Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          qwfmtLX6uDyVHfRqukXZYT0nrrs1WuuGffUzAsU1zzk=
Subject key identifier:   F0:E9:FA:14:0A:E2:70:97:BA:8E:1B:56:BF:BB:47:1A:90:97:9C:E4
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       0196BFDD17547C570BF5CB78F26DBAF48F17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          1533
Signing time:             Sun 11 May 2025 15:00:59 +0000
Manifest this update:     Sun 11 May 2025 15:00:59 +0000
Manifest next update:     Mon 12 May 2025 15:00:59 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: Fey0NWthwiD0+n2nj5+Ulsa7W3YijcDliTut54PXaQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 15:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dd:17:54:7c:57:0b:f5:cb:78:f2:6d:ba:f4:8f:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: May 11 15:00:59 2025 GMT
            Not After : May 12 15:00:59 2025 GMT
        Subject: CN=f0e9fa140ae27097ba8e1b56bfbb471a90979ce4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:33:7b:71:a7:fb:fc:25:c3:39:a2:b8:53:60:
                    ac:b5:62:26:bd:62:2f:a7:e8:c2:8f:07:1e:14:7f:
                    45:fe:64:54:17:6c:41:2e:df:fc:62:02:83:80:58:
                    74:59:79:03:f4:04:a5:08:f9:c2:d1:ce:d3:82:eb:
                    ea:23:f5:e7:82:90:6d:d7:7f:22:c2:39:df:74:90:
                    a7:cd:19:89:ac:b1:55:2e:f6:f4:fe:f0:76:e1:81:
                    fe:23:ea:90:79:a1:ac:05:97:37:e1:bb:b0:ca:cb:
                    72:f3:fb:94:f4:e8:7b:a0:31:34:b0:1b:ee:84:81:
                    61:32:a8:2d:44:ec:fc:11:0d:76:e0:a6:d8:7d:5d:
                    aa:00:8f:fb:e1:71:92:a0:07:bf:70:00:b4:36:6a:
                    49:57:0e:bf:81:2a:b1:8f:73:15:46:ef:b4:a2:2f:
                    ac:02:23:ac:f8:a2:26:09:88:2b:fc:6a:79:bc:8f:
                    3d:f0:e2:a2:ec:d5:5e:33:f9:46:22:24:9a:84:9e:
                    dc:77:06:ed:5b:88:7e:2e:d4:a3:cf:fc:89:8f:95:
                    a9:4d:60:50:7d:75:f7:da:d7:0b:9b:ea:55:81:4d:
                    a6:a6:95:35:47:b1:c8:2d:ff:e7:fa:4f:49:f8:8f:
                    6f:53:1a:19:fe:b1:35:6c:38:41:17:84:8f:96:cd:
                    d9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E9:FA:14:0A:E2:70:97:BA:8E:1B:56:BF:BB:47:1A:90:97:9C:E4
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:4e:7a:be:3e:46:50:5e:30:90:83:8e:28:be:0a:97:e3:1b:
         2a:ec:28:e7:5e:03:fd:14:3b:f8:59:99:b2:78:35:ec:34:52:
         7b:d3:9a:0d:71:87:8b:2f:b3:b3:9a:90:0a:6e:be:9b:66:c0:
         89:7e:61:22:00:f7:15:95:75:7a:d4:a1:b4:bf:29:7f:e9:0b:
         77:75:e8:da:19:a8:a0:6e:74:35:b2:86:bf:18:66:12:01:be:
         1a:f7:09:a8:d3:17:7a:79:ab:c3:33:ad:b5:95:5a:df:a4:b9:
         b3:80:a1:bc:fc:97:3b:13:c3:58:05:be:99:7f:ef:e9:c5:37:
         f8:d4:df:34:26:22:4b:cc:b3:a8:a9:c8:74:c1:d8:69:b6:d1:
         32:9d:de:7a:cc:0d:f1:6e:09:37:51:29:17:b0:dd:a2:43:6f:
         78:54:b6:18:46:10:b4:58:7a:5c:eb:7c:b5:e9:02:71:10:9f:
         90:66:af:e6:68:8a:d4:e5:86:2f:fe:90:58:db:ae:5d:01:c8:
         6e:bc:49:9a:26:0c:46:2d:2d:6f:fd:3e:4e:fe:1c:26:ab:07:
         ee:28:d7:d0:53:85:c9:1e:db:c5:6f:71:2d:d6:89:8a:8d:ae:
         63:68:49:18:24:2f:48:c1:75:09:99:a8:2e:3a:60:e1:26:49:
         cc:2a:f7:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3RdUfFcL9ct48m269I8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjUwNTExMTUwMDU5WhcNMjUwNTEyMTUwMDU5WjAzMTEwLwYDVQQD
EyhmMGU5ZmExNDBhZTI3MDk3YmE4ZTFiNTZiZmJiNDcxYTkwOTc5Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjN7caf7/CXDOaK4U2CstWImvWIv
p+jCjwceFH9F/mRUF2xBLt/8YgKDgFh0WXkD9ASlCPnC0c7TguvqI/XngpBt138i
wjnfdJCnzRmJrLFVLvb0/vB24YH+I+qQeaGsBZc34buwysty8/uU9Oh7oDE0sBvu
hIFhMqgtROz8EQ124KbYfV2qAI/74XGSoAe/cAC0NmpJVw6/gSqxj3MVRu+0oi+s
AiOs+KImCYgr/Gp5vI898OKi7NVeM/lGIiSahJ7cdwbtW4h+LtSjz/yJj5WpTWBQ
fXX32tcLm+pVgU2mppU1R7HILf/n+k9J+I9vUxoZ/rE1bDhBF4SPls3ZFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDp+hQK4nCXuo4bVr+7RxqQl5zkMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdE56vj5G
UF4wkIOOKL4Kl+MbKuwo514D/RQ7+FmZsng17DRSe9OaDXGHiy+zs5qQCm6+m2bA
iX5hIgD3FZV1etShtL8pf+kLd3Xo2hmooG50NbKGvxhmEgG+GvcJqNMXenmrwzOt
tZVa36S5s4ChvPyXOxPDWAW+mX/v6cU3+NTfNCYiS8yzqKnIdMHYabbRMp3eeswN
8W4JN1EpF7DdokNveFS2GEYQtFh6XOt8tekCcRCfkGav5miK1OWGL/6QWNuuXQHI
brxJmiYMRi0tb/0+Tv4cJqsH7ijX0FOFyR7bxW9xLdaJio2uY2hJGCQvSMF1CZmo
Ljpg4SZJzCr3Ig==
-----END CERTIFICATE-----