Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          2It0fo3pCpFzQh1qUTry+o2kRO1PtNwjT5Og4DlAJGc=
Subject key identifier:   C1:D8:DE:4E:F5:AA:9D:08:41:56:71:6F:15:B3:61:0F:E4:48:69:16
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       0198D5BC23BB459DA7C014C818B4B5504F85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          14EE
Signing time:             Sat 23 Aug 2025 07:02:13 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:13 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:13 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: zHfQ/W1qDuUE1yp34JkEG6ID+8HBt5wMx8g8eOmzK7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:23:bb:45:9d:a7:c0:14:c8:18:b4:b5:50:4f:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Aug 23 07:02:13 2025 GMT
            Not After : Aug 24 07:02:13 2025 GMT
        Subject: CN=c1d8de4ef5aa9d084156716f15b3610fe4486916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:52:7e:79:18:9d:8d:b4:51:0e:54:91:44:6e:
                    e2:fb:3a:61:cb:6c:26:16:38:e3:11:69:47:f6:8d:
                    d9:23:ce:ce:7e:04:f5:03:70:a1:3b:a4:17:b9:b9:
                    d3:66:88:a5:b5:3b:fb:b5:f2:d6:2a:95:a9:74:75:
                    a0:d1:7a:84:6e:f0:99:da:27:1d:55:96:68:ab:c8:
                    16:15:8d:6a:3a:65:88:b1:2b:75:22:79:7d:fd:96:
                    3a:aa:66:97:8e:d4:68:8d:f4:99:8c:54:68:42:92:
                    f1:55:0d:b2:e9:ae:80:79:64:8f:6f:c7:d2:fe:97:
                    1d:45:2c:95:ef:d0:ad:eb:09:3c:f0:33:d8:47:8e:
                    e1:64:bb:69:4f:14:4c:a9:86:51:bd:23:86:34:cb:
                    1c:3d:8a:01:14:75:ca:79:35:86:44:8d:c0:0d:db:
                    6e:3c:d0:25:f6:d3:51:00:8c:a1:ec:f2:4a:18:42:
                    5b:e0:2e:16:12:51:eb:64:dc:0a:58:7a:72:ed:9f:
                    e6:89:8b:f4:1d:2f:3a:1a:6d:b0:3c:91:ac:17:e7:
                    8a:f9:b7:fa:a1:0e:ba:90:70:04:a5:31:e9:39:68:
                    cf:be:f8:6d:51:ec:98:e6:fc:54:78:f1:7f:e1:cb:
                    38:dc:d9:c6:5d:26:57:6d:4d:76:91:7a:87:e1:f4:
                    44:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:D8:DE:4E:F5:AA:9D:08:41:56:71:6F:15:B3:61:0F:E4:48:69:16
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:bf:8c:19:7d:69:9a:84:96:d0:d0:d6:ef:f2:7d:6a:90:0a:
         0d:8e:f2:de:09:bd:de:cb:f7:cf:db:c0:de:4f:65:d6:86:d9:
         a7:ff:fd:29:15:fc:7b:d1:cd:36:f1:3f:09:b6:04:9d:bd:d7:
         75:14:fb:57:db:65:20:0a:41:4c:7d:35:7c:80:b7:a4:ce:bd:
         0d:af:55:14:6d:3c:36:92:a6:38:01:78:6c:68:d6:23:54:dc:
         ca:db:8f:f3:6b:d4:1f:0c:b2:3b:82:71:37:bc:33:6d:ed:7b:
         3d:ea:34:fd:4d:10:ce:70:dc:b4:73:ab:ae:8e:4a:80:fe:d0:
         c1:10:d1:2a:4a:68:af:5e:b2:43:76:e4:5a:0b:1f:b6:66:b9:
         50:70:2a:a4:a3:4e:33:fc:c6:1b:c4:c0:5f:bb:a4:9d:9f:33:
         62:57:f1:18:d7:c9:c2:91:9a:34:89:d9:82:a8:1c:cd:dc:fb:
         fa:95:a5:2e:cf:ec:97:e0:75:cd:a9:fd:01:fc:71:00:2e:ba:
         13:56:c0:dd:5c:9e:b8:71:c8:35:b1:60:27:82:5b:ae:41:09:
         01:fd:f0:c1:82:ea:d7:4a:61:90:f5:a0:a4:b6:01:47:b5:25:
         cb:35:f0:58:cd:e4:2e:af:74:a8:d0:50:93:1c:10:96:11:d7:
         44:1d:34:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvCO7RZ2nwBTIGLS1UE+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwODIzMDcwMjEzWhcNMjUwODI0MDcwMjEzWjAzMTEwLwYDVQQD
EyhjMWQ4ZGU0ZWY1YWE5ZDA4NDE1NjcxNmYxNWIzNjEwZmU0NDg2OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVJ+eRidjbRRDlSRRG7i+zphy2wm
FjjjEWlH9o3ZI87OfgT1A3ChO6QXubnTZoiltTv7tfLWKpWpdHWg0XqEbvCZ2icd
VZZoq8gWFY1qOmWIsSt1Inl9/ZY6qmaXjtRojfSZjFRoQpLxVQ2y6a6AeWSPb8fS
/pcdRSyV79Ct6wk88DPYR47hZLtpTxRMqYZRvSOGNMscPYoBFHXKeTWGRI3ADdtu
PNAl9tNRAIyh7PJKGEJb4C4WElHrZNwKWHpy7Z/miYv0HS86Gm2wPJGsF+eK+bf6
oQ66kHAEpTHpOWjPvvhtUeyY5vxUePF/4cs43NnGXSZXbU12kXqH4fREIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHY3k71qp0IQVZxbxWzYQ/kSGkWMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQb+MGX1p
moSW0NDW7/J9apAKDY7y3gm93sv3z9vA3k9l1obZp//9KRX8e9HNNvE/CbYEnb3X
dRT7V9tlIApBTH01fIC3pM69Da9VFG08NpKmOAF4bGjWI1TcytuP82vUHwyyO4Jx
N7wzbe17Peo0/U0QznDctHOrro5KgP7QwRDRKkpor16yQ3bkWgsftma5UHAqpKNO
M/zGG8TAX7uknZ8zYlfxGNfJwpGaNInZgqgczdz7+pWlLs/sl+B1zan9AfxxAC66
E1bA3VyeuHHINbFgJ4JbrkEJAf3wwYLq10phkPWgpLYBR7UlyzXwWM3kLq90qNBQ
kxwQlhHXRB00bQ==
-----END CERTIFICATE-----