Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File:                     Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier:          LIW0XcM17TS76a+BeD/5JPn45P6t6Hzz7mn6d2aM9xU=
Subject key identifier:   F4:E2:A8:00:13:3C:A2:23:75:D8:42:BB:75:56:A3:FF:93:8C:48:40
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer:       /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial:       01975422C653EC2DF769DE11F89BD23B1B90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number:          05D9
Signing time:             Mon 09 Jun 2025 10:00:54 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:54 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:54 +0000
Files and hashes:         1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
                          2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: 64aTWk5zFYkD5KEzvUf17j0WBa88mDgjUMZCFVkDgMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:c6:53:ec:2d:f7:69:de:11:f8:9b:d2:3b:1b:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
        Validity
            Not Before: Jun  9 10:00:54 2025 GMT
            Not After : Jun 10 10:00:54 2025 GMT
        Subject: CN=f4e2a800133ca22375d842bb7556a3ff938c4840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:dd:a2:96:7d:96:23:ff:43:3d:b1:73:60:c3:
                    b4:1e:3a:82:fb:27:fc:07:e1:0c:c4:8e:15:5d:a5:
                    6d:ff:1a:e9:0c:6c:43:e5:27:14:91:74:e9:7c:9c:
                    3f:f1:e1:3a:fb:0c:60:92:36:cf:9e:41:e4:2b:a2:
                    55:0b:73:35:dd:35:4d:da:ce:55:82:1d:c9:62:2f:
                    6d:37:9b:47:73:d4:ac:a2:b8:df:10:b5:e9:4c:e9:
                    d4:e9:44:eb:fc:48:92:7d:c3:70:8b:1d:0a:53:b8:
                    fb:41:52:0a:c5:f3:6f:c0:12:4d:cc:d2:bd:61:7a:
                    80:4b:eb:9e:7d:95:ff:d3:e9:e3:07:66:a7:66:89:
                    66:19:76:48:c3:3a:ab:0d:c3:df:50:a7:6e:9a:d0:
                    d9:b1:1f:32:df:93:5c:8c:38:ba:44:fe:37:82:e5:
                    f5:76:5a:b8:cb:4e:3f:4d:35:fa:3e:33:2c:0e:e9:
                    50:6a:65:3a:d1:5b:de:a3:7b:47:4b:e0:b3:6d:4a:
                    14:dd:98:ab:5d:b5:18:1c:8f:77:35:72:20:eb:93:
                    94:bf:be:85:b1:eb:84:3c:59:1b:39:e7:90:26:fa:
                    3c:7f:d9:47:9b:63:5e:25:b9:3c:4c:fe:13:4d:e0:
                    dc:0c:d4:6a:fe:f7:f9:03:e1:af:95:df:33:78:a1:
                    e8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E2:A8:00:13:3C:A2:23:75:D8:42:BB:75:56:A3:FF:93:8C:48:40
            X509v3 Authority Key Identifier:
                keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:3b:ab:d2:01:ec:68:b9:a4:91:16:d5:0a:01:9e:99:05:76:
         c2:72:b5:08:d2:5c:d1:96:63:0c:0c:70:6b:93:ef:4f:b1:33:
         0f:6a:e0:93:da:40:91:46:24:e4:87:7b:0e:07:93:a4:e0:10:
         60:3f:ea:7e:af:9c:ad:9a:87:9c:a9:d9:d4:c2:eb:10:70:eb:
         3b:69:a7:de:33:5b:6f:e9:c5:e1:d4:23:70:fa:4e:9a:08:c6:
         57:a1:2c:5f:d1:f2:61:fa:b6:3b:cf:37:cd:37:31:b1:ae:0c:
         48:93:76:62:c9:e6:49:6b:a8:6a:fd:d1:52:8a:f4:5e:35:95:
         65:49:e4:02:2d:88:eb:eb:e8:91:20:60:8a:bd:ec:11:61:99:
         82:3b:14:82:e1:6d:5c:dc:ea:db:6e:ef:4f:54:fa:16:d5:9c:
         fd:91:96:8a:7f:ed:5b:a7:94:2d:fd:8a:17:5e:64:83:1f:c5:
         cc:a1:72:3b:da:9c:2c:6b:b3:f4:cd:61:b3:b5:90:ed:b8:9a:
         da:24:e1:ae:0e:e1:c3:ef:78:6c:70:6a:e2:f1:cf:c1:ad:af:
         6c:2a:da:44:7b:91:cf:44:6c:0a:07:5b:b7:be:cd:a2:bd:ef:
         72:43:15:2c:84:13:cd:21:c0:00:9f:4e:a1:23:19:f9:3c:e4:
         d4:7a:5c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIsZT7C33ad4R+JvSOxuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwNjA5MTAwMDU0WhcNMjUwNjEwMTAwMDU0WjAzMTEwLwYDVQQD
EyhmNGUyYTgwMDEzM2NhMjIzNzVkODQyYmI3NTU2YTNmZjkzOGM0ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N2iln2WI/9DPbFzYMO0HjqC+yf8
B+EMxI4VXaVt/xrpDGxD5ScUkXTpfJw/8eE6+wxgkjbPnkHkK6JVC3M13TVN2s5V
gh3JYi9tN5tHc9SsorjfELXpTOnU6UTr/EiSfcNwix0KU7j7QVIKxfNvwBJNzNK9
YXqAS+uefZX/0+njB2anZolmGXZIwzqrDcPfUKdumtDZsR8y35NcjDi6RP43guX1
dlq4y04/TTX6PjMsDulQamU60Vveo3tHS+CzbUoU3ZirXbUYHI93NXIg65OUv76F
seuEPFkbOeeQJvo8f9lHm2NeJbk8TP4TTeDcDNRq/vf5A+Gvld8zeKHoGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTiqAATPKIjddhCu3VWo/+TjEhAMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzur0gHs
aLmkkRbVCgGemQV2wnK1CNJc0ZZjDAxwa5PvT7EzD2rgk9pAkUYk5Id7DgeTpOAQ
YD/qfq+crZqHnKnZ1MLrEHDrO2mn3jNbb+nF4dQjcPpOmgjGV6EsX9HyYfq2O883
zTcxsa4MSJN2YsnmSWuoav3RUor0XjWVZUnkAi2I6+vokSBgir3sEWGZgjsUguFt
XNzq227vT1T6FtWc/ZGWin/tW6eULf2KF15kgx/FzKFyO9qcLGuz9M1hs7WQ7bia
2iThrg7hw+94bHBq4vHPwa2vbCraRHuRz0RsCgdbt77Nor3vckMVLIQTzSHAAJ9O
oSMZ+Tzk1HpceQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:32:12 2025 by rpki-client