Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          0FUyBk2L5dRaD0JOuU6NwlaBKwMW9x+wtD93ByJTeoI=
Subject key identifier:   9D:01:28:76:15:E4:F8:36:FB:F6:92:6B:49:6E:B2:F5:34:06:5C:6D
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       01965537A8A0F03D9705BA7083828A1BC0A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          0973
Signing time:             Sun 20 Apr 2025 22:00:32 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:32 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:32 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: M9O22xUpZYnPbcbuCOS+raue2Ek3UplEcxPRokb9ACI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:a8:a0:f0:3d:97:05:ba:70:83:82:8a:1b:c0:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Apr 20 22:00:32 2025 GMT
            Not After : Apr 21 22:00:32 2025 GMT
        Subject: CN=9d01287615e4f836fbf6926b496eb2f534065c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:36:99:32:74:92:63:67:dc:b1:ae:dc:f3:4b:
                    69:bb:94:55:3b:4f:2b:12:63:cc:cd:63:df:73:39:
                    b4:b1:c8:eb:95:29:56:a6:a8:89:5a:8c:6d:58:06:
                    67:bd:15:c8:ad:d8:19:57:92:23:86:54:b6:5c:40:
                    2a:26:55:86:fa:58:68:78:07:06:4b:53:e4:e1:11:
                    bc:01:5b:4d:75:f2:99:64:d7:84:e5:22:4d:11:e4:
                    79:52:3b:0d:b6:71:0e:09:67:9d:88:a2:5c:7e:82:
                    b7:37:79:af:a4:f1:68:26:39:b4:7d:69:93:18:da:
                    fb:bd:57:22:6a:21:29:bc:70:ea:3c:b5:e3:35:21:
                    8e:c2:a1:a9:d0:ec:e7:53:2e:2b:c2:96:a9:65:83:
                    b7:78:de:45:c9:13:bf:87:55:93:84:5e:5d:65:5a:
                    95:ab:86:ef:29:43:9a:41:de:d1:f5:3d:e2:ed:0d:
                    d2:8b:7a:a7:d4:97:6f:db:4f:50:90:b4:23:7f:a1:
                    d7:a8:24:f6:0a:9a:f9:43:09:5a:17:5b:e5:0c:a1:
                    e6:d3:a1:84:7d:76:4d:00:a7:db:86:54:5f:6c:1d:
                    cf:17:4a:c8:31:0b:5b:f4:ac:50:95:47:7a:27:e1:
                    c5:95:8e:ef:54:be:01:54:e5:75:6b:89:4a:f8:e5:
                    e1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:01:28:76:15:E4:F8:36:FB:F6:92:6B:49:6E:B2:F5:34:06:5C:6D
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:d1:c9:10:d4:75:2c:7e:58:84:66:7a:13:2e:a9:b3:86:24:
         08:b9:a3:8a:36:38:82:0a:92:05:da:55:c8:16:c0:1c:40:e3:
         75:d4:32:57:43:72:7b:71:46:59:34:bb:e7:a2:2b:20:dd:98:
         a4:d4:56:de:25:4d:3f:79:53:64:c2:8e:49:b6:02:dd:d4:90:
         89:2e:ac:fa:53:ab:9e:a6:9c:e0:88:f8:78:1e:11:43:1e:df:
         9b:89:b2:eb:39:80:37:fe:d4:53:21:42:e7:e8:cf:70:14:67:
         d9:5f:3b:44:17:58:20:3f:e1:97:bf:a0:49:21:31:33:bd:c6:
         e3:05:1c:36:f9:9e:cd:1d:7c:18:4c:18:bc:0c:69:e7:64:b7:
         35:53:8c:cb:3d:d6:c8:dc:0b:5a:b4:05:29:2f:79:e8:76:85:
         54:5d:e5:5d:f0:cf:81:63:8c:20:da:80:22:1f:62:a7:47:a8:
         9a:93:84:55:7b:0e:aa:48:3f:68:6b:e4:a9:f7:c2:20:93:72:
         f8:17:f6:71:fd:98:75:60:2e:f9:e1:fd:44:ad:0a:81:19:ea:
         c2:c9:36:5c:e0:56:b2:a9:51:e3:bc:84:73:fe:43:1f:e1:8f:
         57:12:83:2b:19:98:f2:b1:ac:00:6a:7b:4e:61:3b:db:c0:78:
         93:00:79:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN6ig8D2XBbpwg4KKG8CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUwNDIwMjIwMDMyWhcNMjUwNDIxMjIwMDMyWjAzMTEwLwYDVQQD
Eyg5ZDAxMjg3NjE1ZTRmODM2ZmJmNjkyNmI0OTZlYjJmNTM0MDY1YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TaZMnSSY2fcsa7c80tpu5RVO08r
EmPMzWPfczm0scjrlSlWpqiJWoxtWAZnvRXIrdgZV5IjhlS2XEAqJlWG+lhoeAcG
S1Pk4RG8AVtNdfKZZNeE5SJNEeR5UjsNtnEOCWediKJcfoK3N3mvpPFoJjm0fWmT
GNr7vVciaiEpvHDqPLXjNSGOwqGp0OznUy4rwpapZYO3eN5FyRO/h1WThF5dZVqV
q4bvKUOaQd7R9T3i7Q3Si3qn1Jdv209QkLQjf6HXqCT2Cpr5QwlaF1vlDKHm06GE
fXZNAKfbhlRfbB3PF0rIMQtb9KxQlUd6J+HFlY7vVL4BVOV1a4lK+OXh9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0BKHYV5Pg2+/aSa0lusvU0BlxtMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdHJENR1
LH5YhGZ6Ey6ps4YkCLmjijY4ggqSBdpVyBbAHEDjddQyV0Nye3FGWTS756IrIN2Y
pNRW3iVNP3lTZMKOSbYC3dSQiS6s+lOrnqac4Ij4eB4RQx7fm4my6zmAN/7UUyFC
5+jPcBRn2V87RBdYID/hl7+gSSExM73G4wUcNvmezR18GEwYvAxp52S3NVOMyz3W
yNwLWrQFKS956HaFVF3lXfDPgWOMINqAIh9ip0eompOEVXsOqkg/aGvkqffCIJNy
+Bf2cf2YdWAu+eH9RK0KgRnqwsk2XOBWsqlR47yEc/5DH+GPVxKDKxmY8rGsAGp7
TmE728B4kwB5Tw==
-----END CERTIFICATE-----