Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          w2s2/M2K9/UGUzMToaHMMrtmOTpAq8DX4LDnTzl/fGA=
Subject key identifier:   A9:4F:36:55:7A:61:1F:7E:6E:F3:84:11:3F:5A:CD:5C:E6:F8:55:E5
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       0197B88F40084B9CC5B1C485484D0B4EF5E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          0A2B
Signing time:             Sat 28 Jun 2025 22:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:25 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: Sh5uR2SZLovPX46mOWMqQe/NxXRIYoMGRjAoeiKN2pk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:40:08:4b:9c:c5:b1:c4:85:48:4d:0b:4e:f5:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Jun 28 22:01:25 2025 GMT
            Not After : Jun 29 22:01:25 2025 GMT
        Subject: CN=a94f36557a611f7e6ef384113f5acd5ce6f855e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:72:0b:91:d2:75:fc:bc:a4:cc:00:c8:f6:25:
                    e8:0c:24:b2:10:ba:30:c9:91:4b:ce:1a:98:fd:c8:
                    14:9f:ed:0d:80:51:5e:75:67:29:82:0b:a5:a3:88:
                    7c:af:f3:f6:7e:0d:46:e3:59:dd:d3:44:c6:4c:77:
                    98:fe:4f:ba:8f:0c:b1:d3:40:ee:7a:b5:d2:20:fb:
                    b6:77:3d:25:82:46:4d:6f:71:9d:2f:cd:3f:8f:93:
                    2f:80:34:49:86:39:58:3e:5e:5d:ee:9c:34:ae:40:
                    ac:2e:82:b4:49:b0:d0:d5:b4:c7:8f:c2:ef:14:05:
                    5e:a4:19:0a:48:ab:8e:64:cd:02:d3:64:d9:d8:c0:
                    8e:ee:5f:5e:78:10:ac:6d:ac:f6:2c:aa:51:59:02:
                    ae:41:96:4b:79:e5:3e:cc:de:9c:35:db:ce:2a:04:
                    3d:9d:5c:a3:37:34:da:b7:db:48:eb:dd:5d:06:a6:
                    be:29:9a:5b:54:bf:32:30:85:a0:b7:a6:c3:1f:e2:
                    58:13:28:86:1d:36:6e:ab:dc:cc:be:3b:c5:98:04:
                    d0:0a:f2:3d:12:65:b5:ff:fe:8b:58:6f:87:c6:3a:
                    3e:f6:e6:32:aa:25:d6:ff:df:76:8e:b2:54:48:2f:
                    ce:81:23:96:d8:d1:db:5d:9a:83:74:43:1c:62:08:
                    5d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:4F:36:55:7A:61:1F:7E:6E:F3:84:11:3F:5A:CD:5C:E6:F8:55:E5
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:8a:c1:06:3d:ab:b8:f0:61:75:72:4c:1c:e8:5a:8f:bf:09:
         96:0d:b9:f1:7c:da:e5:ff:70:2f:37:53:a1:f8:5b:c1:7c:b2:
         54:0f:5f:20:19:40:17:38:8b:d9:2d:57:29:79:79:35:3e:23:
         ef:3f:2c:5f:52:0b:08:fe:5c:a9:fd:69:29:a6:d5:dc:d5:25:
         26:6e:23:42:d9:d0:51:06:c4:c2:a3:58:9d:b4:4a:28:da:9b:
         9d:05:a9:db:fa:14:de:f1:d9:fa:83:b0:59:ba:99:41:30:6a:
         ea:66:f3:d4:73:a3:d4:d4:0f:40:79:b6:6d:ed:ee:a8:b8:63:
         01:1f:3c:42:16:82:f4:37:4e:1a:c6:34:f5:be:b9:f5:aa:63:
         7e:7a:55:13:30:bc:66:12:7b:84:f9:4a:06:21:8f:b6:6c:45:
         67:26:fc:ed:e2:e1:57:37:f1:10:f2:ce:94:58:ef:fc:ca:4d:
         4b:4c:06:1f:8a:23:31:7e:df:18:be:1f:59:d6:b0:89:68:a3:
         d4:c6:10:6b:b9:56:67:9e:0a:5f:48:83:90:ba:16:a2:80:80:
         85:03:12:ae:4e:61:3f:27:6c:ae:68:6d:39:90:28:37:28:84:
         00:b2:3e:b5:94:3f:3f:5f:bb:2e:92:36:af:ce:6f:8d:60:ff:
         b5:c0:e8:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j0AIS5zFscSFSE0LTvXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUwNjI4MjIwMTI1WhcNMjUwNjI5MjIwMTI1WjAzMTEwLwYDVQQD
EyhhOTRmMzY1NTdhNjExZjdlNmVmMzg0MTEzZjVhY2Q1Y2U2Zjg1NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinILkdJ1/LykzADI9iXoDCSyELow
yZFLzhqY/cgUn+0NgFFedWcpggulo4h8r/P2fg1G41nd00TGTHeY/k+6jwyx00Du
erXSIPu2dz0lgkZNb3GdL80/j5MvgDRJhjlYPl5d7pw0rkCsLoK0SbDQ1bTHj8Lv
FAVepBkKSKuOZM0C02TZ2MCO7l9eeBCsbaz2LKpRWQKuQZZLeeU+zN6cNdvOKgQ9
nVyjNzTat9tI691dBqa+KZpbVL8yMIWgt6bDH+JYEyiGHTZuq9zMvjvFmATQCvI9
EmW1//6LWG+Hxjo+9uYyqiXW/992jrJUSC/OgSOW2NHbXZqDdEMcYghdaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlPNlV6YR9+bvOEET9azVzm+FXlMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZYrBBj2r
uPBhdXJMHOhaj78Jlg258Xza5f9wLzdTofhbwXyyVA9fIBlAFziL2S1XKXl5NT4j
7z8sX1ILCP5cqf1pKabV3NUlJm4jQtnQUQbEwqNYnbRKKNqbnQWp2/oU3vHZ+oOw
WbqZQTBq6mbz1HOj1NQPQHm2be3uqLhjAR88QhaC9DdOGsY09b659apjfnpVEzC8
ZhJ7hPlKBiGPtmxFZyb87eLhVzfxEPLOlFjv/MpNS0wGH4ojMX7fGL4fWdawiWij
1MYQa7lWZ54KX0iDkLoWooCAhQMSrk5hPydsrmhtOZAoNyiEALI+tZQ/P1+7LpI2
r85vjWD/tcDo7w==
-----END CERTIFICATE-----