Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          R+wS4kYzAPPLnSpdHIddVovoo7QOl/d7Ye0Y6vKgsXs=
Subject key identifier:   FD:E6:AB:A2:3E:93:4D:86:49:02:91:A8:4D:6A:C1:EB:A5:0E:BE:2F
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       0196CB0516C90B5D3A58C0CE86ABAA193F9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          05D7
Signing time:             Tue 13 May 2025 19:00:30 +0000
Manifest this update:     Tue 13 May 2025 19:00:30 +0000
Manifest next update:     Wed 14 May 2025 19:00:30 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: 0ZG3S8gyJVLjLs+b3LkkXPQO7C+6W1Hkdi8JjPxY+nw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 19:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:16:c9:0b:5d:3a:58:c0:ce:86:ab:aa:19:3f:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: May 13 19:00:30 2025 GMT
            Not After : May 14 19:00:30 2025 GMT
        Subject: CN=fde6aba23e934d86490291a84d6ac1eba50ebe2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3f:cd:f3:44:ec:e1:04:58:d2:9b:77:61:7a:
                    b2:9a:93:40:f9:70:63:57:6b:f3:11:6f:02:cc:ca:
                    ae:8b:d9:e6:c9:3c:1a:c4:c3:41:bd:11:03:f2:f5:
                    c0:3c:b9:56:11:3f:26:63:22:19:37:db:26:11:40:
                    74:0b:f8:84:1c:81:7e:aa:eb:18:ab:e3:50:e3:7b:
                    1f:2f:fa:dc:f5:1d:5d:d1:b4:54:a0:29:29:81:e0:
                    97:e5:68:91:5e:15:69:b0:97:a4:35:98:e3:69:84:
                    64:be:65:5b:63:d0:a9:76:cb:da:64:5b:06:21:8b:
                    4c:ca:8f:68:b2:8d:2b:a6:f2:21:fc:ac:af:9c:1f:
                    94:f4:bf:46:82:ea:ff:17:62:97:d4:a5:b6:b4:6d:
                    42:23:13:d3:19:41:61:d3:77:df:b8:c1:d6:bf:f3:
                    f9:e5:01:ff:8d:1d:c2:8f:31:26:fd:2c:08:d8:c7:
                    15:4b:9d:dc:45:f8:3e:5a:bf:f9:8d:14:b9:f0:10:
                    dd:48:32:17:b8:bf:5b:9c:80:8b:57:68:b6:f3:7a:
                    99:68:63:f7:e4:cd:32:4f:11:27:da:17:6f:47:ee:
                    53:7e:e1:f9:f8:73:1c:ae:fd:e7:4b:a2:90:30:04:
                    1d:8c:df:fe:07:9d:8b:18:3a:7d:19:df:f5:e4:83:
                    d4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:E6:AB:A2:3E:93:4D:86:49:02:91:A8:4D:6A:C1:EB:A5:0E:BE:2F
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:34:34:07:b0:77:4d:8f:ea:00:e7:f9:d6:ce:13:96:dd:6b:
         5c:3f:14:1f:03:7b:21:c9:d6:11:be:0a:0e:08:46:e7:74:f5:
         57:21:33:0c:d6:af:d7:d1:34:f6:d1:89:7b:5e:ce:f1:df:c9:
         da:18:54:0b:eb:05:4a:24:5e:e4:72:5f:38:5b:de:41:f7:44:
         72:0e:9a:e6:d2:36:24:57:47:a2:22:b0:62:bf:d8:ea:30:15:
         20:98:1a:7e:b6:49:c7:70:02:43:74:0a:65:fb:73:55:b4:c6:
         e7:ec:f2:53:c9:4c:4a:f1:85:18:bd:d5:7d:08:a0:8b:a5:39:
         be:70:5d:49:05:e5:dd:d3:ec:1f:56:ca:60:a4:2f:fa:72:29:
         99:3d:01:13:7d:96:4a:6a:90:86:23:1b:a9:5a:d3:8b:85:2b:
         a0:0c:7f:03:38:84:74:8e:06:96:2f:65:86:9c:53:df:74:9f:
         8f:7f:c3:b2:84:44:be:a7:c3:f8:49:07:09:03:88:8d:ed:c3:
         20:47:67:eb:85:90:9f:70:34:be:ce:62:04:86:50:6a:25:c3:
         6c:7e:3a:56:3c:1a:c6:a5:aa:0a:7a:97:6f:70:f1:c4:de:32:
         c4:f7:2f:74:fa:0a:4a:a5:2d:81:be:7d:8a:fd:c2:43:cc:47:
         46:e3:d9:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBRbJC106WMDOhquqGT+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUwNTEzMTkwMDMwWhcNMjUwNTE0MTkwMDMwWjAzMTEwLwYDVQQD
EyhmZGU2YWJhMjNlOTM0ZDg2NDkwMjkxYTg0ZDZhYzFlYmE1MGViZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD/N80Ts4QRY0pt3YXqympNA+XBj
V2vzEW8CzMqui9nmyTwaxMNBvRED8vXAPLlWET8mYyIZN9smEUB0C/iEHIF+qusY
q+NQ43sfL/rc9R1d0bRUoCkpgeCX5WiRXhVpsJekNZjjaYRkvmVbY9CpdsvaZFsG
IYtMyo9oso0rpvIh/KyvnB+U9L9Ggur/F2KX1KW2tG1CIxPTGUFh03ffuMHWv/P5
5QH/jR3CjzEm/SwI2McVS53cRfg+Wr/5jRS58BDdSDIXuL9bnICLV2i283qZaGP3
5M0yTxEn2hdvR+5TfuH5+HMcrv3nS6KQMAQdjN/+B52LGDp9Gd/15IPUcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3mq6I+k02GSQKRqE1qweulDr4vMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDQ0B7B3
TY/qAOf51s4Tlt1rXD8UHwN7IcnWEb4KDghG53T1VyEzDNav19E09tGJe17O8d/J
2hhUC+sFSiRe5HJfOFveQfdEcg6a5tI2JFdHoiKwYr/Y6jAVIJgafrZJx3ACQ3QK
ZftzVbTG5+zyU8lMSvGFGL3VfQigi6U5vnBdSQXl3dPsH1bKYKQv+nIpmT0BE32W
SmqQhiMbqVrTi4UroAx/AziEdI4Gli9lhpxT33Sfj3/DsoREvqfD+EkHCQOIje3D
IEdn64WQn3A0vs5iBIZQaiXDbH46VjwaxqWqCnqXb3DxxN4yxPcvdPoKSqUtgb59
iv3CQ8xHRuPZhw==
-----END CERTIFICATE-----