Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
File:                     QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft (raw, json)
Hash identifier:          1mbPJsYHS+vPsb3IgFWx45zAEIlaW0XFwtHx78BKnKc=
Subject key identifier:   26:CB:1B:29:87:D6:08:AB:F9:C8:4B:B3:5B:CF:C0:1D:8B:EA:C9:6A
Authority key identifier: 40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C
Certificate issuer:       /CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
Certificate serial:       0197B6A0C20FE2F9367722D1EBC424DB774E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:17 +0000
Files and hashes:         1: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl (hash: 1D7JZHW7ppjuMjjiXJsTYPUN8dgn+tIIsLh0KtK87h8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:c2:0f:e2:f9:36:77:22:d1:eb:c4:24:db:77:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
        Validity
            Not Before: Jun 28 13:01:17 2025 GMT
            Not After : Jun 29 13:01:17 2025 GMT
        Subject: CN=26cb1b2987d608abf9c84bb35bcfc01d8beac96a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:a4:e1:fb:84:fe:63:8e:d2:de:40:f8:59:da:
                    8f:91:bc:62:4a:9f:89:be:cb:02:23:88:2e:41:01:
                    d8:58:44:5b:cf:5f:b1:d1:9e:16:16:bc:f2:af:7c:
                    9a:af:8b:0e:ef:19:8f:98:73:87:3a:2d:8d:ec:dc:
                    9f:0a:91:0a:0a:09:f4:1e:ae:e7:2a:66:a7:82:5e:
                    75:9d:d1:a9:39:94:61:9a:56:e1:4d:cb:21:20:9e:
                    56:17:d0:64:90:e5:c1:58:2b:66:23:eb:6b:7b:b3:
                    bd:29:54:c1:80:d5:3d:99:b0:eb:7f:4f:41:15:c1:
                    d2:81:e7:e5:76:ea:01:33:1c:3b:3d:67:8f:fe:c2:
                    15:54:72:af:50:35:e6:4f:37:49:dc:c6:e6:e4:b5:
                    54:9f:de:2d:02:13:a0:17:a5:2d:a1:f2:c7:29:c4:
                    2b:ce:cf:27:c4:b1:66:f9:29:01:42:a5:ec:6d:74:
                    3e:c1:d8:78:2f:2a:8c:4e:18:3f:2f:52:f7:a4:3b:
                    5d:98:ea:ea:32:00:20:42:3a:9a:7e:d9:4b:1c:4e:
                    83:4f:02:f6:c9:d4:bf:f0:89:a4:d1:d7:9a:30:27:
                    65:e0:6b:ed:7d:df:dd:b0:49:88:a2:b4:58:65:a4:
                    37:fb:9a:57:8f:ea:ec:0e:b2:8c:6e:d1:c9:c4:c1:
                    bf:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:CB:1B:29:87:D6:08:AB:F9:C8:4B:B3:5B:CF:C0:1D:8B:EA:C9:6A
            X509v3 Authority Key Identifier:
                keyid:40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:cb:ed:26:f8:ce:88:1c:1a:4c:1c:8a:08:b9:a1:f3:86:af:
         e0:48:88:93:24:7d:3b:70:19:07:3d:67:ae:43:64:9b:8b:5c:
         54:b6:2a:13:3d:2b:9e:72:0c:79:cf:a0:41:40:c4:86:28:36:
         be:fb:77:d1:13:4c:f3:3f:3e:f2:2c:c9:30:4c:5a:12:70:50:
         26:7d:29:15:e0:77:54:f1:0d:2c:9c:34:e6:98:28:26:31:0d:
         13:66:79:5a:fe:a3:85:86:e0:62:df:3a:58:da:67:24:7a:57:
         fa:8c:25:c3:c1:01:45:d6:df:1c:86:71:ae:66:e5:3e:07:f9:
         ad:a9:37:4a:26:10:1c:dd:4d:80:da:99:fe:5c:e3:64:d3:09:
         e5:c8:41:e1:c9:5c:f4:85:af:5c:f9:4d:b7:58:12:38:56:f7:
         e2:da:ca:19:e2:82:db:92:fa:aa:95:eb:3b:3b:79:cf:86:3b:
         aa:59:7e:f1:99:76:dc:e0:e7:8e:13:2d:b2:ab:98:ab:9b:46:
         2f:18:21:b8:71:ab:00:6c:cb:bc:3d:7a:7e:7f:1d:14:0d:f0:
         40:45:ea:33:32:cc:84:62:b3:61:4d:dd:c6:d4:9e:33:de:00:
         fd:f0:4d:3e:0c:dd:ea:84:f8:51:95:0f:ab:3b:30:f4:f2:11:
         ba:c2:17:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMIP4vk2dyLR68Qk23dOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE3MTE1N2UyMGQ5ODAzNmJiZDY5M2I4ZWNiYjJiOTlm
MGYwM2MwHhcNMjUwNjI4MTMwMTE3WhcNMjUwNjI5MTMwMTE3WjAzMTEwLwYDVQQD
EygyNmNiMWIyOTg3ZDYwOGFiZjljODRiYjM1YmNmYzAxZDhiZWFjOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aTh+4T+Y47S3kD4WdqPkbxiSp+J
vssCI4guQQHYWERbz1+x0Z4WFrzyr3yar4sO7xmPmHOHOi2N7NyfCpEKCgn0Hq7n
Kmangl51ndGpOZRhmlbhTcshIJ5WF9BkkOXBWCtmI+tre7O9KVTBgNU9mbDrf09B
FcHSgeflduoBMxw7PWeP/sIVVHKvUDXmTzdJ3Mbm5LVUn94tAhOgF6UtofLHKcQr
zs8nxLFm+SkBQqXsbXQ+wdh4LyqMThg/L1L3pDtdmOrqMgAgQjqaftlLHE6DTwL2
ydS/8Imk0deaMCdl4Gvtfd/dsEmIorRYZaQ3+5pXj+rsDrKMbtHJxMG/+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbLGymH1gir+chLs1vPwB2L6slqMB8GA1UdIwQY
MBaAFECqcRV+INmANrvWk7jsuyuZ8PA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUt
MjM1YWJhMTlkOWY5LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUtMjM1YWJhMTlkOWY5
LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJMvtJvjO
iBwaTByKCLmh84av4EiIkyR9O3AZBz1nrkNkm4tcVLYqEz0rnnIMec+gQUDEhig2
vvt30RNM8z8+8izJMExaEnBQJn0pFeB3VPENLJw05pgoJjENE2Z5Wv6jhYbgYt86
WNpnJHpX+owlw8EBRdbfHIZxrmblPgf5rak3SiYQHN1NgNqZ/lzjZNMJ5chB4clc
9IWvXPlNt1gSOFb34trKGeKC25L6qpXrOzt5z4Y7qll+8Zl23ODnjhMtsquYq5tG
LxghuHGrAGzLvD16fn8dFA3wQEXqMzLMhGKzYU3dxtSeM94A/fBNPgzd6oT4UZUP
qzsw9PIRusIX2Q==
-----END CERTIFICATE-----