Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
File:                     QIS7AapYrpSxMg_UvkIT-TFOkFY.mft (raw, json)
Hash identifier:          w1UM9NBMqlwBj19oQqBHt9//C0eOd15413pzOWa6xvU=
Subject key identifier:   A4:58:64:1B:EB:FA:AF:44:AD:E3:A3:7C:B8:76:B7:83:E0:C0:D7:BD
Authority key identifier: 40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56
Certificate issuer:       /CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
Certificate serial:       0197B7EA3DE8427290E64866FC4258C38723
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
Manifest number:          05A4
Signing time:             Sat 28 Jun 2025 19:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:11 +0000
Files and hashes:         1: QIS7AapYrpSxMg_UvkIT-TFOkFY.crl (hash: B6As/shd/3tTHu0/heWZFm7tCUIYNdQBgSTLFcFglmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:3d:e8:42:72:90:e6:48:66:fc:42:58:c3:87:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
        Validity
            Not Before: Jun 28 19:01:11 2025 GMT
            Not After : Jun 29 19:01:11 2025 GMT
        Subject: CN=a458641bebfaaf44ade3a37cb876b783e0c0d7bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d9:20:30:64:07:d6:b1:56:d7:9a:10:05:89:
                    34:76:d7:3d:2f:80:39:5c:75:6e:8f:a5:f9:f0:f0:
                    98:ab:cb:4b:fa:a9:97:c4:b8:15:3e:b8:d9:d2:3b:
                    8b:ae:83:7e:30:ec:03:bf:99:78:0c:7e:f2:b8:00:
                    46:a7:17:59:73:e5:aa:f4:29:5a:d8:7a:c9:ec:4d:
                    fe:1d:df:42:d1:61:bf:b0:e4:be:74:63:16:a0:2d:
                    df:a7:47:c2:60:e0:e1:de:aa:da:71:87:c5:b9:9e:
                    2f:01:e1:9c:07:2a:75:0d:a9:fb:b0:43:81:fa:1a:
                    1c:4a:93:15:55:ec:c4:18:4f:54:a8:ec:13:b3:0e:
                    28:6f:08:94:87:f7:80:55:02:85:2b:c4:b3:d0:76:
                    c6:f1:e0:22:0b:16:ff:df:38:2a:06:88:8f:b0:da:
                    62:27:99:b2:a7:4c:58:f1:b7:39:22:8f:eb:50:cf:
                    a8:17:e5:7a:e4:2e:81:8c:0b:f5:2a:41:33:20:ef:
                    24:bf:d7:66:ee:84:d3:ad:e1:50:d8:ce:22:d6:26:
                    00:1d:60:40:1c:d1:c1:72:12:8f:37:d8:1b:e1:dc:
                    db:95:29:25:79:76:b8:dc:70:59:b3:50:cf:b3:32:
                    1c:f5:98:32:37:df:1d:b5:9b:bb:6c:1e:7f:ef:23:
                    67:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:58:64:1B:EB:FA:AF:44:AD:E3:A3:7C:B8:76:B7:83:E0:C0:D7:BD
            X509v3 Authority Key Identifier:
                keyid:40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:a6:4a:2c:7e:16:32:55:5a:68:ad:15:5f:e4:1d:be:84:9f:
         d5:14:46:16:84:44:69:a6:c2:47:10:4d:f0:92:e1:13:2f:e2:
         17:04:df:7d:9c:77:14:ac:43:17:89:c7:c6:50:8c:7b:c5:e5:
         5d:ae:91:8c:3e:42:8d:5d:7f:7c:c8:31:10:1f:3d:e4:85:2d:
         ed:8c:19:44:84:f8:29:4e:9d:dd:34:26:96:c6:1b:01:0b:bb:
         5c:e4:0a:95:68:47:9e:35:ea:71:b9:c8:8b:19:71:41:a6:59:
         49:7c:3d:bd:af:7b:f9:9e:c4:cd:7a:ef:af:b1:d1:9c:d0:19:
         1f:16:93:f0:0f:e5:02:ce:1b:5a:a1:1e:98:ae:97:14:82:77:
         2a:e3:ba:9d:65:e2:fc:49:f2:a4:2c:cc:a7:c8:84:54:cc:15:
         a0:54:a8:38:da:a2:76:63:71:6a:1e:73:f4:22:10:5b:ac:c3:
         cf:a3:99:da:41:e6:43:b5:60:48:14:cd:e2:e1:c4:e1:6f:df:
         32:82:09:c9:42:54:b8:be:ca:8d:1b:08:1a:39:f5:34:d1:0b:
         fd:a6:de:85:66:44:a8:2c:83:18:17:ea:e7:c3:c0:23:52:c3:
         c0:6d:7a:73:aa:0c:7d:cb:83:3c:86:f7:c8:f7:36:68:fb:3f:
         b0:a3:4b:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36j3oQnKQ5khm/EJYw4cjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODRiYjAxYWE1OGFlOTRiMTMyMGZkNGJlNDIxM2Y5MzE0
ZTkwNTYwHhcNMjUwNjI4MTkwMTExWhcNMjUwNjI5MTkwMTExWjAzMTEwLwYDVQQD
EyhhNDU4NjQxYmViZmFhZjQ0YWRlM2EzN2NiODc2Yjc4M2UwYzBkN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9kgMGQH1rFW15oQBYk0dtc9L4A5
XHVuj6X58PCYq8tL+qmXxLgVPrjZ0juLroN+MOwDv5l4DH7yuABGpxdZc+Wq9Cla
2HrJ7E3+Hd9C0WG/sOS+dGMWoC3fp0fCYODh3qracYfFuZ4vAeGcByp1Dan7sEOB
+hocSpMVVezEGE9UqOwTsw4obwiUh/eAVQKFK8Sz0HbG8eAiCxb/3zgqBoiPsNpi
J5myp0xY8bc5Io/rUM+oF+V65C6BjAv1KkEzIO8kv9dm7oTTreFQ2M4i1iYAHWBA
HNHBchKPN9gb4dzblSkleXa43HBZs1DPszIc9ZgyN98dtZu7bB5/7yNnTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRYZBvr+q9EreOjfLh2t4PgwNe9MB8GA1UdIwQY
MBaAFECEuwGqWK6UsTIP1L5CE/kxTpBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzkt
ZDFiNjQ4YTRmZDBlLzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzktZDFiNjQ4YTRmZDBl
LzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqZKLH4W
MlVaaK0VX+QdvoSf1RRGFoREaabCRxBN8JLhEy/iFwTffZx3FKxDF4nHxlCMe8Xl
Xa6RjD5CjV1/fMgxEB895IUt7YwZRIT4KU6d3TQmlsYbAQu7XOQKlWhHnjXqcbnI
ixlxQaZZSXw9va97+Z7EzXrvr7HRnNAZHxaT8A/lAs4bWqEemK6XFIJ3KuO6nWXi
/EnypCzMp8iEVMwVoFSoONqidmNxah5z9CIQW6zDz6OZ2kHmQ7VgSBTN4uHE4W/f
MoIJyUJUuL7KjRsIGjn1NNEL/abehWZEqCyDGBfq58PAI1LDwG16c6oMfcuDPIb3
yPc2aPs/sKNL/Q==
-----END CERTIFICATE-----