Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File:                     Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier:          k+xxH3XDMUUYNwCV248MpwkUwb0M6DnVZQnDF8z9gXU=
Subject key identifier:   24:02:D4:9B:8E:B0:92:10:A0:31:FD:E3:96:CA:74:59:C1:8D:D3:20
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer:       /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial:       01975BDD08E255A902F40BC76383A4203CBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number:          05DD
Signing time:             Tue 10 Jun 2025 22:01:41 +0000
Manifest this update:     Tue 10 Jun 2025 22:01:41 +0000
Manifest next update:     Wed 11 Jun 2025 22:01:41 +0000
Files and hashes:         1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
                          2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: KGP1/dkKJ3D9VzhRGtzb9Q6aJ34DVrI/erOrhsj8skM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 22:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:dd:08:e2:55:a9:02:f4:0b:c7:63:83:a4:20:3c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
        Validity
            Not Before: Jun 10 22:01:41 2025 GMT
            Not After : Jun 11 22:01:41 2025 GMT
        Subject: CN=2402d49b8eb09210a031fde396ca7459c18dd320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bc:97:78:c8:fa:ec:c7:7c:0d:40:c5:be:30:
                    07:4b:0f:32:90:5e:ae:8d:03:fa:30:f0:49:94:a5:
                    49:29:95:8d:53:ca:54:b5:b1:61:ea:ca:d8:d2:2d:
                    7f:3b:57:c4:ec:7e:c4:f5:34:89:f0:ae:5d:86:38:
                    fb:c1:23:d2:53:b8:09:4b:ae:42:f3:9b:4e:f4:53:
                    9e:ae:90:6f:51:c1:90:84:79:c7:fc:93:c5:30:ab:
                    ef:8f:6e:2a:14:a1:06:3f:fe:24:87:f3:e6:45:22:
                    90:2f:2f:08:87:c7:43:b3:46:b3:a1:b0:be:cd:91:
                    77:1b:1e:47:ec:10:79:41:4c:2e:60:4a:ce:bb:29:
                    41:fd:b8:61:a5:cc:ac:ed:11:91:80:9d:f9:a8:a0:
                    dc:ad:4e:77:5f:c2:cf:9a:16:7a:8b:22:77:62:1c:
                    a0:7e:74:d9:62:a6:c0:73:72:22:43:ad:84:1c:31:
                    dd:3e:c0:92:76:05:1d:99:4b:8e:db:7f:b0:21:8e:
                    65:ea:4d:f9:75:2d:0f:50:3b:9b:f1:33:cb:ab:2b:
                    bf:a7:a4:f7:c0:13:52:af:ef:b8:95:bd:b3:0e:a6:
                    ae:61:d4:e5:90:53:23:de:ef:d5:35:ab:9c:84:37:
                    74:01:25:fc:93:4d:49:e7:eb:02:6a:17:51:e3:94:
                    55:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:02:D4:9B:8E:B0:92:10:A0:31:FD:E3:96:CA:74:59:C1:8D:D3:20
            X509v3 Authority Key Identifier:
                keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ad:1a:7f:c8:ab:4a:09:78:47:fc:40:40:4e:86:61:5e:51:
         9a:e5:1f:80:cb:ba:a8:c6:7f:8d:cb:0b:5d:0b:ed:ba:fd:be:
         64:6e:dc:4e:c4:2d:cc:33:7b:27:55:32:2b:c8:fb:aa:c9:bc:
         94:d3:4f:39:80:43:e3:5c:d4:a4:1b:7a:77:94:8e:6f:43:fe:
         89:56:76:f1:d2:aa:1c:dc:ee:c4:36:58:40:f3:4b:60:11:fb:
         be:75:ea:1d:5e:aa:12:8e:58:fb:4c:09:ea:c0:b6:dd:af:23:
         fc:f8:2c:2d:e9:3b:2f:86:e8:c1:94:5e:65:ed:3e:07:5a:95:
         eb:25:b1:ad:ab:4d:b2:96:4e:a1:3e:f7:20:07:98:b9:82:76:
         37:69:f5:71:89:f0:44:c1:c7:d8:d6:e0:42:ba:7e:d9:e7:2e:
         b3:76:f5:68:bc:8b:5b:95:07:f1:ed:52:58:71:66:f0:b9:48:
         31:50:87:c7:bf:ab:89:cf:e7:ea:b4:94:f7:d0:c7:af:74:5a:
         e9:2b:ff:a0:aa:28:d1:e2:b0:f2:bd:16:9c:32:07:2d:67:d0:
         e6:37:dc:54:3a:6c:89:f4:e9:dd:13:10:29:87:78:86:65:e3:
         15:24:87:3b:6a:11:e3:bc:c5:2e:b4:a9:f2:a6:e9:3f:e7:5c:
         37:ae:a7:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb3QjiVakC9AvHY4OkIDy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwNjEwMjIwMTQxWhcNMjUwNjExMjIwMTQxWjAzMTEwLwYDVQQD
EygyNDAyZDQ5YjhlYjA5MjEwYTAzMWZkZTM5NmNhNzQ1OWMxOGRkMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7yXeMj67Md8DUDFvjAHSw8ykF6u
jQP6MPBJlKVJKZWNU8pUtbFh6srY0i1/O1fE7H7E9TSJ8K5dhjj7wSPSU7gJS65C
85tO9FOerpBvUcGQhHnH/JPFMKvvj24qFKEGP/4kh/PmRSKQLy8Ih8dDs0azobC+
zZF3Gx5H7BB5QUwuYErOuylB/bhhpcys7RGRgJ35qKDcrU53X8LPmhZ6iyJ3Yhyg
fnTZYqbAc3IiQ62EHDHdPsCSdgUdmUuO23+wIY5l6k35dS0PUDub8TPLqyu/p6T3
wBNSr++4lb2zDqauYdTlkFMj3u/VNauchDd0ASX8k01J5+sCahdR45RVuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQC1JuOsJIQoDH945bKdFnBjdMgMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZK0af8ir
Sgl4R/xAQE6GYV5RmuUfgMu6qMZ/jcsLXQvtuv2+ZG7cTsQtzDN7J1UyK8j7qsm8
lNNPOYBD41zUpBt6d5SOb0P+iVZ28dKqHNzuxDZYQPNLYBH7vnXqHV6qEo5Y+0wJ
6sC23a8j/PgsLek7L4bowZReZe0+B1qV6yWxratNspZOoT73IAeYuYJ2N2n1cYnw
RMHH2NbgQrp+2ecus3b1aLyLW5UH8e1SWHFm8LlIMVCHx7+ric/n6rSU99DHr3Ra
6Sv/oKoo0eKw8r0WnDIHLWfQ5jfcVDpsifTp3RMQKYd4hmXjFSSHO2oR47zFLrSp
8qbpP+dcN66njA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:47:35 2025 by rpki-client