Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          tpro9/3IiqCk30lqk3KSX6S5wi8oYFB+u+b6PvRYYeU=
Subject key identifier:   DF:B7:C4:25:16:0F:E7:01:CE:60:5C:A5:DF:2A:78:35:2B:73:04:8E
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       0197B6A1A918AD09F3B39D069084C504FE20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:02:17 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:17 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:17 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: kTSlN4FV/M7F54alB/1rEfnYrQ4euJEvNBr4JphmxuU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a9:18:ad:09:f3:b3:9d:06:90:84:c5:04:fe:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Jun 28 13:02:17 2025 GMT
            Not After : Jun 29 13:02:17 2025 GMT
        Subject: CN=dfb7c425160fe701ce605ca5df2a78352b73048e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ea:b7:c2:9c:be:b6:6b:71:5f:f1:24:29:d4:
                    92:7f:3e:19:56:a2:a6:a3:60:bb:a6:ab:f2:7e:50:
                    29:0f:ac:4e:5c:b4:49:0f:26:57:2d:a7:42:d4:d6:
                    50:d8:7a:57:15:5b:bb:b2:eb:52:2d:8f:4f:52:19:
                    52:05:98:f8:e8:68:71:e0:58:20:48:69:ee:94:3c:
                    fc:82:1a:b0:90:b0:c6:43:64:e9:ea:f5:36:83:43:
                    be:f7:2d:86:33:f4:69:10:8e:68:92:96:bd:20:fb:
                    15:71:0e:e6:85:62:33:a2:47:58:98:09:8c:80:09:
                    96:4e:f1:a2:ce:32:8a:71:45:c4:b3:87:1b:3b:95:
                    17:40:88:44:15:f2:27:dc:37:8d:e0:cd:3f:ef:ae:
                    0b:09:09:36:d5:0c:80:46:ba:32:2b:4f:12:c7:e4:
                    ca:06:05:b0:a9:af:64:ff:d4:93:07:cb:1b:65:90:
                    aa:3a:8c:88:7e:9c:1e:56:10:05:6f:5c:43:06:be:
                    69:78:37:25:5c:08:cc:ae:da:a8:6b:0e:9f:f0:fd:
                    b8:92:c6:a8:38:64:27:89:f9:74:66:2d:e2:c8:a0:
                    95:3b:a0:50:e3:0d:f9:9b:71:52:12:67:7f:49:ab:
                    46:96:99:af:78:b7:56:8f:51:4c:10:f3:73:a6:0c:
                    56:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:B7:C4:25:16:0F:E7:01:CE:60:5C:A5:DF:2A:78:35:2B:73:04:8E
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:58:67:1e:db:c5:e3:26:c9:41:37:47:59:7e:de:d0:bd:7a:
         1a:37:ab:ac:16:b3:d2:7d:6b:e9:cf:15:4d:03:52:34:98:95:
         26:1b:af:84:7f:d2:e5:92:97:d3:f4:dd:2a:b7:1b:f8:34:70:
         bf:1b:90:64:d7:8c:93:1d:17:44:59:84:b5:d2:6f:2d:15:b0:
         b9:f1:61:67:f8:1f:8a:d3:8d:af:7d:94:5a:87:00:05:0f:f4:
         f8:92:02:c3:4c:dc:9d:bd:28:b9:40:a5:20:04:63:3e:66:26:
         66:fb:52:ac:eb:fc:47:56:a9:ae:5d:f0:38:87:fa:1f:2c:78:
         e4:3c:8d:16:72:46:ce:13:94:40:b5:b6:be:46:65:f3:15:2b:
         45:b8:03:7f:df:08:e8:7f:e8:6d:14:0e:06:e3:b0:22:09:3d:
         f6:cc:db:f9:72:8d:c0:bf:3d:e9:d6:f0:52:1e:9a:f7:02:f9:
         ff:c9:2d:86:d8:e9:77:73:dc:fb:ac:f7:47:7e:7b:58:a7:7c:
         cc:ca:94:f9:55:c2:4a:7d:7e:39:c2:af:52:42:ac:7d:6c:bc:
         90:64:a2:f5:04:c7:c0:c5:de:62:53:4a:a3:9a:bd:0f:92:11:
         a1:df:0e:63:eb:1e:a8:dc:1f:9d:a5:22:63:f3:b4:44:f7:f7:
         40:09:eb:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oakYrQnzs50GkITFBP4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwNjI4MTMwMjE3WhcNMjUwNjI5MTMwMjE3WjAzMTEwLwYDVQQD
EyhkZmI3YzQyNTE2MGZlNzAxY2U2MDVjYTVkZjJhNzgzNTJiNzMwNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOq3wpy+tmtxX/EkKdSSfz4ZVqKm
o2C7pqvyflApD6xOXLRJDyZXLadC1NZQ2HpXFVu7sutSLY9PUhlSBZj46Ghx4Fgg
SGnulDz8ghqwkLDGQ2Tp6vU2g0O+9y2GM/RpEI5okpa9IPsVcQ7mhWIzokdYmAmM
gAmWTvGizjKKcUXEs4cbO5UXQIhEFfIn3DeN4M0/764LCQk21QyARroyK08Sx+TK
BgWwqa9k/9STB8sbZZCqOoyIfpweVhAFb1xDBr5peDclXAjMrtqoaw6f8P24ksao
OGQnifl0Zi3iyKCVO6BQ4w35m3FSEmd/SatGlpmveLdWj1FMEPNzpgxWLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+3xCUWD+cBzmBcpd8qeDUrcwSOMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp1hnHtvF
4ybJQTdHWX7e0L16GjerrBaz0n1r6c8VTQNSNJiVJhuvhH/S5ZKX0/TdKrcb+DRw
vxuQZNeMkx0XRFmEtdJvLRWwufFhZ/gfitONr32UWocABQ/0+JICw0zcnb0ouUCl
IARjPmYmZvtSrOv8R1aprl3wOIf6Hyx45DyNFnJGzhOUQLW2vkZl8xUrRbgDf98I
6H/obRQOBuOwIgk99szb+XKNwL896dbwUh6a9wL5/8kthtjpd3Pc+6z3R357WKd8
zMqU+VXCSn1+OcKvUkKsfWy8kGSi9QTHwMXeYlNKo5q9D5IRod8OY+seqNwfnaUi
Y/O0RPf3QAnrqA==
-----END CERTIFICATE-----