Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          7J3x3SxEiB3DYfpN6g+9mxkkYPVgkdCjxY2JWMkq4K8=
Subject key identifier:   B6:3E:C6:9A:9A:C5:BF:A1:13:B4:52:16:F0:1D:3B:3D:5D:E9:E4:87
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       0196C3827D9845CFD4E4090F4B2388457855
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          03A0
Signing time:             Mon 12 May 2025 08:00:30 +0000
Manifest this update:     Mon 12 May 2025 08:00:30 +0000
Manifest next update:     Tue 13 May 2025 08:00:30 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: V0ijPZ+vjvwYx12VW0qq1aHLV9VyYOauHfPqVNsk7ZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:82:7d:98:45:cf:d4:e4:09:0f:4b:23:88:45:78:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: May 12 08:00:30 2025 GMT
            Not After : May 13 08:00:30 2025 GMT
        Subject: CN=b63ec69a9ac5bfa113b45216f01d3b3d5de9e487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:91:e1:e6:12:b9:33:d0:a9:44:46:5d:70:ce:
                    2d:6b:3d:c9:b9:6d:a8:52:59:71:36:df:cb:17:af:
                    cc:3d:cf:3c:79:bb:d1:ac:25:65:96:8d:8a:1f:ae:
                    a2:de:2d:05:93:d9:02:7f:e2:77:ae:f5:03:df:34:
                    ea:1a:16:69:a5:75:b4:09:ae:93:f1:95:99:a8:11:
                    71:dd:84:b2:bc:95:dd:2f:89:b0:f7:d2:ba:f9:f3:
                    3a:70:b6:6e:f4:a8:5b:ee:c8:8f:0c:47:94:5c:5b:
                    32:59:65:61:2b:ec:82:8b:46:d7:46:a1:59:0f:4d:
                    d9:0f:d9:78:f5:60:c3:43:2d:7c:0b:89:bd:e2:02:
                    7e:d2:25:18:fa:88:d3:78:cc:76:b8:de:a4:b4:ed:
                    e5:ab:f3:aa:ed:a3:c9:2c:87:f8:24:bc:6b:1e:f0:
                    7b:78:e9:78:86:0a:74:cc:08:ca:7d:a9:fe:34:90:
                    5e:2f:c0:cb:19:43:b1:43:93:5f:c3:e1:19:26:eb:
                    3b:91:af:1e:57:c1:bd:b5:50:ba:1f:5e:8b:e6:b3:
                    d7:86:b5:89:52:80:ca:90:55:94:36:d0:41:e7:d7:
                    17:e0:2a:16:26:04:2d:64:54:ec:fc:dc:bc:90:8e:
                    5d:fe:0a:df:18:22:8d:a7:02:c0:c3:70:77:ba:15:
                    38:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:3E:C6:9A:9A:C5:BF:A1:13:B4:52:16:F0:1D:3B:3D:5D:E9:E4:87
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:d3:a7:7e:10:ea:92:da:11:1c:ef:bd:f1:dd:99:f7:00:66:
         18:a1:0e:7a:38:70:44:9f:be:d7:96:05:0c:c1:7e:8b:1d:a9:
         9d:32:6a:7c:b8:89:7e:d7:4b:16:cc:bd:03:18:86:1e:3b:2a:
         c3:33:be:7f:84:16:78:22:ab:9a:c2:ee:2e:ef:f8:0d:30:f4:
         90:14:4f:1d:91:ab:68:43:43:96:51:7b:dc:ea:39:58:c3:34:
         f7:49:cc:8e:b9:bb:d0:35:5f:67:d6:8b:9f:8a:a1:91:e8:ed:
         ab:ac:14:77:ef:dc:1e:ca:4d:03:25:63:1d:3f:f3:75:e5:7f:
         b8:a6:da:2b:a3:65:36:17:d5:c3:07:6c:29:5b:ba:74:71:fa:
         8d:64:6f:76:53:93:54:07:87:67:91:8e:39:17:d5:1e:55:15:
         77:8b:3e:0a:18:5d:6e:ab:be:7d:ee:40:05:a9:4b:df:17:9c:
         35:a7:25:7d:5b:7b:8a:70:c3:d6:0a:47:a7:7a:a8:36:fb:01:
         cf:b0:36:82:f8:f5:0b:82:b4:88:28:c9:b5:19:52:52:65:06:
         c0:20:b3:50:6a:11:aa:cb:e9:2b:79:0c:cb:f5:6f:6d:f8:64:
         2b:57:b1:bc:d2:dc:5b:63:ed:a5:d6:c9:6e:74:46:f1:ea:b0:
         18:9b:14:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDgn2YRc/U5AkPSyOIRXhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwNTEyMDgwMDMwWhcNMjUwNTEzMDgwMDMwWjAzMTEwLwYDVQQD
EyhiNjNlYzY5YTlhYzViZmExMTNiNDUyMTZmMDFkM2IzZDVkZTllNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJHh5hK5M9CpREZdcM4taz3JuW2o
UllxNt/LF6/MPc88ebvRrCVllo2KH66i3i0Fk9kCf+J3rvUD3zTqGhZppXW0Ca6T
8ZWZqBFx3YSyvJXdL4mw99K6+fM6cLZu9Khb7siPDEeUXFsyWWVhK+yCi0bXRqFZ
D03ZD9l49WDDQy18C4m94gJ+0iUY+ojTeMx2uN6ktO3lq/Oq7aPJLIf4JLxrHvB7
eOl4hgp0zAjKfan+NJBeL8DLGUOxQ5Nfw+EZJus7ka8eV8G9tVC6H16L5rPXhrWJ
UoDKkFWUNtBB59cX4CoWJgQtZFTs/Ny8kI5d/grfGCKNpwLAw3B3uhU46QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLY+xpqaxb+hE7RSFvAdOz1d6eSHMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatOnfhDq
ktoRHO+98d2Z9wBmGKEOejhwRJ++15YFDMF+ix2pnTJqfLiJftdLFsy9AxiGHjsq
wzO+f4QWeCKrmsLuLu/4DTD0kBRPHZGraENDllF73Oo5WMM090nMjrm70DVfZ9aL
n4qhkejtq6wUd+/cHspNAyVjHT/zdeV/uKbaK6NlNhfVwwdsKVu6dHH6jWRvdlOT
VAeHZ5GOORfVHlUVd4s+Chhdbqu+fe5ABalL3xecNaclfVt7inDD1gpHp3qoNvsB
z7A2gvj1C4K0iCjJtRlSUmUGwCCzUGoRqsvpK3kMy/VvbfhkK1exvNLcW2PtpdbJ
bnRG8eqwGJsUJQ==
-----END CERTIFICATE-----