Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          E3+dLa1puiqMouyHgzoT37QUB+0bbtSfZpKbOu7Fo+o=
Subject key identifier:   77:4E:A7:74:D6:04:2B:04:94:B6:DB:EC:02:8F:91:30:EB:00:75:CA
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019644B2203B15600F716BF05D246327394F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          0452
Signing time:             Thu 17 Apr 2025 17:00:46 +0000
Manifest this update:     Thu 17 Apr 2025 17:00:46 +0000
Manifest next update:     Fri 18 Apr 2025 17:00:46 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: LooSEyDDmrONOR8+6FUK9x6JCnjvmqoA7Pcug1oD9mU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:b2:20:3b:15:60:0f:71:6b:f0:5d:24:63:27:39:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Apr 17 17:00:46 2025 GMT
            Not After : Apr 18 17:00:46 2025 GMT
        Subject: CN=774ea774d6042b0494b6dbec028f9130eb0075ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:84:0e:24:c7:3d:de:41:43:4b:7c:35:f4:82:
                    bd:b4:be:03:55:16:80:87:6c:3d:80:38:ff:ad:ca:
                    22:42:a7:ea:25:0e:79:22:0f:d3:5b:fc:da:44:eb:
                    75:94:ca:3f:26:b9:f3:02:61:e5:87:00:7b:fe:a7:
                    c6:84:f4:f3:c1:6f:f1:48:2c:f2:99:d9:ac:71:fa:
                    59:07:88:7b:12:da:b4:51:fd:03:f2:1b:06:f4:20:
                    06:40:b4:d9:4c:7c:a9:b3:51:07:26:1a:86:32:d9:
                    92:e2:55:ba:0d:77:d8:33:14:47:86:d4:20:7e:79:
                    12:40:96:d4:92:75:87:26:63:07:05:c3:36:c8:a6:
                    58:0f:b5:55:ce:72:ef:d2:ec:6c:11:f4:06:c5:1a:
                    1b:a3:21:48:78:e8:29:9e:2c:87:fc:b8:d8:e0:3a:
                    c5:a3:69:b5:96:cc:db:15:c4:fa:3b:60:b1:72:d2:
                    1c:15:6d:34:37:05:28:6f:79:83:06:4e:37:d9:52:
                    3a:2a:d0:75:22:a1:7f:92:81:02:48:f4:48:06:96:
                    3c:60:c6:96:54:ef:fe:a0:32:d2:c4:5d:d9:bb:53:
                    78:10:61:1e:e7:84:6c:c5:10:b8:37:b3:45:61:36:
                    52:2f:42:47:b3:8c:26:42:ff:bb:67:4b:62:a7:07:
                    e5:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:4E:A7:74:D6:04:2B:04:94:B6:DB:EC:02:8F:91:30:EB:00:75:CA
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:96:40:07:5a:84:1f:f6:e4:a8:65:02:c7:33:50:ac:33:ce:
         b7:6d:b3:1a:5a:59:bb:ed:e7:01:ed:db:34:c5:3c:66:33:0d:
         19:c1:3f:a0:de:d4:7e:b0:0a:37:c3:c1:b6:91:4a:40:a5:4e:
         9b:05:f8:05:d7:27:8f:46:67:6b:d2:01:51:c6:e5:b2:a2:de:
         ce:36:50:05:4a:65:b6:aa:2d:ad:6a:a8:1f:62:65:d3:a3:78:
         1f:14:26:50:a8:4c:2e:c7:6c:c6:e9:7d:b6:cd:ba:b7:95:ce:
         a0:c8:1c:00:ee:c4:20:ee:03:fb:f9:5e:84:e2:b4:23:f8:34:
         95:1d:e4:2f:9d:a3:d9:08:10:68:1a:37:77:f7:af:a7:c6:01:
         bb:b9:b5:7d:1d:37:20:ad:e0:59:a4:6a:07:26:bc:c9:f3:02:
         b1:c2:82:d9:da:c8:46:12:b9:18:81:4f:85:cc:f9:28:c9:14:
         f6:cf:6c:33:70:26:ac:3c:21:c0:9a:f6:f9:ad:86:69:cc:4e:
         17:73:43:f4:78:43:b3:09:e0:3b:3d:78:34:6f:31:df:c8:7d:
         e1:35:54:60:45:89:32:d3:12:6d:3a:94:8a:3f:1b:4e:03:16:
         56:77:a7:28:32:74:18:4d:7c:63:4b:81:3a:b4:ee:54:f4:e6:
         b9:55:a5:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEsiA7FWAPcWvwXSRjJzlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUwNDE3MTcwMDQ2WhcNMjUwNDE4MTcwMDQ2WjAzMTEwLwYDVQQD
Eyg3NzRlYTc3NGQ2MDQyYjA0OTRiNmRiZWMwMjhmOTEzMGViMDA3NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIQOJMc93kFDS3w19IK9tL4DVRaA
h2w9gDj/rcoiQqfqJQ55Ig/TW/zaROt1lMo/JrnzAmHlhwB7/qfGhPTzwW/xSCzy
mdmscfpZB4h7Etq0Uf0D8hsG9CAGQLTZTHyps1EHJhqGMtmS4lW6DXfYMxRHhtQg
fnkSQJbUknWHJmMHBcM2yKZYD7VVznLv0uxsEfQGxRoboyFIeOgpniyH/LjY4DrF
o2m1lszbFcT6O2CxctIcFW00NwUob3mDBk432VI6KtB1IqF/koECSPRIBpY8YMaW
VO/+oDLSxF3Zu1N4EGEe54RsxRC4N7NFYTZSL0JHs4wmQv+7Z0tipwflswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdOp3TWBCsElLbb7AKPkTDrAHXKMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC5ZAB1qE
H/bkqGUCxzNQrDPOt22zGlpZu+3nAe3bNMU8ZjMNGcE/oN7UfrAKN8PBtpFKQKVO
mwX4Bdcnj0Zna9IBUcblsqLezjZQBUpltqotrWqoH2Jl06N4HxQmUKhMLsdsxul9
ts26t5XOoMgcAO7EIO4D+/lehOK0I/g0lR3kL52j2QgQaBo3d/evp8YBu7m1fR03
IK3gWaRqBya8yfMCscKC2drIRhK5GIFPhcz5KMkU9s9sM3AmrDwhwJr2+a2GacxO
F3ND9HhDswngOz14NG8x38h94TVUYEWJMtMSbTqUij8bTgMWVnenKDJ0GE18Y0uB
OrTuVPTmuVWloQ==
-----END CERTIFICATE-----