Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          5UdMJKaNAr7Jddle0cpxdNv8Baj5aC+sghqeEaX6Yc0=
Subject key identifier:   DB:73:73:21:17:8A:D9:FA:FF:99:13:2B:F9:09:06:79:09:8D:4C:1E
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       0197B6D76E7815E057A195340287D50F2688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          041E
Signing time:             Sat 28 Jun 2025 14:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:01 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: p+PwFLALy6hc9IE2fvd+hzAXbvQ8Hqq9xtVIrsKPISo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:6e:78:15:e0:57:a1:95:34:02:87:d5:0f:26:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Jun 28 14:01:01 2025 GMT
            Not After : Jun 29 14:01:01 2025 GMT
        Subject: CN=db737321178ad9faff99132bf9090679098d4c1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c5:7a:8e:27:f0:6d:d1:ae:b7:93:05:6a:09:
                    54:b5:47:d1:3b:82:b0:a9:30:0f:c5:82:f9:a2:7f:
                    d2:6d:f8:49:78:a0:70:30:05:cf:f6:54:3a:93:20:
                    d4:83:b2:95:28:06:36:20:8a:ce:ee:10:1d:fa:92:
                    61:ef:ef:b1:54:31:7f:26:a0:df:c2:6f:0e:0e:3f:
                    fa:a1:d0:0c:95:4b:a6:c0:72:ec:96:ab:b7:1d:41:
                    cc:5d:65:05:48:aa:a5:c9:dd:c1:c3:8b:f1:d2:d4:
                    d5:e4:f3:7d:3e:cf:9d:10:b7:83:53:e5:e8:cf:f7:
                    d7:e8:77:68:5b:e3:d7:8b:e3:ba:e9:e9:40:0e:55:
                    8c:02:81:f4:a1:f0:94:45:21:06:7b:1a:c7:df:fc:
                    94:bb:bb:fd:59:df:53:87:38:37:4d:50:94:1b:70:
                    56:7a:f2:2d:21:69:62:c9:ea:4e:33:e5:7f:94:60:
                    a7:07:6c:b6:8a:f3:3e:db:d2:d5:07:a6:38:80:45:
                    82:c4:f0:3c:7f:72:31:08:7c:08:30:ef:a7:c9:eb:
                    47:7f:86:e4:9d:c5:f3:d7:8e:18:c2:1d:4a:0a:f7:
                    19:41:ee:04:61:33:26:53:b4:2f:ec:b7:a7:f5:3c:
                    e2:26:40:3b:f0:7d:50:fd:f1:95:28:f2:1f:05:b3:
                    f0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:73:73:21:17:8A:D9:FA:FF:99:13:2B:F9:09:06:79:09:8D:4C:1E
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:3d:c1:bc:6d:bf:d0:79:cc:60:7e:78:30:f3:aa:40:bb:11:
         e6:8f:76:0d:30:66:11:6d:98:ee:e7:40:e9:a0:8c:7d:7a:e2:
         d3:56:69:de:93:e8:98:88:65:9e:4b:94:08:ab:5f:da:82:ba:
         3e:a9:8a:99:fc:57:cb:29:3c:df:df:24:64:e4:30:52:ed:cd:
         cb:2f:b3:da:d3:b2:62:e6:cf:1a:8d:96:ff:d7:f2:cf:f3:06:
         0d:96:42:f7:bc:e4:3e:2e:8a:98:75:43:13:3e:b6:2d:84:c5:
         3b:6c:54:50:23:03:1e:d5:a5:8c:a6:12:94:e0:d2:02:1f:9d:
         54:3e:0e:d3:8b:30:a8:3c:51:d2:18:79:3b:80:c8:5b:db:f3:
         4a:2d:44:63:98:03:0c:f7:7d:1c:a7:9e:8d:8c:ba:a7:b4:3d:
         8f:97:4e:16:c2:7f:a0:a9:c9:a6:00:7f:11:9a:04:a7:4c:97:
         cf:3e:57:e2:25:6b:59:5d:42:5c:64:c8:fa:22:02:d8:d1:7e:
         40:35:41:d2:8d:4e:6f:c9:ad:d6:e2:c1:97:2e:49:69:d3:23:
         10:10:6d:dc:3d:6a:6c:2f:d2:92:bf:6f:58:75:9a:2c:08:17:
         4c:87:4d:80:8f:85:6c:20:a5:60:70:12:80:a3:e4:2b:22:5b:
         79:da:e9:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe21254FeBXoZU0AofVDyaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwNjI4MTQwMTAxWhcNMjUwNjI5MTQwMTAxWjAzMTEwLwYDVQQD
EyhkYjczNzMyMTE3OGFkOWZhZmY5OTEzMmJmOTA5MDY3OTA5OGQ0YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08V6jifwbdGut5MFaglUtUfRO4Kw
qTAPxYL5on/SbfhJeKBwMAXP9lQ6kyDUg7KVKAY2IIrO7hAd+pJh7++xVDF/JqDf
wm8ODj/6odAMlUumwHLslqu3HUHMXWUFSKqlyd3Bw4vx0tTV5PN9Ps+dELeDU+Xo
z/fX6HdoW+PXi+O66elADlWMAoH0ofCURSEGexrH3/yUu7v9Wd9Thzg3TVCUG3BW
evItIWliyepOM+V/lGCnB2y2ivM+29LVB6Y4gEWCxPA8f3IxCHwIMO+nyetHf4bk
ncXz144Ywh1KCvcZQe4EYTMmU7Qv7Len9TziJkA78H1Q/fGVKPIfBbPwXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtzcyEXitn6/5kTK/kJBnkJjUweMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYz3BvG2/
0HnMYH54MPOqQLsR5o92DTBmEW2Y7udA6aCMfXri01Zp3pPomIhlnkuUCKtf2oK6
PqmKmfxXyyk8398kZOQwUu3Nyy+z2tOyYubPGo2W/9fyz/MGDZZC97zkPi6KmHVD
Ez62LYTFO2xUUCMDHtWljKYSlODSAh+dVD4O04swqDxR0hh5O4DIW9vzSi1EY5gD
DPd9HKeejYy6p7Q9j5dOFsJ/oKnJpgB/EZoEp0yXzz5X4iVrWV1CXGTI+iIC2NF+
QDVB0o1Ob8mt1uLBly5JadMjEBBt3D1qbC/Skr9vWHWaLAgXTIdNgI+FbCClYHAS
gKPkKyJbedrpkg==
-----END CERTIFICATE-----