Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
File:                     qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft (raw, json)
Hash identifier:          Ndaravni1cUNoq/BFw3wWCoMI50dLa6il2q/5uCOYr4=
Subject key identifier:   8E:3A:38:C7:8F:76:A9:CC:74:68:BC:92:AA:1B:8B:BF:FC:B1:CB:7D
Authority key identifier: A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23
Certificate issuer:       /CN=a948d011edb8cd33e66767880ca4ab3061d9c523
Certificate serial:       01974B8D9F92DCC2658489127E44B67A3ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
Manifest number:          0295
Signing time:             Sat 07 Jun 2025 18:01:02 +0000
Manifest this update:     Sat 07 Jun 2025 18:01:02 +0000
Manifest next update:     Sun 08 Jun 2025 18:01:02 +0000
Files and hashes:         1: qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl (hash: z3Mw79h/99+o+tSNXLxzHjB1rXo/TZ6E5Pdi3rF0eXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:9f:92:dc:c2:65:84:89:12:7e:44:b6:7a:3e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a948d011edb8cd33e66767880ca4ab3061d9c523
        Validity
            Not Before: Jun  7 18:01:02 2025 GMT
            Not After : Jun  8 18:01:02 2025 GMT
        Subject: CN=8e3a38c78f76a9cc7468bc92aa1b8bbffcb1cb7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a6:2e:99:c8:b2:c1:70:75:9b:a6:7b:0d:82:
                    0e:cf:ae:33:53:08:90:19:42:68:a0:68:ef:b0:ac:
                    f1:a1:4d:0f:9e:42:d6:4b:83:9e:cc:2b:2a:90:26:
                    96:48:e2:1d:ba:36:82:1f:ed:61:e6:f6:b5:03:b3:
                    0b:f6:af:4e:79:b1:76:50:c2:ea:26:8b:eb:0f:95:
                    28:da:bd:21:f2:6e:d5:b2:97:03:17:30:53:5d:d9:
                    25:42:8d:2f:98:bc:73:40:40:5b:f4:1e:aa:db:0f:
                    71:4a:a7:b7:e8:b2:9a:34:4f:f4:03:c2:88:fc:51:
                    47:e4:e8:42:dc:b2:37:2f:2a:f4:b3:c4:48:8d:44:
                    bd:ce:4e:37:16:f9:b2:3a:d1:37:4f:98:90:46:6b:
                    f9:70:54:6c:d8:b4:3d:c4:1c:50:17:96:32:37:41:
                    c2:8a:0f:ba:48:0b:ab:73:f3:bb:b4:98:5d:cd:c3:
                    40:96:37:4c:0a:4e:08:70:ba:9a:93:f7:0b:27:19:
                    4a:38:55:4f:84:a9:16:5d:ff:45:46:f3:b9:65:b5:
                    ce:be:4d:3b:75:12:d8:a9:e4:4b:c1:34:eb:c2:97:
                    88:59:8f:bf:f8:2d:f7:8d:86:8b:01:ab:8a:4b:44:
                    63:63:9c:3d:3a:c7:fa:ef:e7:34:e9:97:5b:b1:e3:
                    6d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3A:38:C7:8F:76:A9:CC:74:68:BC:92:AA:1B:8B:BF:FC:B1:CB:7D
            X509v3 Authority Key Identifier:
                keyid:A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:b7:8b:35:74:00:53:fe:8c:bd:ec:66:15:1f:04:b0:d3:99:
         a2:e4:a7:3f:87:6e:97:b9:d8:ac:80:7e:e4:4e:40:6d:e6:00:
         92:b4:c5:d5:a8:aa:7b:60:39:ed:ff:21:04:01:4d:a3:6f:fe:
         25:37:40:a1:ce:ef:a1:92:e1:29:09:c6:6e:f1:2c:11:84:ad:
         93:93:2f:41:7f:83:f1:7e:3d:37:80:db:a1:58:9f:8e:94:cf:
         48:30:c8:90:7a:e0:de:73:a5:86:ae:93:f4:33:78:98:d5:66:
         57:a9:f8:b3:39:22:df:09:04:6d:96:cc:8c:de:c8:1f:bf:ab:
         39:21:18:39:ff:13:1f:70:92:07:14:1a:f8:3a:7f:67:5a:aa:
         34:d9:50:03:4c:3e:fa:c4:65:f3:aa:d3:ac:a1:27:b7:01:b2:
         fe:54:9b:08:69:9c:64:c2:0a:a7:4c:9b:57:9a:1c:8d:3b:e1:
         9f:6f:77:ea:35:9b:ee:dd:49:c6:eb:9d:37:ab:7d:7a:d4:cc:
         3e:2c:5a:7d:2c:34:1e:94:d7:53:69:ef:b3:e1:bd:28:0f:7d:
         58:89:10:51:c0:8a:82:b6:18:e6:35:df:02:e6:3b:43:5b:2b:
         2e:da:d0:8c:d2:a3:3e:1c:5c:34:dc:96:68:0f:eb:c0:3f:38:
         e0:fe:cf:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjZ+S3MJlhIkSfkS2ej7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NDhkMDExZWRiOGNkMzNlNjY3Njc4ODBjYTRhYjMwNjFk
OWM1MjMwHhcNMjUwNjA3MTgwMTAyWhcNMjUwNjA4MTgwMTAyWjAzMTEwLwYDVQQD
Eyg4ZTNhMzhjNzhmNzZhOWNjNzQ2OGJjOTJhYTFiOGJiZmZjYjFjYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKYumciywXB1m6Z7DYIOz64zUwiQ
GUJooGjvsKzxoU0PnkLWS4OezCsqkCaWSOIdujaCH+1h5va1A7ML9q9OebF2UMLq
JovrD5Uo2r0h8m7VspcDFzBTXdklQo0vmLxzQEBb9B6q2w9xSqe36LKaNE/0A8KI
/FFH5OhC3LI3Lyr0s8RIjUS9zk43FvmyOtE3T5iQRmv5cFRs2LQ9xBxQF5YyN0HC
ig+6SAurc/O7tJhdzcNAljdMCk4IcLqak/cLJxlKOFVPhKkWXf9FRvO5ZbXOvk07
dRLYqeRLwTTrwpeIWY+/+C33jYaLAauKS0RjY5w9Osf67+c06ZdbseNtnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI46OMePdqnMdGi8kqobi7/8sct9MB8GA1UdIwQY
MBaAFKlI0BHtuM0z5mdniAykqzBh2cUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4Mjgt
M2Q1NDlmYmI4MzdmLzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4MjgtM2Q1NDlmYmI4Mzdm
LzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABreLNXQA
U/6MvexmFR8EsNOZouSnP4dul7nYrIB+5E5AbeYAkrTF1aiqe2A57f8hBAFNo2/+
JTdAoc7voZLhKQnGbvEsEYStk5MvQX+D8X49N4DboVifjpTPSDDIkHrg3nOlhq6T
9DN4mNVmV6n4szki3wkEbZbMjN7IH7+rOSEYOf8TH3CSBxQa+Dp/Z1qqNNlQA0w+
+sRl86rTrKEntwGy/lSbCGmcZMIKp0ybV5ocjTvhn2936jWb7t1JxuudN6t9etTM
PixafSw0HpTXU2nvs+G9KA99WIkQUcCKgrYY5jXfAuY7Q1srLtrQjNKjPhxcNNyW
aA/rwD844P7PEw==
-----END CERTIFICATE-----