Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          iy8Q88da13OgAHjrfk2hXyb3PXy9kXze7Vq8INRMKcU=
Subject key identifier:   DA:18:35:F7:28:35:4B:5A:54:14:6D:1D:93:43:FF:81:DA:8F:2D:67
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       0197488C62049A4A45734560E62DF444166E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          1163
Signing time:             Sat 07 Jun 2025 04:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:48 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: v5cbHme3OQHnbuv5P501smVfo7LF+6o0ItGYSp0UrAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:62:04:9a:4a:45:73:45:60:e6:2d:f4:44:16:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Jun  7 04:00:48 2025 GMT
            Not After : Jun  8 04:00:48 2025 GMT
        Subject: CN=da1835f728354b5a54146d1d9343ff81da8f2d67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:aa:d5:73:78:af:bc:01:b4:80:0f:0c:d8:92:
                    d1:54:8d:a1:a3:f1:2b:1b:55:80:aa:50:7f:07:2c:
                    a2:9d:54:b2:16:2d:54:d9:c2:fd:bd:27:fb:a9:22:
                    f5:a5:99:a0:c2:be:51:38:50:94:a3:99:92:ad:a7:
                    62:14:54:50:c4:a9:fc:12:06:6f:41:66:61:0b:02:
                    64:79:ab:ee:c2:cc:96:6c:b4:a7:35:ae:de:2b:a7:
                    ac:5b:52:10:22:39:fa:9d:8c:98:39:e1:90:28:cb:
                    42:61:b6:0a:6d:1a:22:6c:2c:39:ed:e5:53:a6:6b:
                    8d:2e:96:d7:65:e1:84:36:f0:89:40:c3:25:02:f6:
                    1b:a2:1d:b5:a2:fd:f8:bc:d7:11:a4:a9:f5:4c:25:
                    0e:47:5e:47:67:a1:c3:e8:72:28:4c:c8:dd:f4:66:
                    f3:a1:6c:b1:aa:63:56:d8:e1:60:a0:13:30:43:49:
                    1b:33:4d:3b:e5:d1:9d:89:e2:f4:d9:51:1e:63:9a:
                    88:00:07:96:b1:4c:6c:e5:22:fb:25:3d:fd:92:52:
                    ac:18:d7:5c:7e:80:39:9f:68:5a:a8:3e:96:82:85:
                    86:98:0e:1d:6b:0a:28:ba:95:a1:0b:7a:af:07:0b:
                    c9:05:b1:ff:0c:b9:41:0e:23:00:0a:53:ed:11:be:
                    63:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:18:35:F7:28:35:4B:5A:54:14:6D:1D:93:43:FF:81:DA:8F:2D:67
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:9c:2b:4c:29:e5:61:0e:d6:1c:c7:37:bb:16:ab:67:c6:bc:
         78:a5:ab:81:37:35:21:6e:87:af:49:37:de:bc:14:1d:a1:8e:
         5a:5b:e5:82:c9:16:8d:bc:47:4a:21:c6:28:7e:ff:47:c1:e2:
         5f:37:9d:a8:d7:dd:5f:e4:4f:5b:28:cd:a6:b2:eb:11:f1:60:
         f4:66:73:b2:f5:63:04:ab:aa:b9:ef:b4:60:8a:3c:7c:66:82:
         72:f7:e6:62:ab:80:74:c5:7b:48:e0:d0:b0:9e:80:17:46:36:
         98:92:e6:e8:fc:2a:e5:43:fb:4b:11:2c:1a:19:ea:0e:d4:b7:
         cc:7d:82:66:ac:1b:8f:19:a9:52:ed:d8:e4:b4:3c:04:12:1c:
         e7:8c:fb:69:4f:bd:00:1b:45:4d:6f:d0:16:a7:61:4b:66:e0:
         a1:62:1c:c1:e7:6f:ff:af:8f:bb:bd:a3:a9:9b:ce:c0:57:6b:
         54:3f:e8:78:c8:e6:80:f4:f5:77:0b:60:51:5a:5f:60:5f:fa:
         4c:42:d6:c3:74:fe:70:eb:ea:fa:92:ef:35:3e:b4:fd:dd:fd:
         bb:85:5e:96:4a:d5:35:5d:a8:24:6a:31:fa:f8:9f:1c:4f:9b:
         23:cb:f6:93:2e:f7:94:30:0a:97:52:77:6d:67:18:16:f8:a9:
         28:12:18:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGIEmkpFc0Vg5i30RBZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjUwNjA3MDQwMDQ4WhcNMjUwNjA4MDQwMDQ4WjAzMTEwLwYDVQQD
EyhkYTE4MzVmNzI4MzU0YjVhNTQxNDZkMWQ5MzQzZmY4MWRhOGYyZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqrVc3ivvAG0gA8M2JLRVI2ho/Er
G1WAqlB/ByyinVSyFi1U2cL9vSf7qSL1pZmgwr5ROFCUo5mSradiFFRQxKn8EgZv
QWZhCwJkeavuwsyWbLSnNa7eK6esW1IQIjn6nYyYOeGQKMtCYbYKbRoibCw57eVT
pmuNLpbXZeGENvCJQMMlAvYboh21ov34vNcRpKn1TCUOR15HZ6HD6HIoTMjd9Gbz
oWyxqmNW2OFgoBMwQ0kbM0075dGdieL02VEeY5qIAAeWsUxs5SL7JT39klKsGNdc
foA5n2haqD6WgoWGmA4dawooupWhC3qvBwvJBbH/DLlBDiMAClPtEb5jJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoYNfcoNUtaVBRtHZND/4Hajy1nMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZwrTCnl
YQ7WHMc3uxarZ8a8eKWrgTc1IW6Hr0k33rwUHaGOWlvlgskWjbxHSiHGKH7/R8Hi
XzedqNfdX+RPWyjNprLrEfFg9GZzsvVjBKuque+0YIo8fGaCcvfmYquAdMV7SODQ
sJ6AF0Y2mJLm6Pwq5UP7SxEsGhnqDtS3zH2CZqwbjxmpUu3Y5LQ8BBIc54z7aU+9
ABtFTW/QFqdhS2bgoWIcwedv/6+Pu72jqZvOwFdrVD/oeMjmgPT1dwtgUVpfYF/6
TELWw3T+cOvq+pLvNT60/d39u4VelkrVNV2oJGox+vifHE+bI8v2ky73lDAKl1J3
bWcYFvipKBIYdA==
-----END CERTIFICATE-----