Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
File:                     QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft (raw, json)
Hash identifier:          9dzWB7ZKcOAH3riKJGG4KCCj41Ri0tk4xvcu4P2943Q=
Subject key identifier:   F0:3A:3C:DD:93:5C:4A:55:E7:48:F1:18:B9:42:EE:53:AD:FC:D7:2C
Authority key identifier: 42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84
Certificate issuer:       /CN=424c165b6a49349541c65af9b21580163819f284
Certificate serial:       019657263CC6B8951896768E448B09EF15F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
Manifest number:          089D
Signing time:             Mon 21 Apr 2025 07:00:45 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:45 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:45 +0000
Files and hashes:         1: QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl (hash: T8TjCZUQkqQ7+0k/lrLe3YLeHcpaqH4g0gdi6vHLZI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:3c:c6:b8:95:18:96:76:8e:44:8b:09:ef:15:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424c165b6a49349541c65af9b21580163819f284
        Validity
            Not Before: Apr 21 07:00:45 2025 GMT
            Not After : Apr 22 07:00:45 2025 GMT
        Subject: CN=f03a3cdd935c4a55e748f118b942ee53adfcd72c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5f:08:88:e7:da:c7:b0:ec:0f:2b:cf:33:59:
                    b7:cf:7f:14:22:02:6d:80:11:16:3d:5f:51:0f:7e:
                    32:c2:fe:db:63:37:ea:f8:cb:8c:b4:03:b3:b7:fc:
                    20:6e:18:46:6d:a5:42:5c:bf:48:ee:3d:cb:0b:21:
                    67:18:e2:21:ec:33:be:66:bc:a9:41:23:f3:1f:44:
                    90:d7:dd:3d:c9:36:8e:32:de:cb:63:1b:0a:93:52:
                    4c:df:53:60:cc:76:f1:8c:d0:1c:7c:6d:14:94:d2:
                    02:64:8f:c0:88:4a:8f:aa:10:f0:00:3b:66:0a:ea:
                    95:56:6f:00:20:48:1f:06:41:e0:b5:11:25:ed:b8:
                    95:e7:62:78:b8:a9:81:62:a9:04:e1:93:26:ff:c6:
                    91:8b:6b:8e:3f:c7:9b:0e:6e:cd:0b:4c:28:44:1a:
                    0f:8c:1b:51:cb:01:92:2e:a9:85:fd:b7:f7:93:b4:
                    b0:dc:47:b2:5a:02:e3:72:66:6b:5e:f1:2a:b6:64:
                    7b:e1:cc:1a:93:0b:d7:a3:33:51:80:4b:7b:c7:f1:
                    fe:ae:a7:3b:47:fe:04:60:38:39:37:0c:8e:d8:25:
                    88:32:81:89:67:d9:dd:6c:c0:03:c5:c6:b3:02:e7:
                    1c:67:af:8b:0c:a9:12:f3:c3:d0:61:3a:47:3f:6b:
                    85:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:3A:3C:DD:93:5C:4A:55:E7:48:F1:18:B9:42:EE:53:AD:FC:D7:2C
            X509v3 Authority Key Identifier:
                keyid:42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:30:f1:05:73:c0:36:c4:d3:89:8e:c7:78:39:d4:18:5c:16:
         74:dd:e1:c9:b5:8c:9a:84:e2:07:de:36:57:ca:0a:16:6b:43:
         bd:d9:ab:ab:1c:33:1a:ab:6b:d7:3f:ed:78:3d:c9:27:3f:6a:
         1a:fb:3f:94:11:a1:4d:9d:eb:08:e5:19:5a:67:18:b6:72:6d:
         d8:c5:e8:ce:6f:1c:fc:56:5f:6a:2b:06:c3:5a:ff:3c:65:28:
         58:eb:f5:b7:7b:23:11:a9:6d:d2:07:b5:54:ce:68:00:f5:0a:
         7b:b9:8b:8f:27:61:d0:53:7c:86:e7:d8:2c:68:94:5d:fe:c2:
         6a:36:6e:41:a3:99:ba:bf:15:9e:2a:76:eb:9e:cf:dc:3d:cf:
         e2:fc:40:c6:94:ae:1a:46:57:ca:c8:b2:0e:44:63:6e:cd:89:
         71:b0:12:c4:3d:ab:c9:d6:e6:28:b8:f2:67:c4:92:60:e9:e8:
         7e:0b:e3:78:d3:c5:86:66:e3:6e:d1:a6:4f:72:75:2d:03:ad:
         26:5a:6f:65:8a:69:0e:bc:5d:17:3e:ff:96:4f:f8:9c:d2:6e:
         7c:4f:6c:3f:11:56:0f:14:ea:07:3b:9f:03:8e:ee:aa:bb:ad:
         ed:0d:93:6f:33:0e:52:d8:ed:4c:05:3b:e9:f2:96:df:01:89:
         30:ea:f5:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJjzGuJUYlnaORIsJ7xX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGMxNjViNmE0OTM0OTU0MWM2NWFmOWIyMTU4MDE2Mzgx
OWYyODQwHhcNMjUwNDIxMDcwMDQ1WhcNMjUwNDIyMDcwMDQ1WjAzMTEwLwYDVQQD
EyhmMDNhM2NkZDkzNWM0YTU1ZTc0OGYxMThiOTQyZWU1M2FkZmNkNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1l8IiOfax7DsDyvPM1m3z38UIgJt
gBEWPV9RD34ywv7bYzfq+MuMtAOzt/wgbhhGbaVCXL9I7j3LCyFnGOIh7DO+Zryp
QSPzH0SQ1909yTaOMt7LYxsKk1JM31NgzHbxjNAcfG0UlNICZI/AiEqPqhDwADtm
CuqVVm8AIEgfBkHgtREl7biV52J4uKmBYqkE4ZMm/8aRi2uOP8ebDm7NC0woRBoP
jBtRywGSLqmF/bf3k7Sw3EeyWgLjcmZrXvEqtmR74cwakwvXozNRgEt7x/H+rqc7
R/4EYDg5NwyO2CWIMoGJZ9ndbMADxcazAuccZ6+LDKkS88PQYTpHP2uFHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPA6PN2TXEpV50jxGLlC7lOt/NcsMB8GA1UdIwQY
MBaAFEJMFltqSTSVQcZa+bIVgBY4GfKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgt
ZWMzYmY0ODE2ZDM2LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgtZWMzYmY0ODE2ZDM2
LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFjDxBXPA
NsTTiY7HeDnUGFwWdN3hybWMmoTiB942V8oKFmtDvdmrqxwzGqtr1z/teD3JJz9q
Gvs/lBGhTZ3rCOUZWmcYtnJt2MXozm8c/FZfaisGw1r/PGUoWOv1t3sjEalt0ge1
VM5oAPUKe7mLjydh0FN8hufYLGiUXf7CajZuQaOZur8Vnip2657P3D3P4vxAxpSu
GkZXysiyDkRjbs2JcbASxD2rydbmKLjyZ8SSYOnofgvjeNPFhmbjbtGmT3J1LQOt
JlpvZYppDrxdFz7/lk/4nNJufE9sPxFWDxTqBzufA47uqrut7Q2TbzMOUtjtTAU7
6fKW3wGJMOr1rg==
-----END CERTIFICATE-----