Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          pyIyFxWVlLsT7OST9dB9H5m1X42fSLUvNZiDKxNQkPw=
Subject key identifier:   A9:BA:CE:EE:01:78:AE:6F:33:F9:71:9C:A6:D9:F5:8D:31:4D:B6:2A
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       01974779B0350BCE3D01F0AE6C3E4BD4E43F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          04D8
Signing time:             Fri 06 Jun 2025 23:00:46 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:46 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:46 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: nSNxE3R6ZqQdDqratBqhtsIpQnRY1NS2raY5IzYm6Vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:b0:35:0b:ce:3d:01:f0:ae:6c:3e:4b:d4:e4:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Jun  6 23:00:46 2025 GMT
            Not After : Jun  7 23:00:46 2025 GMT
        Subject: CN=a9baceee0178ae6f33f9719ca6d9f58d314db62a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8b:a4:ce:ff:69:91:f4:03:93:88:9b:35:e7:
                    7d:9c:37:45:e4:7a:ab:8a:2b:74:f5:03:2e:33:9e:
                    85:4e:87:85:de:0c:ea:0f:dd:e2:88:98:9b:48:12:
                    dc:dc:78:d4:fa:59:a7:97:9c:c3:f8:02:a2:b2:b2:
                    2a:7d:28:f4:b8:e7:5c:12:13:93:67:24:fb:46:06:
                    3e:9d:4c:f8:97:63:21:6f:3e:e3:ba:6e:e4:9a:50:
                    06:55:36:75:df:f2:91:ed:d8:28:a5:c4:a4:9b:5d:
                    61:bf:d5:32:62:c5:65:30:dd:da:c8:6d:5e:69:a5:
                    5f:a3:19:3a:40:6c:50:a0:14:84:11:2b:05:fe:3b:
                    0f:57:4f:60:fb:72:d0:24:46:0e:01:ba:d1:f8:59:
                    dd:25:d5:3a:0a:79:9b:af:c6:67:ad:cc:93:85:bf:
                    4b:8d:40:5d:26:84:96:22:59:21:a4:b4:8b:2a:2a:
                    5a:9f:96:2f:7f:26:3f:14:a9:03:5a:2e:51:97:91:
                    72:95:df:ab:7b:71:1b:2f:ba:06:36:c5:36:94:81:
                    15:1d:c4:ec:ca:81:de:8c:e9:7e:00:ed:d8:d9:26:
                    cb:63:8d:0c:c6:ed:4a:01:29:a9:bd:2e:4d:e6:8f:
                    03:1e:df:d2:eb:f9:d6:ab:bb:85:bc:5f:50:a6:63:
                    28:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:BA:CE:EE:01:78:AE:6F:33:F9:71:9C:A6:D9:F5:8D:31:4D:B6:2A
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:6b:7b:07:73:88:a1:32:f8:9e:01:c7:ab:69:36:a7:2c:ca:
         39:aa:fb:df:b1:62:b2:7f:9b:2e:ea:22:a9:69:a9:06:fd:b8:
         48:54:43:ed:df:8e:46:89:68:63:00:07:0d:4f:ef:5b:9a:1e:
         c0:9c:ac:2d:f3:af:1b:a3:75:55:a3:b5:9c:42:1a:b3:14:d8:
         72:62:a8:b0:79:ef:fc:35:4c:d1:77:37:d3:43:0d:3b:ee:b0:
         cf:7a:41:ce:5a:39:29:b7:ca:7a:e8:10:e9:64:ea:0c:ba:23:
         53:53:aa:d7:4f:63:af:4e:4e:34:3a:f6:18:81:dd:ba:bd:00:
         dd:85:db:31:0b:7f:d5:d0:e3:9b:bb:cf:10:f7:34:a0:e7:b9:
         f2:9c:c6:21:65:57:74:56:4a:91:ce:5a:4b:37:b3:56:f1:b0:
         f7:82:ce:c1:f4:27:c5:95:52:b0:29:51:ea:cf:e5:df:d3:ae:
         dc:74:23:91:fa:f7:15:40:6e:29:44:c4:ef:2a:58:1b:d9:ec:
         a0:61:17:a4:5f:67:9b:79:8c:ce:3e:d6:10:86:87:96:50:3e:
         e0:51:7d:1f:ac:2b:57:b8:fe:4b:b2:68:c1:68:23:82:28:ce:
         b9:bc:fa:aa:17:e4:da:89:d5:19:70:1b:fd:9d:ed:61:66:53:
         87:29:8c:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHebA1C849AfCubD5L1OQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUwNjA2MjMwMDQ2WhcNMjUwNjA3MjMwMDQ2WjAzMTEwLwYDVQQD
EyhhOWJhY2VlZTAxNzhhZTZmMzNmOTcxOWNhNmQ5ZjU4ZDMxNGRiNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroukzv9pkfQDk4ibNed9nDdF5Hqr
iit09QMuM56FToeF3gzqD93iiJibSBLc3HjU+lmnl5zD+AKisrIqfSj0uOdcEhOT
ZyT7RgY+nUz4l2Mhbz7jum7kmlAGVTZ13/KR7dgopcSkm11hv9UyYsVlMN3ayG1e
aaVfoxk6QGxQoBSEESsF/jsPV09g+3LQJEYOAbrR+FndJdU6Cnmbr8ZnrcyThb9L
jUBdJoSWIlkhpLSLKipan5YvfyY/FKkDWi5Rl5Fyld+re3EbL7oGNsU2lIEVHcTs
yoHejOl+AO3Y2SbLY40Mxu1KASmpvS5N5o8DHt/S6/nWq7uFvF9QpmMoaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm6zu4BeK5vM/lxnKbZ9Y0xTbYqMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWt7B3OI
oTL4ngHHq2k2pyzKOar737Fisn+bLuoiqWmpBv24SFRD7d+ORoloYwAHDU/vW5oe
wJysLfOvG6N1VaO1nEIasxTYcmKosHnv/DVM0Xc300MNO+6wz3pBzlo5KbfKeugQ
6WTqDLojU1Oq109jr05ONDr2GIHdur0A3YXbMQt/1dDjm7vPEPc0oOe58pzGIWVX
dFZKkc5aSzezVvGw94LOwfQnxZVSsClR6s/l39Ou3HQjkfr3FUBuKUTE7ypYG9ns
oGEXpF9nm3mMzj7WEIaHllA+4FF9H6wrV7j+S7JowWgjgijOubz6qhfk2onVGXAb
/Z3tYWZThymMDQ==
-----END CERTIFICATE-----