Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          DS4fN/TeBcyRO/jd76qlFpgFwdm52DGXjkNjXs+iAJw=
Subject key identifier:   ED:B3:03:96:05:AA:A1:86:F0:AF:3C:94:FB:2C:86:22:61:9C:61:38
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       0198D85040BB446920563E4B30FF48606CEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0DEC
Signing time:             Sat 23 Aug 2025 19:03:14 +0000
Manifest this update:     Sat 23 Aug 2025 19:03:14 +0000
Manifest next update:     Sun 24 Aug 2025 19:03:14 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: smd6YUEjN82i8utfR6UHKJA13z8qIsZxuoLozc4r83Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 17:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:40:bb:44:69:20:56:3e:4b:30:ff:48:60:6c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Aug 23 19:03:14 2025 GMT
            Not After : Aug 24 19:03:14 2025 GMT
        Subject: CN=edb3039605aaa186f0af3c94fb2c8622619c6138
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:25:b8:2f:fb:e9:8c:ae:82:66:fa:cf:82:45:
                    10:30:d8:ac:ef:c4:80:b9:78:88:d9:a1:cd:93:9f:
                    3f:4a:6b:9f:cb:39:db:d3:1f:b0:62:88:39:13:44:
                    69:7b:9e:a5:e1:7f:91:05:cd:29:66:2c:91:a0:46:
                    04:92:fc:d3:c6:fa:30:2e:02:d3:c1:c9:da:14:7f:
                    ee:b6:56:a6:41:5f:0b:ad:b9:e5:11:a6:73:c9:03:
                    7e:a6:80:af:ed:aa:47:ba:3c:fb:15:a4:14:fd:71:
                    b4:be:de:76:26:ba:b7:b2:39:e7:37:4a:96:77:69:
                    26:1a:2c:7e:26:fb:8b:4c:58:07:6e:86:d2:0d:7c:
                    97:77:d0:0f:8d:57:bd:81:80:04:e8:4d:40:d1:fb:
                    8c:c8:5d:df:a4:d4:a5:22:d5:cc:14:27:52:a1:ea:
                    a7:a7:13:50:89:46:e2:83:8e:9e:3b:b4:ae:ad:29:
                    11:eb:c5:eb:3e:b7:6b:8c:bd:e6:97:43:f9:e5:11:
                    d7:fa:0a:7d:2e:e0:bd:44:08:29:f4:46:43:ad:8c:
                    6b:96:35:d9:47:7c:e9:6c:71:97:40:03:1d:e4:52:
                    7c:14:6f:83:c9:f9:bd:67:fe:52:fe:74:d3:1a:31:
                    d4:30:0c:67:fd:4e:ed:d8:ff:00:7c:be:ed:dd:7a:
                    94:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:B3:03:96:05:AA:A1:86:F0:AF:3C:94:FB:2C:86:22:61:9C:61:38
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:4f:6b:aa:b6:60:fa:ec:81:5b:04:4d:cc:99:9f:20:35:c5:
         c7:a0:54:de:18:cb:ac:26:ff:74:9c:1c:18:f8:4a:3f:e1:ff:
         2c:63:9c:17:1b:cc:c4:b4:40:e5:1c:f0:a9:45:12:23:36:e3:
         88:bb:47:fe:ca:50:cf:49:d7:a6:25:b5:1e:01:aa:2f:88:31:
         00:92:9a:a1:96:aa:5f:b9:3e:5f:86:ea:59:12:97:af:cd:6b:
         1d:ae:b1:d5:26:91:bc:27:41:00:31:44:a6:68:a0:3d:d5:9d:
         7b:0b:71:12:b0:67:54:ba:0f:b8:82:e5:0f:b3:be:dc:fd:04:
         1b:e0:e1:d3:e6:0a:af:63:1c:17:75:32:59:47:b9:e6:dc:39:
         d6:6c:45:cb:1a:d0:bd:89:3f:33:a7:0e:af:25:4d:c5:49:eb:
         cd:e3:0f:91:bf:d6:e0:1d:e6:b1:f5:f3:1c:c7:65:f8:ee:8a:
         15:5c:cd:49:20:0a:fc:61:e5:66:cc:cc:6a:97:4e:8d:7c:ec:
         8b:e6:95:c5:1d:58:05:b6:94:7e:75:96:a5:30:8d:bc:2c:3a:
         96:84:21:03:70:de:3d:4f:a1:26:63:19:f3:35:d0:c0:01:77:
         67:95:17:03:ec:ce:10:c0:0d:0c:cd:fe:64:ea:ab:b8:98:17:
         60:ea:f6:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUEC7RGkgVj5LMP9IYGzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwODIzMTkwMzE0WhcNMjUwODI0MTkwMzE0WjAzMTEwLwYDVQQD
EyhlZGIzMDM5NjA1YWFhMTg2ZjBhZjNjOTRmYjJjODYyMjYxOWM2MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iW4L/vpjK6CZvrPgkUQMNis78SA
uXiI2aHNk58/Smufyznb0x+wYog5E0Rpe56l4X+RBc0pZiyRoEYEkvzTxvowLgLT
wcnaFH/utlamQV8LrbnlEaZzyQN+poCv7apHujz7FaQU/XG0vt52Jrq3sjnnN0qW
d2kmGix+JvuLTFgHbobSDXyXd9APjVe9gYAE6E1A0fuMyF3fpNSlItXMFCdSoeqn
pxNQiUbig46eO7SurSkR68XrPrdrjL3ml0P55RHX+gp9LuC9RAgp9EZDrYxrljXZ
R3zpbHGXQAMd5FJ8FG+Dyfm9Z/5S/nTTGjHUMAxn/U7t2P8AfL7t3XqUPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2zA5YFqqGG8K88lPsshiJhnGE4MB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATU9rqrZg
+uyBWwRNzJmfIDXFx6BU3hjLrCb/dJwcGPhKP+H/LGOcFxvMxLRA5RzwqUUSIzbj
iLtH/spQz0nXpiW1HgGqL4gxAJKaoZaqX7k+X4bqWRKXr81rHa6x1SaRvCdBADFE
pmigPdWdewtxErBnVLoPuILlD7O+3P0EG+Dh0+YKr2McF3UyWUe55tw51mxFyxrQ
vYk/M6cOryVNxUnrzeMPkb/W4B3msfXzHMdl+O6KFVzNSSAK/GHlZszMapdOjXzs
i+aVxR1YBbaUfnWWpTCNvCw6loQhA3DePU+hJmMZ8zXQwAF3Z5UXA+zOEMANDM3+
ZOqruJgXYOr2kw==
-----END CERTIFICATE-----