Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          aADAqdz/aCfuy60nhSWt1vrcq/jJ0ZnBvamLQYJEfjY=
Subject key identifier:   34:31:1C:0B:3A:75:7B:B3:60:1E:D4:FC:38:91:8D:72:86:B8:B9:C6
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       0197C94BD7FCE49E8068C08EB8524A8B2ABC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          0E23
Signing time:             Wed 02 Jul 2025 04:01:20 +0000
Manifest this update:     Wed 02 Jul 2025 04:01:20 +0000
Manifest next update:     Thu 03 Jul 2025 04:01:20 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: td/2YAhN9jCeERFHbh13WZa036qkUc9+89aNPER7xi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4b:d7:fc:e4:9e:80:68:c0:8e:b8:52:4a:8b:2a:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: Jul  2 04:01:20 2025 GMT
            Not After : Jul  3 04:01:20 2025 GMT
        Subject: CN=34311c0b3a757bb3601ed4fc38918d7286b8b9c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:73:84:68:cb:4b:ef:cf:53:dc:4e:af:c9:16:
                    07:07:d9:29:4c:9d:d9:25:13:87:ea:3f:84:70:64:
                    80:f2:91:1a:7f:4a:0c:08:95:2c:26:1f:9d:ad:31:
                    58:51:05:4f:72:cd:8a:88:f4:12:85:ee:fd:8a:b1:
                    fe:d9:a0:74:4a:ba:95:1c:7b:63:b6:a9:c1:2c:bb:
                    c8:77:0f:66:f6:2c:9b:8f:1f:a1:47:29:96:c1:ba:
                    9d:15:2a:6a:50:82:5d:06:e3:ff:35:ed:81:aa:80:
                    de:76:e5:b5:8f:03:46:4a:c2:6d:6f:0f:86:62:ca:
                    67:52:ef:34:a9:7b:b3:67:ac:dd:a9:5d:f4:67:ca:
                    f9:50:66:42:d0:c4:5c:de:2e:be:5b:27:64:2a:0c:
                    09:7c:a2:08:6f:a8:89:0e:db:00:b3:7c:48:2d:62:
                    2e:a4:a1:70:e9:39:44:ac:00:28:f4:7e:73:c0:93:
                    4e:7b:06:ee:52:6a:dc:2d:4b:dc:ac:81:37:15:eb:
                    d6:07:a3:9d:62:d5:c9:91:c3:d6:a3:64:89:db:b2:
                    34:46:8e:91:21:0e:6f:7f:13:1d:a4:b8:5b:84:85:
                    ee:7d:96:4c:b4:5f:87:71:1a:11:f0:6b:f8:13:8c:
                    b3:dc:60:37:8c:0a:49:d9:18:1f:c9:de:cb:a2:fa:
                    69:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:31:1C:0B:3A:75:7B:B3:60:1E:D4:FC:38:91:8D:72:86:B8:B9:C6
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:72:15:a6:27:87:93:6a:fa:12:f8:93:6b:04:1d:55:41:c2:
         94:bc:ad:cd:3d:08:40:0c:76:dc:7f:32:a1:cd:ea:5c:2a:91:
         40:6a:09:4e:8d:d4:25:ee:a4:22:42:41:f4:9d:1b:8d:67:45:
         5c:ac:ad:fb:3f:dd:0e:56:50:33:b0:d5:4c:ae:b7:ab:75:0d:
         19:c9:e4:ff:fd:c0:5e:ad:38:d4:93:17:2e:f8:99:e0:31:87:
         17:aa:6d:57:7b:67:90:11:0d:71:62:31:1a:6d:4f:36:c0:21:
         39:de:53:88:7e:1e:98:c1:f4:5f:0e:e9:97:3d:c3:1a:3f:8b:
         f8:a3:42:05:6f:74:7f:e5:d7:0a:6e:17:fe:7f:47:90:06:6b:
         90:a6:5a:30:c2:3f:f8:d0:b7:6b:df:fc:dd:f4:3b:89:c6:df:
         af:97:2d:6d:8f:b7:d6:62:84:6b:9d:3d:a2:b6:90:a1:6a:bb:
         ed:42:ca:9b:43:e8:77:04:b1:10:da:11:ba:1e:f7:72:76:ef:
         9d:88:d1:12:90:15:4f:5c:a6:bf:9a:f3:51:bc:b8:65:ee:61:
         36:f8:81:ed:4a:16:d5:c4:89:8a:44:a0:5c:66:33:61:53:71:
         e6:b1:62:8d:85:4b:2e:64:c1:6f:4b:df:9d:56:c8:62:7b:4c:
         70:28:76:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS9f85J6AaMCOuFJKiyq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjUwNzAyMDQwMTIwWhcNMjUwNzAzMDQwMTIwWjAzMTEwLwYDVQQD
EygzNDMxMWMwYjNhNzU3YmIzNjAxZWQ0ZmMzODkxOGQ3Mjg2YjhiOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3OEaMtL789T3E6vyRYHB9kpTJ3Z
JROH6j+EcGSA8pEaf0oMCJUsJh+drTFYUQVPcs2KiPQShe79irH+2aB0SrqVHHtj
tqnBLLvIdw9m9iybjx+hRymWwbqdFSpqUIJdBuP/Ne2BqoDeduW1jwNGSsJtbw+G
YspnUu80qXuzZ6zdqV30Z8r5UGZC0MRc3i6+WydkKgwJfKIIb6iJDtsAs3xILWIu
pKFw6TlErAAo9H5zwJNOewbuUmrcLUvcrIE3FevWB6OdYtXJkcPWo2SJ27I0Ro6R
IQ5vfxMdpLhbhIXufZZMtF+HcRoR8Gv4E4yz3GA3jApJ2Rgfyd7LovppcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQxHAs6dXuzYB7U/DiRjXKGuLnGMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3IVpieH
k2r6EviTawQdVUHClLytzT0IQAx23H8yoc3qXCqRQGoJTo3UJe6kIkJB9J0bjWdF
XKyt+z/dDlZQM7DVTK63q3UNGcnk//3AXq041JMXLviZ4DGHF6ptV3tnkBENcWIx
Gm1PNsAhOd5TiH4emMH0Xw7plz3DGj+L+KNCBW90f+XXCm4X/n9HkAZrkKZaMMI/
+NC3a9/83fQ7icbfr5ctbY+31mKEa509oraQoWq77ULKm0PodwSxENoRuh73cnbv
nYjREpAVT1ymv5rzUby4Ze5hNviB7UoW1cSJikSgXGYzYVNx5rFijYVLLmTBb0vf
nVbIYntMcCh2AQ==
-----END CERTIFICATE-----