Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File:                     Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier:          SsDpWV1ke9A8du7e/tpODusNQv5btM9AW4e6mNEn304=
Subject key identifier:   EE:DA:42:DC:C0:11:DA:E0:60:B0:A3:60:02:F2:EF:37:97:65:F1:3D
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer:       /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial:       01975DCB4C7F69635C414C66895DCC8C5D42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number:          05DE
Signing time:             Wed 11 Jun 2025 07:01:33 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:33 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:33 +0000
Files and hashes:         1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
                          2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: NxVOhR/BgluL94t9M5ulJ1pwl78hEAe9bhJ+sMJUbh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 07:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:cb:4c:7f:69:63:5c:41:4c:66:89:5d:cc:8c:5d:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
        Validity
            Not Before: Jun 11 07:01:33 2025 GMT
            Not After : Jun 12 07:01:33 2025 GMT
        Subject: CN=eeda42dcc011dae060b0a36002f2ef379765f13d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:36:cd:a2:53:6c:ba:d8:18:27:4e:ee:8a:94:
                    8c:6f:8d:81:6a:59:84:8b:e6:12:53:0f:5f:7a:2a:
                    72:47:b6:3d:ab:96:3b:57:2d:53:5a:90:67:e1:ed:
                    4a:1a:03:21:76:a9:6e:2c:06:69:06:cc:0e:84:13:
                    11:4b:eb:7a:7e:d4:e0:d1:b4:2f:16:aa:52:c8:95:
                    46:76:98:c0:48:74:86:68:e9:2c:d4:0c:dd:8a:fa:
                    99:a4:a7:c3:bd:4e:a7:8b:65:b2:39:bd:ab:94:5d:
                    8c:23:e8:0e:72:8e:f0:2c:5b:87:fc:bb:ae:25:88:
                    2c:33:74:f1:b8:9a:7c:fa:55:6f:25:37:c0:16:fe:
                    6c:4d:6a:7e:2f:54:66:31:e5:31:a9:1e:cc:0d:28:
                    c2:66:56:63:2b:86:c2:a8:5f:93:a7:ab:88:c4:33:
                    f2:d9:71:b6:3e:c1:b7:e7:e0:30:2c:5a:39:4f:5f:
                    44:7d:ba:92:22:e9:93:41:e8:1e:f4:5a:ae:34:93:
                    84:47:09:2c:6a:14:f2:ae:f3:e3:0f:6a:ea:d1:b1:
                    22:03:8f:4c:8a:2f:0e:53:dc:d7:77:48:81:f2:f1:
                    90:0a:d2:fa:52:e9:fd:f6:8a:e2:ae:1a:18:e6:03:
                    c2:d6:48:76:9f:a2:44:ba:88:c3:41:b5:c1:ca:b7:
                    3a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:DA:42:DC:C0:11:DA:E0:60:B0:A3:60:02:F2:EF:37:97:65:F1:3D
            X509v3 Authority Key Identifier:
                keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:16:f5:de:63:1d:05:33:75:78:6e:87:2d:29:fc:e7:4b:22:
         f5:2b:23:df:d8:87:94:35:a2:15:31:3a:87:b0:87:bd:50:8e:
         56:23:75:4f:ef:71:30:b3:ab:f5:9e:4d:f1:ed:7b:ff:58:d5:
         0f:f1:8b:07:3e:0b:9e:8a:64:83:73:6f:a3:74:d2:a8:69:78:
         1a:a3:cb:8d:3d:f1:f6:d9:97:08:bd:98:e3:90:50:c0:72:10:
         8a:5c:cd:c6:6f:a9:9c:55:e9:57:11:84:93:dd:5b:ab:dc:5e:
         58:13:84:a8:8d:7e:cb:2c:f0:69:54:17:57:92:fe:29:f2:da:
         ea:89:b8:93:92:c8:07:83:b1:cd:26:04:51:7f:79:56:0e:6b:
         80:b0:74:e0:fb:c2:32:b2:2c:3c:de:26:a6:27:be:77:08:cd:
         7e:f4:8a:79:2d:11:9e:5e:cf:07:bd:ae:19:6c:52:d0:a9:90:
         06:74:88:d9:91:11:9d:22:0f:7a:6a:2a:8a:09:dd:32:c6:22:
         ff:68:b9:68:ea:97:03:96:9f:2f:8b:56:8a:7d:c4:4a:18:57:
         42:df:0a:8a:a4:b8:19:5c:fc:e8:c5:54:66:8c:86:cf:96:5f:
         1f:34:42:22:91:2c:0d:6e:38:8a:0f:e8:3d:ef:d0:dc:70:74:
         f8:ba:e4:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddy0x/aWNcQUxmiV3MjF1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwNjExMDcwMTMzWhcNMjUwNjEyMDcwMTMzWjAzMTEwLwYDVQQD
EyhlZWRhNDJkY2MwMTFkYWUwNjBiMGEzNjAwMmYyZWYzNzk3NjVmMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjbNolNsutgYJ07uipSMb42BalmE
i+YSUw9feipyR7Y9q5Y7Vy1TWpBn4e1KGgMhdqluLAZpBswOhBMRS+t6ftTg0bQv
FqpSyJVGdpjASHSGaOks1AzdivqZpKfDvU6ni2WyOb2rlF2MI+gOco7wLFuH/Luu
JYgsM3TxuJp8+lVvJTfAFv5sTWp+L1RmMeUxqR7MDSjCZlZjK4bCqF+Tp6uIxDPy
2XG2PsG35+AwLFo5T19EfbqSIumTQege9FquNJOERwksahTyrvPjD2rq0bEiA49M
ii8OU9zXd0iB8vGQCtL6Uun99orirhoY5gPC1kh2n6JEuojDQbXByrc6AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7aQtzAEdrgYLCjYALy7zeXZfE9MB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAixb13mMd
BTN1eG6HLSn850si9Ssj39iHlDWiFTE6h7CHvVCOViN1T+9xMLOr9Z5N8e17/1jV
D/GLBz4Lnopkg3Nvo3TSqGl4GqPLjT3x9tmXCL2Y45BQwHIQilzNxm+pnFXpVxGE
k91bq9xeWBOEqI1+yyzwaVQXV5L+KfLa6om4k5LIB4OxzSYEUX95Vg5rgLB04PvC
MrIsPN4mpie+dwjNfvSKeS0Rnl7PB72uGWxS0KmQBnSI2ZERnSIPemoqigndMsYi
/2i5aOqXA5afL4tWin3EShhXQt8KiqS4GVz86MVUZoyGz5ZfHzRCIpEsDW44ig/o
Pe/Q3HB0+LrkXg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:59:25 2025 by rpki-client