Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
File:                     QH75-Xcjo9WiGTasNNMZl_JWHrk.mft (raw, json)
Hash identifier:          8bsUtMSd4MKpDNjZTYL58VZHPC373nYTxaKw4SvHpbc=
Subject key identifier:   2B:45:AE:A4:43:3A:C2:76:43:AA:17:19:75:12:40:B6:CA:11:8B:E7
Authority key identifier: 40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9
Certificate issuer:       /CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
Certificate serial:       019846D22D1E07A69CC4941DB3F070C32261
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
Manifest number:          0CDF
Signing time:             Sat 26 Jul 2025 13:00:35 +0000
Manifest this update:     Sat 26 Jul 2025 13:00:35 +0000
Manifest next update:     Sun 27 Jul 2025 13:00:35 +0000
Files and hashes:         1: QH75-Xcjo9WiGTasNNMZl_JWHrk.crl (hash: +Hg48xriQdNKevy3zRIrXXFnoAHLCI9NKgfb7eFpYMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:46:d2:2d:1e:07:a6:9c:c4:94:1d:b3:f0:70:c3:22:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
        Validity
            Not Before: Jul 26 13:00:35 2025 GMT
            Not After : Jul 27 13:00:35 2025 GMT
        Subject: CN=2b45aea4433ac27643aa1719751240b6ca118be7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:60:06:b6:5a:75:e9:cc:48:83:94:78:49:4f:
                    d7:ce:44:68:bf:52:09:d4:3a:bf:f8:d5:c1:b0:dd:
                    f9:55:89:2c:b3:6e:cf:87:4b:25:ca:59:8c:25:e8:
                    e7:09:f6:f9:61:35:2e:19:0b:45:bf:d2:89:5c:f7:
                    be:f5:37:d0:e1:0b:74:98:5f:56:4f:d7:33:b9:bb:
                    6a:c2:18:33:8b:23:93:26:26:f2:5a:ee:a2:50:57:
                    c6:1f:11:ed:a7:f4:96:42:59:52:cb:a9:a7:0b:f4:
                    76:18:21:5e:58:9e:54:d7:24:33:03:12:1d:15:65:
                    4d:96:c8:92:0a:44:1e:c9:02:41:40:80:53:01:bf:
                    e1:97:45:63:62:e8:f3:01:7a:83:50:4c:b4:d7:c4:
                    66:74:8d:56:97:cc:9e:69:26:99:90:97:32:13:8e:
                    14:34:cf:41:ba:37:b2:2c:a6:e3:98:04:49:78:fd:
                    8b:ee:db:36:89:f2:7b:a6:ca:93:b6:c3:e1:a3:0a:
                    07:49:7b:90:8c:f5:cf:fc:a0:e7:09:b4:0c:34:45:
                    7c:b3:68:6f:91:1a:91:df:a1:2b:a6:b1:03:ca:30:
                    ed:ea:17:2a:43:39:5a:a6:4b:fc:14:49:d2:7f:14:
                    b6:00:98:93:68:ac:2f:58:e3:c0:1d:d6:6a:f3:ec:
                    78:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:45:AE:A4:43:3A:C2:76:43:AA:17:19:75:12:40:B6:CA:11:8B:E7
            X509v3 Authority Key Identifier:
                keyid:40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:bf:99:7a:a2:36:e3:69:29:d9:3a:75:71:96:3c:fe:60:de:
         1b:83:63:a9:ce:bb:5a:7f:40:ec:13:1c:90:71:54:61:ef:12:
         16:72:95:bc:db:82:ab:a9:1c:c4:b8:df:e9:7d:0e:79:ee:f6:
         61:c5:01:77:8e:f4:3d:af:61:e0:a8:19:68:61:98:a1:60:1d:
         7c:e5:83:99:60:1e:45:8c:fb:0c:89:ce:a0:b3:4b:8a:88:ff:
         93:84:56:03:2e:e7:cd:cd:48:c0:2f:8f:ca:e5:e4:9f:7d:dd:
         d2:19:c1:dc:f2:fc:a7:38:ae:67:36:8a:74:7c:c6:9b:3f:86:
         d9:ad:bd:0d:eb:54:54:37:b2:b0:e0:c1:bf:87:43:67:5e:7d:
         c3:25:7d:63:53:dc:25:7f:72:1f:9a:d6:75:96:52:38:32:62:
         c1:78:5d:6f:af:df:fe:fb:28:dc:97:ff:ed:ad:0b:41:ec:4a:
         e4:cd:9d:bf:50:08:4a:04:60:1d:dc:1d:63:ae:44:ed:9b:8a:
         4e:04:ae:16:1d:49:52:a9:6d:ca:79:83:81:3b:ee:47:d3:b2:
         0e:61:0b:1f:ec:ef:ad:c5:46:ab:ca:13:1e:3e:46:d0:11:63:
         f9:28:1a:ce:b5:39:c6:e5:45:f4:d4:24:e1:51:d6:af:87:55:
         aa:75:f7:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhG0i0eB6acxJQds/BwwyJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2VmOWY5NzcyM2EzZDVhMjE5MzZhYzM0ZDMxOTk3ZjI1
NjFlYjkwHhcNMjUwNzI2MTMwMDM1WhcNMjUwNzI3MTMwMDM1WjAzMTEwLwYDVQQD
EygyYjQ1YWVhNDQzM2FjMjc2NDNhYTE3MTk3NTEyNDBiNmNhMTE4YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGAGtlp16cxIg5R4SU/XzkRov1IJ
1Dq/+NXBsN35VYkss27Ph0slylmMJejnCfb5YTUuGQtFv9KJXPe+9TfQ4Qt0mF9W
T9czubtqwhgziyOTJibyWu6iUFfGHxHtp/SWQllSy6mnC/R2GCFeWJ5U1yQzAxId
FWVNlsiSCkQeyQJBQIBTAb/hl0VjYujzAXqDUEy018RmdI1Wl8yeaSaZkJcyE44U
NM9BujeyLKbjmARJeP2L7ts2ifJ7psqTtsPhowoHSXuQjPXP/KDnCbQMNEV8s2hv
kRqR36ErprEDyjDt6hcqQzlapkv8FEnSfxS2AJiTaKwvWOPAHdZq8+x4RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtFrqRDOsJ2Q6oXGXUSQLbKEYvnMB8GA1UdIwQY
MBaAFEB++fl3I6PVohk2rDTTGZfyVh65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQt
OGQ2NmU3MjA0MjFkLzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQtOGQ2NmU3MjA0MjFk
LzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZL+ZeqI2
42kp2Tp1cZY8/mDeG4Njqc67Wn9A7BMckHFUYe8SFnKVvNuCq6kcxLjf6X0Oee72
YcUBd470Pa9h4KgZaGGYoWAdfOWDmWAeRYz7DInOoLNLioj/k4RWAy7nzc1IwC+P
yuXkn33d0hnB3PL8pziuZzaKdHzGmz+G2a29DetUVDeysODBv4dDZ159wyV9Y1Pc
JX9yH5rWdZZSODJiwXhdb6/f/vso3Jf/7a0LQexK5M2dv1AISgRgHdwdY65E7ZuK
TgSuFh1JUqltynmDgTvuR9OyDmELH+zvrcVGq8oTHj5G0BFj+SgazrU5xuVF9NQk
4VHWr4dVqnX3pg==
-----END CERTIFICATE-----