Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          vmvJbnXlyCgQgJrTAAFXSOaX6TL6dGBtSEfqd6xTKSc=
Subject key identifier:   63:06:53:7A:9E:D6:C2:EC:CF:57:D4:8F:44:6E:4D:69:E8:DB:BA:42
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       0196CEE2BEF59A7261764EB093BD8A89CF3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0CDE
Signing time:             Wed 14 May 2025 13:01:28 +0000
Manifest this update:     Wed 14 May 2025 13:01:28 +0000
Manifest next update:     Thu 15 May 2025 13:01:28 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: kVa8ev7G627XjShnHg1F2cjSuNDyMm+bxJJMxtc3WNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:be:f5:9a:72:61:76:4e:b0:93:bd:8a:89:cf:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: May 14 13:01:28 2025 GMT
            Not After : May 15 13:01:28 2025 GMT
        Subject: CN=6306537a9ed6c2eccf57d48f446e4d69e8dbba42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9b:78:eb:07:2d:c3:af:13:cb:3b:44:2c:06:
                    e7:f8:c5:29:f9:7a:0e:74:87:64:e8:40:2f:5a:b6:
                    b5:55:26:f0:40:bb:49:62:23:ee:be:6f:49:6f:8a:
                    4e:f6:11:d0:71:0b:48:7e:9c:18:6d:85:d8:aa:b8:
                    f9:fc:dd:0e:f4:84:b1:12:47:97:2b:54:6a:da:9a:
                    6a:44:96:74:11:66:f8:5e:20:3c:93:c3:de:be:f7:
                    24:1b:dd:2b:e9:52:61:8b:a5:c8:f8:a3:85:af:66:
                    82:f1:6d:bf:85:1f:77:fd:7b:55:f3:29:ba:76:08:
                    00:5e:65:34:a2:d5:2e:c5:fc:8f:47:6c:be:4c:bb:
                    1f:3c:6d:3c:99:6b:45:54:51:73:b2:fa:8c:8d:25:
                    b7:c3:1e:53:15:ee:08:ed:80:a0:dd:31:a7:e6:97:
                    13:af:73:12:fd:6a:50:df:62:1f:e1:bc:fb:f1:25:
                    8e:43:39:ff:09:c3:8a:86:a7:bf:1c:9b:e3:d8:ca:
                    21:28:58:98:af:e6:f8:f3:3d:c8:96:50:b6:b0:ea:
                    60:e7:0a:d5:dd:dc:95:57:f9:c8:74:a7:09:70:78:
                    4c:40:03:74:94:61:fa:6f:5b:0d:0c:c2:7f:01:c3:
                    e4:43:a9:ff:fe:9e:3b:59:c1:4e:a0:a1:cc:1f:1b:
                    ef:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:06:53:7A:9E:D6:C2:EC:CF:57:D4:8F:44:6E:4D:69:E8:DB:BA:42
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:fe:df:f0:94:7a:97:cf:4f:25:63:17:3f:84:6a:72:f9:50:
         2e:39:ba:01:8c:aa:fb:09:a0:ed:b5:dd:da:c5:d2:3d:de:9f:
         90:a4:80:34:f9:6b:cf:af:a1:69:54:bb:38:13:99:89:6d:84:
         e0:a9:a4:99:48:4e:78:3e:0e:fd:9a:ae:6a:f9:2d:12:d3:af:
         68:39:e5:d8:fe:3b:f6:7e:84:53:bd:da:2c:c1:86:35:4c:3a:
         51:46:1c:a1:80:8d:77:a4:a6:fb:fe:30:07:99:19:37:93:49:
         5d:cc:59:dc:d3:f1:93:3d:fa:42:74:3f:8c:fc:a2:9c:a3:0f:
         ed:6a:b0:40:57:0c:72:f7:37:91:07:3e:04:45:f0:23:ec:cb:
         b9:74:da:d4:b2:3a:27:f4:4c:34:7c:91:a8:f9:05:6e:6c:7f:
         5c:a7:47:4f:cf:c6:60:5e:51:91:c3:4c:fa:bd:bc:a6:68:f4:
         fb:da:a4:13:27:16:38:41:63:9c:7a:0c:d0:37:42:10:0b:2b:
         a6:37:1b:08:ac:d5:bc:76:91:71:3d:45:c6:10:4c:64:50:9c:
         57:5b:65:c1:44:10:07:90:3c:9c:e9:f4:22:2e:b9:47:51:80:
         bc:78:a9:17:5d:54:f7:3b:66:36:d7:70:eb:ce:86:90:00:6d:
         62:87:ae:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4r71mnJhdk6wk72Kic8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwNTE0MTMwMTI4WhcNMjUwNTE1MTMwMTI4WjAzMTEwLwYDVQQD
Eyg2MzA2NTM3YTllZDZjMmVjY2Y1N2Q0OGY0NDZlNGQ2OWU4ZGJiYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpt46wctw68TyztELAbn+MUp+XoO
dIdk6EAvWra1VSbwQLtJYiPuvm9Jb4pO9hHQcQtIfpwYbYXYqrj5/N0O9ISxEkeX
K1Rq2ppqRJZ0EWb4XiA8k8PevvckG90r6VJhi6XI+KOFr2aC8W2/hR93/XtV8ym6
dggAXmU0otUuxfyPR2y+TLsfPG08mWtFVFFzsvqMjSW3wx5TFe4I7YCg3TGn5pcT
r3MS/WpQ32If4bz78SWOQzn/CcOKhqe/HJvj2MohKFiYr+b48z3IllC2sOpg5wrV
3dyVV/nIdKcJcHhMQAN0lGH6b1sNDMJ/AcPkQ6n//p47WcFOoKHMHxvvmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMGU3qe1sLsz1fUj0RuTWno27pCMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHP7f8JR6
l89PJWMXP4RqcvlQLjm6AYyq+wmg7bXd2sXSPd6fkKSANPlrz6+haVS7OBOZiW2E
4KmkmUhOeD4O/ZquavktEtOvaDnl2P479n6EU73aLMGGNUw6UUYcoYCNd6Sm+/4w
B5kZN5NJXcxZ3NPxkz36QnQ/jPyinKMP7WqwQFcMcvc3kQc+BEXwI+zLuXTa1LI6
J/RMNHyRqPkFbmx/XKdHT8/GYF5RkcNM+r28pmj0+9qkEycWOEFjnHoM0DdCEAsr
pjcbCKzVvHaRcT1FxhBMZFCcV1tlwUQQB5A8nOn0Ii65R1GAvHipF11U9ztmNtdw
686GkABtYoeumQ==
-----END CERTIFICATE-----