Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          2iiP8myCA6dOa/+STwjmXM2O0woPwY7JupeUI3VYzls=
Subject key identifier:   65:F2:BB:13:EC:A2:39:50:06:B3:AE:E4:31:0F:71:ED:E0:E3:EE:81
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       0197B7451ADCE343F0F7822B8F767F182421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 16:00:48 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:48 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:48 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: ohKrBTgXF5v8Qk13TE1yaRMs7RI23ADaiW3Ux5lqIW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:1a:dc:e3:43:f0:f7:82:2b:8f:76:7f:18:24:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Jun 28 16:00:48 2025 GMT
            Not After : Jun 29 16:00:48 2025 GMT
        Subject: CN=65f2bb13eca2395006b3aee4310f71ede0e3ee81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:82:dc:ab:24:25:54:95:41:0b:34:62:03:dc:
                    ff:3b:4a:30:af:d5:9e:80:79:a8:e8:28:a7:d9:33:
                    e2:0d:c3:14:0a:ce:9d:b9:86:06:8b:57:4d:17:2d:
                    5a:ab:f5:53:f2:73:f9:6d:f4:33:78:c0:24:86:48:
                    dd:72:7f:73:c2:c3:7c:af:a2:56:d5:96:91:fa:07:
                    14:1d:cb:da:84:40:31:6f:f8:43:43:27:70:f7:22:
                    ff:ba:8b:86:50:a9:ec:d5:42:c5:2c:39:a4:6b:6c:
                    38:b0:ce:f3:c3:42:ee:dc:c8:9f:26:56:ba:81:d1:
                    94:80:56:29:4d:db:05:67:9f:5d:c3:b9:d6:d0:13:
                    20:00:b6:d6:77:16:44:10:1b:71:f6:7c:27:0f:57:
                    b7:af:f7:46:7a:53:73:e3:b7:1d:3e:01:9c:f0:5c:
                    8e:a6:30:96:15:28:1e:d4:4e:cf:63:a8:05:56:1d:
                    c9:80:7f:c8:95:93:2a:99:11:24:bd:2e:da:b8:87:
                    3e:20:f8:e8:0b:49:38:f2:f0:ff:61:df:c7:2c:4a:
                    9d:d1:e2:6a:98:47:1d:b8:34:ef:fd:1f:11:ce:fc:
                    9b:bd:40:66:b3:ef:69:0f:00:d2:4c:c2:d1:16:a4:
                    ad:b6:6a:8a:75:63:c5:1e:b0:2e:3c:d2:c9:2e:c4:
                    3b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:F2:BB:13:EC:A2:39:50:06:B3:AE:E4:31:0F:71:ED:E0:E3:EE:81
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:51:91:c6:be:6a:ec:79:c4:88:cb:a1:99:f8:ab:17:92:a5:
         57:12:cb:54:75:f4:5f:75:d4:3a:72:89:c3:57:a7:95:0a:f0:
         62:6f:19:74:59:38:d0:01:74:4c:64:a6:ae:07:a6:39:83:e6:
         02:43:81:3c:b5:7d:94:4a:12:c8:a9:fc:bf:c7:2c:b0:fd:87:
         7f:a4:a9:5b:8f:5c:af:09:e2:18:48:7e:fd:20:1c:56:c2:0b:
         1a:0f:dc:95:c0:01:7b:f0:16:d0:2a:4e:d5:68:21:9f:b5:be:
         8e:45:9e:ad:14:db:78:e7:cb:a7:74:75:91:09:ca:9f:22:25:
         f1:ed:c5:d5:9b:74:d9:1c:81:2f:84:87:d4:4b:e1:5a:85:4f:
         ee:86:b3:89:32:72:75:6f:36:d9:6e:2c:c5:0c:fb:d4:0d:bb:
         36:46:a3:e5:12:36:d5:77:45:a7:0a:57:83:eb:99:71:30:a9:
         8e:f5:cc:48:13:65:3e:48:6c:69:cc:e3:3c:7a:64:87:e9:cf:
         85:f0:38:31:4d:59:ec:e6:b4:75:c0:12:01:ca:7e:33:6c:7f:
         f1:b5:99:24:ed:af:9c:8b:46:58:b5:c7:0c:a3:85:c4:62:12:
         e0:96:38:a5:b9:49:c7:3f:7b:98:d8:7c:a6:0c:9a:cd:db:8c:
         66:cb:47:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RRrc40Pw94Irj3Z/GCQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwNjI4MTYwMDQ4WhcNMjUwNjI5MTYwMDQ4WjAzMTEwLwYDVQQD
Eyg2NWYyYmIxM2VjYTIzOTUwMDZiM2FlZTQzMTBmNzFlZGUwZTNlZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYLcqyQlVJVBCzRiA9z/O0owr9We
gHmo6Cin2TPiDcMUCs6duYYGi1dNFy1aq/VT8nP5bfQzeMAkhkjdcn9zwsN8r6JW
1ZaR+gcUHcvahEAxb/hDQydw9yL/uouGUKns1ULFLDmka2w4sM7zw0Lu3MifJla6
gdGUgFYpTdsFZ59dw7nW0BMgALbWdxZEEBtx9nwnD1e3r/dGelNz47cdPgGc8FyO
pjCWFSge1E7PY6gFVh3JgH/IlZMqmREkvS7auIc+IPjoC0k48vD/Yd/HLEqd0eJq
mEcduDTv/R8RzvybvUBms+9pDwDSTMLRFqSttmqKdWPFHrAuPNLJLsQ7rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXyuxPsojlQBrOu5DEPce3g4+6BMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1GRxr5q
7HnEiMuhmfirF5KlVxLLVHX0X3XUOnKJw1enlQrwYm8ZdFk40AF0TGSmrgemOYPm
AkOBPLV9lEoSyKn8v8cssP2Hf6SpW49crwniGEh+/SAcVsILGg/clcABe/AW0CpO
1Wghn7W+jkWerRTbeOfLp3R1kQnKnyIl8e3F1Zt02RyBL4SH1EvhWoVP7oaziTJy
dW822W4sxQz71A27Nkaj5RI21XdFpwpXg+uZcTCpjvXMSBNlPkhsaczjPHpkh+nP
hfA4MU1Z7Oa0dcASAcp+M2x/8bWZJO2vnItGWLXHDKOFxGIS4JY4pblJxz97mNh8
pgyazduMZstHZw==
-----END CERTIFICATE-----