Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft (raw, json)
Hash identifier:          kQRCF7CGjoG5f+8VIGlBLCZdXPMyQ8CeHN2Nw9tiWbw=
Subject key identifier:   AF:6A:00:92:61:DE:4E:CE:62:4C:F2:0E:DD:74:DE:15:C8:AE:B9:B0
Authority key identifier: AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Certificate issuer:       /CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
Certificate serial:       01965793D876B8249B2D4E2230AD2F7FB303
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
Manifest number:          0D81
Signing time:             Mon 21 Apr 2025 09:00:28 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:28 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:28 +0000
Files and hashes:         1: qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl (hash: hSjZhyHv0eT9zzyXaRotCyYrTLJ+qzG+AnsIaD61Ea4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:d8:76:b8:24:9b:2d:4e:22:30:ad:2f:7f:b3:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Validity
            Not Before: Apr 21 09:00:28 2025 GMT
            Not After : Apr 22 09:00:28 2025 GMT
        Subject: CN=af6a009261de4ece624cf20edd74de15c8aeb9b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:27:a6:66:73:10:fe:b4:97:33:c9:55:3a:ee:
                    a8:d7:a3:79:6a:ab:6e:4a:7b:77:69:86:f8:cd:9a:
                    57:b0:87:01:5c:48:a3:e8:bb:98:29:e0:ca:2d:2e:
                    2c:c1:1b:e5:39:01:d8:5b:0b:4d:70:ec:f6:ea:94:
                    42:c9:02:b2:43:fc:60:89:8a:32:18:1a:f0:c9:99:
                    ff:b3:08:90:4c:11:5a:a8:d4:5a:77:c2:63:c2:5a:
                    83:47:78:84:0a:f8:da:68:b7:0e:cb:18:00:ab:5c:
                    c7:40:96:09:cf:da:36:8f:7b:1e:f5:ee:35:e2:df:
                    77:6f:b3:f0:70:c4:1b:44:ab:b7:46:05:6f:a3:72:
                    f6:af:20:d5:69:8e:ef:f5:0e:cd:be:0a:51:e4:f8:
                    0d:67:55:e0:64:6c:2b:bb:3d:3b:11:67:97:09:38:
                    2f:5c:89:19:ff:9e:94:64:a0:98:20:69:ea:ec:05:
                    23:49:bf:66:97:eb:cc:c0:c7:a6:ac:76:37:0b:08:
                    13:54:d0:bc:c2:1f:32:cd:fc:89:a7:71:e0:1c:56:
                    9e:f2:fd:53:9b:d3:11:0b:41:3c:7a:1f:14:14:e2:
                    11:0f:37:55:e5:f2:97:b0:2d:23:77:bb:93:35:11:
                    fb:46:82:a0:5e:f2:15:66:f7:33:7f:70:33:f0:80:
                    28:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:6A:00:92:61:DE:4E:CE:62:4C:F2:0E:DD:74:DE:15:C8:AE:B9:B0
            X509v3 Authority Key Identifier:
                keyid:AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:32:76:02:c5:18:c2:82:b8:e0:65:1e:c0:bf:20:18:6d:49:
         87:e6:bd:0c:b3:aa:6a:d6:c1:27:43:c0:74:6c:01:f7:9c:45:
         cc:f8:4d:70:ce:93:b7:52:e3:73:7c:78:e2:51:2e:5e:a2:83:
         5b:47:43:b2:57:74:21:97:a0:6e:f9:78:6a:0f:16:98:84:a8:
         d8:04:07:9f:b4:2c:29:fa:a9:95:6f:2a:31:41:6d:92:c4:2b:
         2f:c0:0a:a6:18:02:66:a5:8a:15:9d:2f:ed:11:43:50:e2:47:
         c0:50:0e:44:d9:59:84:2e:9e:11:11:c9:11:d7:b3:c5:35:b6:
         5b:6e:fc:27:d7:51:2c:aa:96:6c:ad:60:57:b2:16:07:d8:ef:
         02:6b:f8:6d:9f:0c:d5:17:2f:7b:85:d0:5f:e3:d4:1e:99:33:
         26:6c:79:18:53:cf:46:c0:74:41:db:5b:60:d1:dd:66:b3:70:
         bf:6c:e7:2d:f9:04:cd:56:80:87:2f:97:99:44:f7:8f:eb:43:
         85:1f:9b:36:b7:66:5d:b5:06:2a:55:3a:b7:f2:fe:e4:c1:1a:
         42:30:84:c1:5f:bf:9b:b8:4b:c7:cd:88:cd:1d:56:32:7a:47:
         2a:ec:c7:15:da:17:ca:64:30:29:99:7e:a3:22:c3:b1:1d:8b:
         16:2d:10:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk9h2uCSbLU4iMK0vf7MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE3MDc5MzhiYTYyZmUxOWU2NDc0ZGFjNzg3ZGYzZjhj
ZmRlZTQwHhcNMjUwNDIxMDkwMDI4WhcNMjUwNDIyMDkwMDI4WjAzMTEwLwYDVQQD
EyhhZjZhMDA5MjYxZGU0ZWNlNjI0Y2YyMGVkZDc0ZGUxNWM4YWViOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CemZnMQ/rSXM8lVOu6o16N5aqtu
Snt3aYb4zZpXsIcBXEij6LuYKeDKLS4swRvlOQHYWwtNcOz26pRCyQKyQ/xgiYoy
GBrwyZn/swiQTBFaqNRad8JjwlqDR3iECvjaaLcOyxgAq1zHQJYJz9o2j3se9e41
4t93b7PwcMQbRKu3RgVvo3L2ryDVaY7v9Q7NvgpR5PgNZ1XgZGwruz07EWeXCTgv
XIkZ/56UZKCYIGnq7AUjSb9ml+vMwMemrHY3CwgTVNC8wh8yzfyJp3HgHFae8v1T
m9MRC0E8eh8UFOIRDzdV5fKXsC0jd7uTNRH7RoKgXvIVZvczf3Az8IAoiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9qAJJh3k7OYkzyDt103hXIrrmwMB8GA1UdIwQY
MBaAFKoqcHk4umL+GeZHTax4ffP4z97kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMt
ZDcxNmY0MDY4MTM5LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMtZDcxNmY0MDY4MTM5
LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDJ2AsUY
woK44GUewL8gGG1Jh+a9DLOqatbBJ0PAdGwB95xFzPhNcM6Tt1Ljc3x44lEuXqKD
W0dDsld0IZegbvl4ag8WmISo2AQHn7QsKfqplW8qMUFtksQrL8AKphgCZqWKFZ0v
7RFDUOJHwFAORNlZhC6eERHJEdezxTW2W278J9dRLKqWbK1gV7IWB9jvAmv4bZ8M
1Rcve4XQX+PUHpkzJmx5GFPPRsB0QdtbYNHdZrNwv2znLfkEzVaAhy+XmUT3j+tD
hR+bNrdmXbUGKlU6t/L+5MEaQjCEwV+/m7hLx82IzR1WMnpHKuzHFdoXymQwKZl+
oyLDsR2LFi0Q1g==
-----END CERTIFICATE-----