Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
File:                     QCzcwN4_54S70vviah2BZWpGfSI.mft (raw, json)
Hash identifier:          2EQzVmLFkPo5xM3yzvXQ9OuMclNXUXPi+DXQ9yHk0Hc=
Subject key identifier:   81:D6:48:FB:96:CD:A5:A0:A2:6B:48:A3:A6:C2:B5:D2:FF:64:A6:D2
Authority key identifier: 40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22
Certificate issuer:       /CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
Certificate serial:       0196C34BA5402F90A7BE80BC5786AF74AF64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
Manifest number:          07A9
Signing time:             Mon 12 May 2025 07:00:36 +0000
Manifest this update:     Mon 12 May 2025 07:00:36 +0000
Manifest next update:     Tue 13 May 2025 07:00:36 +0000
Files and hashes:         1: QCzcwN4_54S70vviah2BZWpGfSI.crl (hash: /6dxQD3VfpG6TWYuqthQur5HlnQiSdJ0hUiQVVlqeNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4b:a5:40:2f:90:a7:be:80:bc:57:86:af:74:af:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
        Validity
            Not Before: May 12 07:00:36 2025 GMT
            Not After : May 13 07:00:36 2025 GMT
        Subject: CN=81d648fb96cda5a0a26b48a3a6c2b5d2ff64a6d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1b:4b:5e:7a:6a:a1:be:34:d1:ed:a9:f9:81:
                    cc:cc:a6:83:09:e5:f0:b3:9b:d8:4b:7f:26:dd:b3:
                    89:70:f8:9c:0e:74:40:3d:14:dc:d0:67:aa:93:d1:
                    75:2c:97:cc:61:3a:76:cd:29:34:92:22:6a:16:d3:
                    7f:08:4c:fd:db:c4:68:cd:67:3c:27:24:06:59:24:
                    9d:f1:0b:03:55:64:62:57:84:b2:92:a3:8b:5e:a7:
                    03:cc:0c:8f:a7:0d:84:ab:7a:17:9d:22:f5:ad:59:
                    e2:7c:e6:f5:9f:d2:7d:d2:75:b6:d2:54:32:48:dc:
                    2a:9c:89:bb:0b:69:02:55:ba:5c:c6:02:70:84:c6:
                    f8:f2:4b:3a:a6:fd:7c:9f:ff:e0:2f:a6:57:0e:77:
                    d1:a5:c4:ee:6a:33:5b:f2:94:da:18:5b:e2:f2:f3:
                    88:19:4a:8c:f2:43:34:0c:3a:e8:1a:7c:5c:a9:36:
                    88:b1:86:2f:82:19:50:88:74:09:47:80:ee:9b:46:
                    ed:d5:56:cf:ee:88:50:8a:cf:37:06:08:df:cc:92:
                    f0:01:85:b6:df:5a:97:f1:a3:24:58:24:bb:2e:00:
                    bc:fb:c1:02:e1:e9:72:e1:88:79:2b:79:f8:37:c7:
                    3d:c1:8a:79:9b:5b:b8:15:ff:c7:9e:b2:f8:8b:9c:
                    66:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:D6:48:FB:96:CD:A5:A0:A2:6B:48:A3:A6:C2:B5:D2:FF:64:A6:D2
            X509v3 Authority Key Identifier:
                keyid:40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:cb:85:72:5c:be:21:de:1a:c9:f1:34:bd:16:ba:18:b2:4d:
         b4:3a:13:7e:c8:29:2b:8a:ac:00:f1:ce:4c:86:1b:97:71:ce:
         75:5e:d2:24:44:02:76:70:ce:ef:f6:88:dc:22:3f:91:2f:44:
         00:87:4c:0f:91:f9:2c:13:bc:07:16:58:cc:29:ba:fe:ca:b8:
         c6:bc:85:4a:cf:dc:a9:46:b8:b8:97:2d:59:22:27:3c:63:0f:
         7f:24:17:10:4b:a0:2d:44:2e:ab:dd:fe:58:26:9d:3d:54:14:
         eb:c0:68:49:ee:2e:08:d9:3a:9b:04:aa:ae:fb:63:20:d4:2b:
         e7:40:7d:0c:bc:d9:10:16:39:89:19:43:0c:86:a5:c8:79:8d:
         63:31:62:8b:eb:39:08:b3:d7:0a:50:89:8e:7d:ba:f6:88:ce:
         48:8c:0a:a4:c4:d6:e2:36:78:77:99:de:22:69:4c:ad:d2:3f:
         ab:a6:12:2b:9c:6b:f5:14:99:8f:1b:10:0e:14:2c:78:b0:28:
         55:d3:77:c9:54:a1:0f:c7:e2:08:82:68:7d:a0:c7:8b:1b:e7:
         21:6b:b8:0b:cc:20:2c:a5:09:b2:e4:01:07:7a:0e:cd:1b:bc:
         2c:7b:2c:92:2f:69:09:fe:d7:f1:68:3f:ad:20:94:13:7b:06:
         bd:0f:b2:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDS6VAL5CnvoC8V4avdK9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMmNkY2MwZGUzZmU3ODRiYmQyZmJlMjZhMWQ4MTY1NmE0
NjdkMjIwHhcNMjUwNTEyMDcwMDM2WhcNMjUwNTEzMDcwMDM2WjAzMTEwLwYDVQQD
Eyg4MWQ2NDhmYjk2Y2RhNWEwYTI2YjQ4YTNhNmMyYjVkMmZmNjRhNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhtLXnpqob400e2p+YHMzKaDCeXw
s5vYS38m3bOJcPicDnRAPRTc0Geqk9F1LJfMYTp2zSk0kiJqFtN/CEz928RozWc8
JyQGWSSd8QsDVWRiV4SykqOLXqcDzAyPpw2Eq3oXnSL1rVnifOb1n9J90nW20lQy
SNwqnIm7C2kCVbpcxgJwhMb48ks6pv18n//gL6ZXDnfRpcTuajNb8pTaGFvi8vOI
GUqM8kM0DDroGnxcqTaIsYYvghlQiHQJR4Dum0bt1VbP7ohQis83BgjfzJLwAYW2
31qX8aMkWCS7LgC8+8EC4ely4Yh5K3n4N8c9wYp5m1u4Ff/HnrL4i5xmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHWSPuWzaWgomtIo6bCtdL/ZKbSMB8GA1UdIwQY
MBaAFEAs3MDeP+eEu9L74modgWVqRn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUt
ODY0ZGFjYTZjZmRmLzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUtODY0ZGFjYTZjZmRm
LzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS8uFcly+
Id4ayfE0vRa6GLJNtDoTfsgpK4qsAPHOTIYbl3HOdV7SJEQCdnDO7/aI3CI/kS9E
AIdMD5H5LBO8BxZYzCm6/sq4xryFSs/cqUa4uJctWSInPGMPfyQXEEugLUQuq93+
WCadPVQU68BoSe4uCNk6mwSqrvtjINQr50B9DLzZEBY5iRlDDIalyHmNYzFii+s5
CLPXClCJjn269ojOSIwKpMTW4jZ4d5neImlMrdI/q6YSK5xr9RSZjxsQDhQseLAo
VdN3yVShD8fiCIJofaDHixvnIWu4C8wgLKUJsuQBB3oOzRu8LHsski9pCf7X8Wg/
rSCUE3sGvQ+yeA==
-----END CERTIFICATE-----