Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          CXBCZxzPzGDIl7feabGABLqiz13rCxhxllSRSLdpQv8=
Subject key identifier:   48:F4:88:8C:7A:6F:0F:A9:7D:8B:F9:66:3B:CF:65:0A:7B:B6:C9:F4
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       0198D51585AA7B5FFC49F751C292A6F8F98B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 04:00:14 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:14 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:14 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: Jg5rd+tD6TovypDWmmi8GbbYcA2fuTrOxclFpX4HNG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:85:aa:7b:5f:fc:49:f7:51:c2:92:a6:f8:f9:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Aug 23 04:00:14 2025 GMT
            Not After : Aug 24 04:00:14 2025 GMT
        Subject: CN=48f4888c7a6f0fa97d8bf9663bcf650a7bb6c9f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9e:e0:72:cb:aa:6e:5c:70:2c:cc:41:67:53:
                    ec:d2:8d:43:ce:51:5a:2e:b9:90:6b:3f:58:78:b8:
                    78:a3:01:c5:78:be:44:e0:54:56:f0:f9:1e:c4:68:
                    d2:da:11:9a:a0:bd:f8:8e:7e:24:5e:0d:80:05:b2:
                    93:1f:65:a8:64:94:eb:2b:24:d3:62:4f:c5:43:c2:
                    a1:e7:85:2e:2e:c4:ae:fc:f5:c5:c2:a0:5e:b8:e0:
                    60:dc:7c:20:c2:df:ed:2a:c5:cd:6d:b2:f1:13:0e:
                    0f:72:74:0c:22:cf:bb:30:4f:04:14:0b:ff:d1:a8:
                    f9:97:23:6e:0f:ea:64:86:e1:e5:f9:62:0a:82:47:
                    c9:d7:55:c4:62:1e:99:fe:20:6c:a0:a4:ae:c3:c2:
                    6e:84:6a:5c:25:88:d6:10:04:81:ee:1d:a0:d4:c0:
                    f7:6b:c5:ef:0d:4a:7d:b5:2e:28:f9:a4:90:f9:c9:
                    c3:22:63:c5:59:9b:a9:0c:a0:37:59:5a:3e:1e:b1:
                    d6:23:81:86:85:f9:ff:1e:39:c0:66:3e:63:5e:2f:
                    b4:91:c6:0f:33:5a:7a:d9:5d:82:75:e8:ee:7c:c1:
                    73:03:d6:14:b0:9a:9a:9c:91:02:da:a9:ca:e0:d5:
                    a7:6d:fa:6e:6a:f3:e9:11:86:a4:96:31:22:ed:2f:
                    91:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:F4:88:8C:7A:6F:0F:A9:7D:8B:F9:66:3B:CF:65:0A:7B:B6:C9:F4
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:8d:49:a7:85:e5:99:f3:5e:98:a0:7e:4c:9c:99:8d:19:06:
         31:fe:cc:98:20:9f:04:11:c9:fc:f4:bf:8e:83:66:3a:ea:d8:
         dc:d0:74:9f:c1:4e:74:f6:bd:fb:3d:f7:d3:9d:af:50:c4:9c:
         a7:9d:10:fd:a5:05:71:b3:f3:fa:48:22:69:3a:3c:48:0d:8e:
         b3:f0:b1:64:fb:88:5e:eb:10:4e:fa:29:40:b8:df:27:10:bb:
         dc:15:8f:7a:e7:0a:c5:74:82:10:d2:b3:0a:0a:b8:76:c9:33:
         42:83:3d:59:6f:44:fa:af:f5:91:d2:06:f9:b6:5d:6a:1d:36:
         10:96:61:ac:dd:12:b3:48:5c:46:91:c3:05:70:11:7c:af:a8:
         e7:af:7e:53:a1:fd:8d:44:26:e4:c1:9b:e9:95:51:21:90:81:
         c7:5f:1a:db:1a:14:1e:b9:98:a0:17:8f:4f:d5:d7:e0:d4:56:
         e7:91:cb:d9:67:d6:79:95:a5:cd:6c:25:cd:37:c9:67:5b:79:
         a9:e1:c9:cb:58:39:f4:45:c2:77:b6:46:ee:24:5f:bc:80:56:
         29:83:a9:18:82:11:f1:c4:d7:1d:55:04:2e:36:5a:49:5b:71:
         6b:7c:4a:95:93:2a:ac:03:88:ec:88:dc:bf:a7:84:1f:ca:b9:
         4a:ec:9f:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFYWqe1/8SfdRwpKm+PmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwODIzMDQwMDE0WhcNMjUwODI0MDQwMDE0WjAzMTEwLwYDVQQD
Eyg0OGY0ODg4YzdhNmYwZmE5N2Q4YmY5NjYzYmNmNjUwYTdiYjZjOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ7gcsuqblxwLMxBZ1Ps0o1DzlFa
LrmQaz9YeLh4owHFeL5E4FRW8PkexGjS2hGaoL34jn4kXg2ABbKTH2WoZJTrKyTT
Yk/FQ8Kh54UuLsSu/PXFwqBeuOBg3Hwgwt/tKsXNbbLxEw4PcnQMIs+7ME8EFAv/
0aj5lyNuD+pkhuHl+WIKgkfJ11XEYh6Z/iBsoKSuw8JuhGpcJYjWEASB7h2g1MD3
a8XvDUp9tS4o+aSQ+cnDImPFWZupDKA3WVo+HrHWI4GGhfn/HjnAZj5jXi+0kcYP
M1p62V2CdejufMFzA9YUsJqanJEC2qnK4NWnbfpuavPpEYakljEi7S+RmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEj0iIx6bw+pfYv5ZjvPZQp7tsn0MB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVY1Jp4Xl
mfNemKB+TJyZjRkGMf7MmCCfBBHJ/PS/joNmOurY3NB0n8FOdPa9+z33052vUMSc
p50Q/aUFcbPz+kgiaTo8SA2Os/CxZPuIXusQTvopQLjfJxC73BWPeucKxXSCENKz
Cgq4dskzQoM9WW9E+q/1kdIG+bZdah02EJZhrN0Ss0hcRpHDBXARfK+o569+U6H9
jUQm5MGb6ZVRIZCBx18a2xoUHrmYoBePT9XX4NRW55HL2WfWeZWlzWwlzTfJZ1t5
qeHJy1g59EXCd7ZG7iRfvIBWKYOpGIIR8cTXHVUELjZaSVtxa3xKlZMqrAOI7Ijc
v6eEH8q5SuyfyQ==
-----END CERTIFICATE-----