Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
File:                     QH75-Xcjo9WiGTasNNMZl_JWHrk.mft (raw, json)
Hash identifier:          Wd5K7xjBg2Tj4F0bM+G7INlKWNrl1C4/TxSxf6Cd7WI=
Subject key identifier:   61:42:27:14:44:27:F5:FF:63:F8:B6:61:79:4B:27:BB:2C:92:B5:64
Authority key identifier: 40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9
Certificate issuer:       /CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
Certificate serial:       019654933872D81CCFFB6E72CCC33488F82C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
Manifest number:          0BDD
Signing time:             Sun 20 Apr 2025 19:00:56 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:56 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:56 +0000
Files and hashes:         1: QH75-Xcjo9WiGTasNNMZl_JWHrk.crl (hash: bGGIwu4XEGBP16uxJBbqp9Ol67Ya/p6KYf5HkifYCYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:38:72:d8:1c:cf:fb:6e:72:cc:c3:34:88:f8:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
        Validity
            Not Before: Apr 20 19:00:56 2025 GMT
            Not After : Apr 21 19:00:56 2025 GMT
        Subject: CN=614227144427f5ff63f8b661794b27bb2c92b564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b2:ee:01:55:d3:cc:d2:2c:a0:55:2b:13:44:
                    8a:ec:3f:3a:77:54:70:e1:e7:d7:e1:93:23:90:69:
                    f9:4a:51:29:e6:a6:b6:df:82:73:d3:66:60:51:f2:
                    5a:ca:45:d4:72:9b:bd:73:9c:12:19:63:2b:43:46:
                    e8:1a:06:d6:7e:93:07:72:cc:ba:d4:40:a0:f0:82:
                    05:1f:4e:4e:ab:5c:6d:73:c4:3a:5e:c1:b6:71:54:
                    4e:39:f1:de:52:2f:fb:51:85:6d:d6:4b:7a:0d:21:
                    b5:a7:42:b8:c6:21:90:85:82:9a:f5:dc:fd:a2:0d:
                    5c:e1:e4:2b:2e:95:2e:87:15:df:39:09:54:df:5a:
                    9b:3c:b2:0d:3e:db:04:c1:f7:72:d6:00:a6:5e:7f:
                    76:a9:a5:52:26:d3:30:1b:70:1a:ad:56:42:4a:1d:
                    08:8c:c2:f1:86:8a:e7:4f:76:ea:a7:80:06:83:c3:
                    92:d1:93:9d:35:e3:cc:44:45:32:93:03:8d:7b:10:
                    58:63:32:72:15:1e:65:dd:3f:85:70:e0:8d:05:79:
                    a8:c5:fd:f0:ab:df:0c:94:23:97:d3:52:f5:e6:23:
                    f9:3b:2c:c0:bb:a5:fe:09:26:8e:78:83:09:88:63:
                    02:40:8c:a4:cb:3f:f2:ca:e9:5e:db:fb:93:70:82:
                    c9:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:42:27:14:44:27:F5:FF:63:F8:B6:61:79:4B:27:BB:2C:92:B5:64
            X509v3 Authority Key Identifier:
                keyid:40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c8:4a:12:25:19:a7:e4:50:e1:01:b9:c5:1a:da:49:4c:29:
         47:b9:22:29:67:77:8d:8f:9c:f3:27:65:9c:dd:f1:7e:c0:23:
         62:67:99:a1:d3:d6:a5:4e:ea:4a:af:98:ea:f6:34:0b:c1:99:
         73:16:98:b2:a0:13:7d:77:33:f1:b4:b5:ff:0b:d0:ba:ad:8f:
         55:f7:2f:e4:f7:d6:a5:1c:67:ce:93:cd:29:70:f0:fb:6e:c3:
         e3:ba:df:47:a2:33:3c:34:91:10:f5:71:fd:57:5f:f5:4e:80:
         3f:ca:ef:62:48:da:10:3e:aa:c1:42:02:95:c8:1a:87:45:9f:
         37:a3:f4:34:0e:0f:7b:5a:83:cd:33:48:1e:5f:b1:44:b9:ce:
         cd:0c:5f:b1:08:90:4c:3c:fa:00:c8:6a:c7:28:86:f5:ff:93:
         70:36:18:69:23:e2:dd:26:0e:8c:50:90:50:30:ca:f7:eb:e8:
         de:99:ec:39:7e:18:0f:60:4b:a4:20:53:e7:b8:b3:b8:9a:35:
         31:98:06:b4:d5:cf:b3:62:e6:17:42:93:06:53:06:d8:4e:bd:
         df:b3:e0:d2:52:15:89:58:3f:33:da:58:f5:54:09:bb:15:76:
         e6:99:8a:23:d0:4e:72:03:b0:34:63:ec:9c:1b:6e:df:88:01:
         0f:af:b7:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkzhy2BzP+25yzMM0iPgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2VmOWY5NzcyM2EzZDVhMjE5MzZhYzM0ZDMxOTk3ZjI1
NjFlYjkwHhcNMjUwNDIwMTkwMDU2WhcNMjUwNDIxMTkwMDU2WjAzMTEwLwYDVQQD
Eyg2MTQyMjcxNDQ0MjdmNWZmNjNmOGI2NjE3OTRiMjdiYjJjOTJiNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LLuAVXTzNIsoFUrE0SK7D86d1Rw
4efX4ZMjkGn5SlEp5qa234Jz02ZgUfJaykXUcpu9c5wSGWMrQ0boGgbWfpMHcsy6
1ECg8IIFH05Oq1xtc8Q6XsG2cVROOfHeUi/7UYVt1kt6DSG1p0K4xiGQhYKa9dz9
og1c4eQrLpUuhxXfOQlU31qbPLINPtsEwfdy1gCmXn92qaVSJtMwG3AarVZCSh0I
jMLxhornT3bqp4AGg8OS0ZOdNePMREUykwONexBYYzJyFR5l3T+FcOCNBXmoxf3w
q98MlCOX01L15iP5OyzAu6X+CSaOeIMJiGMCQIykyz/yyule2/uTcILJhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFCJxREJ/X/Y/i2YXlLJ7sskrVkMB8GA1UdIwQY
MBaAFEB++fl3I6PVohk2rDTTGZfyVh65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQt
OGQ2NmU3MjA0MjFkLzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQtOGQ2NmU3MjA0MjFk
LzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8hKEiUZ
p+RQ4QG5xRraSUwpR7kiKWd3jY+c8ydlnN3xfsAjYmeZodPWpU7qSq+Y6vY0C8GZ
cxaYsqATfXcz8bS1/wvQuq2PVfcv5PfWpRxnzpPNKXDw+27D47rfR6IzPDSREPVx
/Vdf9U6AP8rvYkjaED6qwUIClcgah0WfN6P0NA4Pe1qDzTNIHl+xRLnOzQxfsQiQ
TDz6AMhqxyiG9f+TcDYYaSPi3SYOjFCQUDDK9+vo3pnsOX4YD2BLpCBT57izuJo1
MZgGtNXPs2LmF0KTBlMG2E6937Pg0lIViVg/M9pY9VQJuxV25pmKI9BOcgOwNGPs
nBtu34gBD6+33Q==
-----END CERTIFICATE-----