:76:
                    17:ad:2a:fc:aa:02:82:b2:50:f5:86:c2:b9:ad:18:
                    e5:22:3e:47:cd:6d:a5:86:aa:5b:0c:da:c2:51:ee:
                    d6:56:c7:05:cf:2c:d0:79:be:61:57:4e:f8:b5:b8:
                    20:63:86:35:2b:f4:ee:4f:e6:9c:3b:e3:e3:1c:d0:
                    17:61:68:6e:5c:3d:77:9b:5a:35:8b:6d:42:bf:2b:
                    46:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:F3:FF:02:99:8A:2B:E3:48:8A:FF:4B:AA:B9:D9:2C:14:E4:46:1B
            X509v3 Authority Key Identifier:
                keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:2e:da:09:e2:4d:77:c0:56:7b:a2:96:06:8b:8d:ce:a7:8c:
         47:f1:14:e1:2f:3b:27:b0:b1:b6:02:6e:9b:90:f4:32:2a:47:
         4a:42:27:c4:94:8a:a2:8e:a5:9c:b8:32:4d:f8:15:a7:03:37:
         96:f1:d6:40:57:06:1c:7a:49:00:d4:c9:3a:02:55:ba:7b:7f:
         62:ab:55:c0:b5:8b:4a:f6:f9:f8:e9:e8:9e:0d:57:54:03:59:
         eb:27:1b:05:31:fa:38:24:66:e4:e7:52:c9:d4:47:de:d5:02:
         91:9d:6b:a4:ac:64:3f:54:08:88:3d:ef:4e:d1:22:f4:c4:fc:
         1e:d6:3d:cf:13:14:cf:b6:97:f7:81:8e:55:9a:12:ae:28:85:
         a7:35:c9:57:23:44:18:57:04:72:31:33:96:53:1d:60:87:74:
         e2:c7:42:d0:7d:0a:30:03:6a:75:1b:81:cd:67:a8:94:19:cd:
         47:ff:22:a2:44:30:33:f5:1e:34:63:5c:7f:2b:d3:21:b6:f0:
         f5:e9:e4:d3:db:55:cf:57:b9:2f:2f:07:57:99:ad:9e:ca:19:
         dd:40:70:02:59:76:5f:ae:4e:f8:69:57:d1:70:8d:8c:f6:a5:
         0c:6c:cc:56:e3:b4:01:97:b5:4f:f7:ac:21:f9:60:b8:b7:92:
         bc:b3:af:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTEFS701TIfJQIVy+1/cpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh
YmU3OGIwHhcNMjUwNjA5MDUwMTA4WhcNMjUwNjEwMDUwMTA4WjAzMTEwLwYDVQQD
EygyMWYzZmYwMjk5OGEyYmUzNDg4YWZmNGJhYWI5ZDkyYzE0ZTQ0NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIrVt9Qr0lc569ZWbTUcXSCkmjo3
miwRvh/3Scnf15ZEZcA9uc8TJfqYR+rjRO7w9t52K8/M48Ye45SddMVbG4Tw816U
yQC8+vPNLES3CloVL8UtIww9GMboyOuPTLG1k80QC4u2lXaOyaYnAMHtk+TX0tVf
zH4XGh2GwILayeIGH783VO/yfw5qY0pkI/zo3MXXa460Jt8NYRnOiBqYs++CEdI+
HJNatdpGCBlHWAvNaXYXrSr8qgKCslD1hsK5rRjlIj5HzW2lhqpbDNrCUe7WVscF
zyzQeb5hV074tbggY4Y1K/TuT+acO+PjHNAXYWhuXD13m1o1i21CvytGfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHz/wKZiivjSIr/S6q52SwU5EYbMB8GA1UdIwQY
MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt
MzU0NzljNTRkY2JkLzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk
LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAni7aCeJN
d8BWe6KWBouNzqeMR/EU4S87J7CxtgJum5D0MipHSkInxJSKoo6lnLgyTfgVpwM3
lvHWQFcGHHpJANTJOgJVunt/YqtVwLWLSvb5+Onong1XVANZ6ycbBTH6OCRm5OdS
ydRH3tUCkZ1rpKxkP1QIiD3vTtEi9MT8HtY9zxMUz7aX94GOVZoSriiFpzXJVyNE
GFcEcjEzllMdYId04sdC0H0KMANqdRuBzWeolBnNR/8iokQwM/UeNGNcfyvTIbbw
9enk09tVz1e5Ly8HV5mtnsoZ3UBwAll2X65O+GlX0XCNjPalDGzMVuO0AZe1T/es
IflguLeSvLOvwg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:38:37 2025 by rpki-client