Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File:                     Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier:          zrosKIGhmPYblh6cHEBLS86wtmQ5Lt1xq+GhFsWl4Ik=
Subject key identifier:   B9:29:BA:DE:AD:E0:A1:CE:F0:55:21:A2:51:AE:6A:B4:5D:CC:D6:E0
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer:       /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial:       019757FFCB3DD2FD2A41F1C3BC0614D03FA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number:          05DB
Signing time:             Tue 10 Jun 2025 04:01:10 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:10 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:10 +0000
Files and hashes:         1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
                          2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: ARcvHm4Xl8HleUbAElT/6Jm5na6XBjs6cxpPHafdwXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:cb:3d:d2:fd:2a:41:f1:c3:bc:06:14:d0:3f:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
        Validity
            Not Before: Jun 10 04:01:10 2025 GMT
            Not After : Jun 11 04:01:10 2025 GMT
        Subject: CN=b929badeade0a1cef05521a251ae6ab45dccd6e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2b:11:f5:0f:74:65:fe:02:6d:ca:86:7f:a5:
                    f6:16:ff:e1:85:7f:f9:f5:fe:a4:b9:2b:99:99:97:
                    e6:47:4f:82:b9:b5:6b:24:88:03:34:64:7d:f0:aa:
                    fa:95:5e:66:bd:f0:48:48:c0:97:ea:7a:c5:02:e3:
                    e5:4e:e5:24:24:36:4f:a0:f3:94:c5:51:18:c1:e7:
                    fd:bc:05:9d:66:fa:01:75:02:fb:03:e3:21:45:d2:
                    c4:18:41:c9:de:3f:7c:c8:0e:72:b7:c7:9b:3e:8e:
                    fe:30:22:7c:d1:bd:d6:fb:82:d9:63:79:d1:c6:a6:
                    a8:56:43:d1:1a:2d:49:19:09:ac:cf:c4:40:ee:51:
                    50:0d:d4:6e:9a:5d:e7:ff:6e:52:1c:52:74:a2:d8:
                    ca:b5:e3:df:3b:04:5f:26:74:df:c5:f5:de:c2:4b:
                    9e:7c:e2:d7:be:fb:73:32:89:6c:ba:09:da:d8:18:
                    f5:ff:d6:d3:94:3d:a5:fa:c3:2a:bb:be:ed:d0:7e:
                    4b:2a:81:98:19:60:2a:06:1c:c7:44:dd:e5:eb:e1:
                    d2:ca:50:06:6d:ae:bf:64:12:17:e0:a2:20:17:24:
                    a6:31:bd:9e:36:46:b9:5d:72:00:ef:7a:4f:4a:70:
                    cf:da:88:4a:15:66:f4:69:b5:70:03:98:ab:de:83:
                    17:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:29:BA:DE:AD:E0:A1:CE:F0:55:21:A2:51:AE:6A:B4:5D:CC:D6:E0
            X509v3 Authority Key Identifier:
                keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:f0:ed:79:fd:f7:80:dc:c1:16:97:ba:7c:5d:92:d9:d5:26:
         2e:b8:dc:02:fe:39:2e:ce:e9:78:24:11:8a:10:c7:79:55:d1:
         2e:65:92:09:ae:04:d2:78:e6:3c:5e:95:67:5c:54:1e:07:7f:
         ad:c9:a2:f8:47:d3:ef:33:a1:10:5e:da:64:cd:bf:dd:21:75:
         68:59:e5:36:47:0a:bd:d2:29:3b:6e:06:a2:20:1a:c0:29:85:
         fc:17:b6:7b:c9:fd:16:ea:7b:3e:f2:6c:5b:66:3d:32:61:fd:
         03:8e:0f:bf:c0:b9:92:a1:a1:66:bc:82:8f:99:01:62:10:00:
         a3:2f:19:13:4a:1a:ad:9f:02:a8:a3:5e:fe:36:da:46:2b:5d:
         d5:3b:c3:a2:d6:c8:5c:fe:de:3c:61:73:81:f2:29:f3:c8:00:
         c8:a3:06:d3:b0:c6:02:5f:ab:4b:d9:cf:e1:5a:db:d6:98:59:
         60:ca:ed:ad:b4:03:f9:21:15:36:80:b9:7c:69:1e:b2:94:87:
         dc:ca:a1:d2:b0:2a:34:d8:f7:e8:6e:b8:b4:8f:76:32:6e:80:
         57:e6:e8:89:7c:01:49:43:dc:97:f0:4f:ea:d3:b1:38:d7:65:
         5c:f4:e7:98:f3:45:e4:95:ba:cf:f0:e0:17:cd:af:a2:c7:4e:
         78:87:27:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/8s90v0qQfHDvAYU0D+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwNjEwMDQwMTEwWhcNMjUwNjExMDQwMTEwWjAzMTEwLwYDVQQD
EyhiOTI5YmFkZWFkZTBhMWNlZjA1NTIxYTI1MWFlNmFiNDVkY2NkNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSsR9Q90Zf4CbcqGf6X2Fv/hhX/5
9f6kuSuZmZfmR0+CubVrJIgDNGR98Kr6lV5mvfBISMCX6nrFAuPlTuUkJDZPoPOU
xVEYwef9vAWdZvoBdQL7A+MhRdLEGEHJ3j98yA5yt8ebPo7+MCJ80b3W+4LZY3nR
xqaoVkPRGi1JGQmsz8RA7lFQDdRuml3n/25SHFJ0otjKtePfOwRfJnTfxfXewkue
fOLXvvtzMolsugna2Bj1/9bTlD2l+sMqu77t0H5LKoGYGWAqBhzHRN3l6+HSylAG
ba6/ZBIX4KIgFySmMb2eNka5XXIA73pPSnDP2ohKFWb0abVwA5ir3oMXGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkput6t4KHO8FUholGuarRdzNbgMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD/Dtef33
gNzBFpe6fF2S2dUmLrjcAv45Ls7peCQRihDHeVXRLmWSCa4E0njmPF6VZ1xUHgd/
rcmi+EfT7zOhEF7aZM2/3SF1aFnlNkcKvdIpO24GoiAawCmF/Be2e8n9Fup7PvJs
W2Y9MmH9A44Pv8C5kqGhZryCj5kBYhAAoy8ZE0oarZ8CqKNe/jbaRitd1TvDotbI
XP7ePGFzgfIp88gAyKMG07DGAl+rS9nP4Vrb1phZYMrtrbQD+SEVNoC5fGkespSH
3Mqh0rAqNNj36G64tI92Mm6AV+boiXwBSUPcl/BP6tOxONdlXPTnmPNF5JW6z/Dg
F82vosdOeIcneQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:34:20 2025 by rpki-client