Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
File:                     QIS7AapYrpSxMg_UvkIT-TFOkFY.mft (raw, json)
Hash identifier:          QA2ADPyb/sZEPI4ptDs1ujLixVLHc1uPuJzCIS07FAs=
Subject key identifier:   E0:5A:8E:3E:D8:43:20:8D:41:CE:6D:81:EE:FF:B7:18:85:53:BB:6E
Authority key identifier: 40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56
Certificate issuer:       /CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
Certificate serial:       0196CA600C1CC0FF5AB6D7392B8A32AE8378
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
Manifest number:          0529
Signing time:             Tue 13 May 2025 16:00:14 +0000
Manifest this update:     Tue 13 May 2025 16:00:14 +0000
Manifest next update:     Wed 14 May 2025 16:00:14 +0000
Files and hashes:         1: QIS7AapYrpSxMg_UvkIT-TFOkFY.crl (hash: ANbmc4I99wGanucPI6hGKi7UHMtoTzAdFc7WKRO0RYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 16:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:60:0c:1c:c0:ff:5a:b6:d7:39:2b:8a:32:ae:83:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
        Validity
            Not Before: May 13 16:00:14 2025 GMT
            Not After : May 14 16:00:14 2025 GMT
        Subject: CN=e05a8e3ed843208d41ce6d81eeffb7188553bb6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:42:24:a8:b9:44:40:59:3a:78:ee:b8:0e:d1:
                    dd:82:92:9a:46:f6:c1:cc:d3:d4:6f:d4:58:23:42:
                    e0:5e:48:42:97:84:e3:17:21:e4:a0:d8:d3:28:48:
                    f3:0b:0a:e7:0b:20:81:bf:85:e6:2c:b0:95:1f:c5:
                    b8:ea:1e:c0:51:f6:ab:69:fd:90:d6:0f:c5:eb:c6:
                    bd:01:1d:79:21:a5:15:66:3c:e7:51:47:84:fc:f8:
                    ad:39:c8:bd:1a:ed:91:4a:c0:a5:af:15:62:c1:49:
                    a2:dc:79:88:a0:c2:78:e2:35:a0:fd:b3:cc:38:a7:
                    9b:9a:f8:19:58:e4:d5:15:90:d1:36:01:c2:01:17:
                    e0:00:6c:6f:fd:a4:b6:a7:cc:17:2e:76:62:91:17:
                    ee:e2:14:81:cc:5b:4c:a4:88:72:5c:aa:9c:65:28:
                    a6:11:81:de:40:99:b9:d0:ea:3c:e2:e8:9a:1a:70:
                    a2:ff:37:a1:16:78:93:41:8d:a2:13:24:d8:9c:c8:
                    4c:a3:dc:aa:4c:87:39:7e:d4:33:7b:44:e5:83:6c:
                    b8:2a:6f:4f:df:fd:c2:9c:5d:13:36:cc:f1:e9:23:
                    45:07:47:08:50:1d:cb:d0:95:6a:25:45:be:78:b9:
                    10:ca:0c:fe:7a:eb:09:c2:79:6b:2d:3d:2e:b2:89:
                    b6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:5A:8E:3E:D8:43:20:8D:41:CE:6D:81:EE:FF:B7:18:85:53:BB:6E
            X509v3 Authority Key Identifier:
                keyid:40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7e:aa:7b:d6:f5:f2:af:70:60:32:6c:73:42:b5:e8:78:d6:
         67:1e:12:62:2f:3a:da:08:c1:ac:c8:0c:9b:f5:7c:2d:c6:6e:
         ff:55:d6:8a:10:a4:51:58:21:fb:b2:bc:5c:d3:c2:63:7c:df:
         ed:5b:b2:83:5f:f1:87:53:89:d1:33:8a:e6:96:5f:25:ad:8b:
         a1:56:39:0a:97:2e:43:f6:96:84:b3:f9:5f:b7:78:dd:71:3d:
         a1:a2:aa:1b:d5:c2:d4:78:53:e6:58:62:06:a2:e6:7c:5c:a5:
         4b:2b:58:14:6f:94:57:36:a6:6b:de:d9:a1:3c:fb:40:b1:49:
         ef:80:f6:1d:84:91:d0:4e:b1:5e:86:10:6d:55:29:66:a4:e7:
         e4:b7:31:99:23:0d:43:25:73:de:f9:a7:12:ae:97:7b:a9:3d:
         18:88:cf:35:82:bb:02:7a:d9:de:b8:61:c0:92:a6:8a:e8:f7:
         21:59:a8:7f:0f:6c:af:e7:54:b8:60:9f:a1:23:a8:fe:73:67:
         61:65:47:41:2c:58:16:69:1e:26:0c:9d:74:99:99:f5:f3:4c:
         01:4c:a9:fd:59:10:90:89:8e:98:d1:6d:a4:1d:08:98:a0:df:
         3f:28:0f:2a:81:a7:24:41:29:07:7f:84:9d:4f:70:39:84:54:
         e3:f8:8b:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYAwcwP9attc5K4oyroN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODRiYjAxYWE1OGFlOTRiMTMyMGZkNGJlNDIxM2Y5MzE0
ZTkwNTYwHhcNMjUwNTEzMTYwMDE0WhcNMjUwNTE0MTYwMDE0WjAzMTEwLwYDVQQD
EyhlMDVhOGUzZWQ4NDMyMDhkNDFjZTZkODFlZWZmYjcxODg1NTNiYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUIkqLlEQFk6eO64DtHdgpKaRvbB
zNPUb9RYI0LgXkhCl4TjFyHkoNjTKEjzCwrnCyCBv4XmLLCVH8W46h7AUfaraf2Q
1g/F68a9AR15IaUVZjznUUeE/PitOci9Gu2RSsClrxViwUmi3HmIoMJ44jWg/bPM
OKebmvgZWOTVFZDRNgHCARfgAGxv/aS2p8wXLnZikRfu4hSBzFtMpIhyXKqcZSim
EYHeQJm50Oo84uiaGnCi/zehFniTQY2iEyTYnMhMo9yqTIc5ftQze0Tlg2y4Km9P
3/3CnF0TNszx6SNFB0cIUB3L0JVqJUW+eLkQygz+eusJwnlrLT0usom2lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOBajj7YQyCNQc5tge7/txiFU7tuMB8GA1UdIwQY
MBaAFECEuwGqWK6UsTIP1L5CE/kxTpBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzkt
ZDFiNjQ4YTRmZDBlLzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzktZDFiNjQ4YTRmZDBl
LzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM36qe9b1
8q9wYDJsc0K16HjWZx4SYi862gjBrMgMm/V8LcZu/1XWihCkUVgh+7K8XNPCY3zf
7Vuyg1/xh1OJ0TOK5pZfJa2LoVY5CpcuQ/aWhLP5X7d43XE9oaKqG9XC1HhT5lhi
BqLmfFylSytYFG+UVzama97ZoTz7QLFJ74D2HYSR0E6xXoYQbVUpZqTn5LcxmSMN
QyVz3vmnEq6Xe6k9GIjPNYK7AnrZ3rhhwJKmiuj3IVmofw9sr+dUuGCfoSOo/nNn
YWVHQSxYFmkeJgyddJmZ9fNMAUyp/VkQkImOmNFtpB0ImKDfPygPKoGnJEEpB3+E
nU9wOYRU4/iLBw==
-----END CERTIFICATE-----