Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          cZTheddjO4PQmBKJXPlG/dNroOPAfwDPtIqd/Q9W5Eg=
Subject key identifier:   F5:17:BA:FC:2F:79:06:98:EF:48:3D:F7:B4:08:34:CD:F0:40:33:31
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019653B6EC8D28CCA10F479433E6C585E4AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 15:00:19 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:19 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:19 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: cM9NNidLgPemzwCxoh3sNqE2lv4oQFHq1bN8Q56VK6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b6:ec:8d:28:cc:a1:0f:47:94:33:e6:c5:85:e4:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Apr 20 15:00:19 2025 GMT
            Not After : Apr 21 15:00:19 2025 GMT
        Subject: CN=f517bafc2f790698ef483df7b40834cdf0403331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:0f:95:c5:c1:a2:36:28:54:f2:a5:85:6e:db:
                    86:3d:1c:3d:61:6a:af:1b:de:52:46:92:1e:b8:12:
                    da:0a:7b:b3:df:2e:a8:80:69:43:48:58:01:32:fa:
                    70:45:50:a7:0b:27:d6:90:61:c6:52:85:b4:64:92:
                    95:5c:4c:92:7a:12:44:e1:a4:8c:7f:29:d5:39:8b:
                    9b:ea:7a:b7:b9:9c:cb:ea:b4:3b:da:f6:cf:82:b0:
                    a7:14:a7:c1:3b:3d:9d:c3:e2:ac:0c:85:5f:f1:67:
                    bd:59:9b:cd:0c:2c:15:34:59:93:9a:d5:a4:4c:7d:
                    1b:9c:3f:96:06:a8:0d:bc:02:52:29:7e:a2:75:d2:
                    72:ad:02:b0:f0:98:98:e4:39:c6:cd:2c:c9:97:ff:
                    14:34:65:b1:64:52:e7:b4:05:93:73:76:76:e3:ab:
                    84:f7:52:83:5c:25:60:2b:e6:c7:57:61:1f:a6:b7:
                    7d:48:8d:cb:d6:a3:84:be:60:d6:a4:45:be:96:f1:
                    c1:df:43:46:6c:c1:af:73:1a:f1:72:d7:80:fa:6f:
                    58:88:04:7c:4e:3b:77:64:58:87:d3:d3:b3:b4:e7:
                    7d:e3:d4:c7:2a:e3:77:eb:52:8c:e4:3e:d4:b7:01:
                    7a:4b:0a:a4:f6:d0:ff:9a:01:14:ad:58:e5:69:e6:
                    db:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:17:BA:FC:2F:79:06:98:EF:48:3D:F7:B4:08:34:CD:F0:40:33:31
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:f7:71:03:e8:7d:c2:77:32:4d:c4:3c:07:81:40:20:73:09:
         69:61:1a:1d:f7:77:b7:17:cb:9f:a9:f1:44:0a:bf:33:c7:78:
         36:fa:4d:0b:66:b8:f4:2b:cc:16:fe:a1:25:bc:f9:55:19:94:
         30:d0:e1:2f:db:b6:58:07:5a:ae:1a:5b:51:77:c0:53:88:7f:
         3a:b2:34:a4:76:f5:cb:36:c5:37:7f:91:7f:be:88:c8:5a:6e:
         ff:c6:41:2b:94:a9:e4:71:3b:f5:54:37:6b:3e:ce:cc:c0:28:
         bf:42:15:ec:28:6d:a0:31:01:06:60:5e:78:f4:bc:69:d0:8d:
         4d:49:3d:28:d5:d0:9d:90:e2:bd:41:60:85:7d:c7:f7:76:9d:
         f7:af:83:b3:53:86:30:47:be:93:3b:c6:a4:fa:9f:65:67:d6:
         6a:44:8d:e2:a9:0a:e8:71:be:58:47:7c:de:ca:af:c7:c1:2b:
         24:2d:a9:dd:95:bc:ff:9b:77:f3:15:66:47:c0:32:49:bc:05:
         28:2a:d8:c9:81:b5:c6:e4:3c:fb:ae:23:35:de:31:aa:3a:7e:
         64:92:d4:d8:37:aa:5b:64:54:9c:ae:bf:f8:12:b6:d9:1d:0b:
         a3:e5:2b:17:fc:c0:3e:36:fb:19:18:76:74:b7:07:08:97:63:
         e1:cd:ad:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTtuyNKMyhD0eUM+bFheSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjUwNDIwMTUwMDE5WhcNMjUwNDIxMTUwMDE5WjAzMTEwLwYDVQQD
EyhmNTE3YmFmYzJmNzkwNjk4ZWY0ODNkZjdiNDA4MzRjZGYwNDAzMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ+VxcGiNihU8qWFbtuGPRw9YWqv
G95SRpIeuBLaCnuz3y6ogGlDSFgBMvpwRVCnCyfWkGHGUoW0ZJKVXEySehJE4aSM
fynVOYub6nq3uZzL6rQ72vbPgrCnFKfBOz2dw+KsDIVf8We9WZvNDCwVNFmTmtWk
TH0bnD+WBqgNvAJSKX6iddJyrQKw8JiY5DnGzSzJl/8UNGWxZFLntAWTc3Z246uE
91KDXCVgK+bHV2Efprd9SI3L1qOEvmDWpEW+lvHB30NGbMGvcxrxcteA+m9YiAR8
Tjt3ZFiH09OztOd949THKuN361KM5D7UtwF6Swqk9tD/mgEUrVjlaebbtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUXuvwveQaY70g997QINM3wQDMxMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/dxA+h9
wncyTcQ8B4FAIHMJaWEaHfd3txfLn6nxRAq/M8d4NvpNC2a49CvMFv6hJbz5VRmU
MNDhL9u2WAdarhpbUXfAU4h/OrI0pHb1yzbFN3+Rf76IyFpu/8ZBK5Sp5HE79VQ3
az7OzMAov0IV7ChtoDEBBmBeePS8adCNTUk9KNXQnZDivUFghX3H93ad96+Ds1OG
MEe+kzvGpPqfZWfWakSN4qkK6HG+WEd83sqvx8ErJC2p3ZW8/5t38xVmR8AySbwF
KCrYyYG1xuQ8+64jNd4xqjp+ZJLU2DeqW2RUnK6/+BK22R0Lo+UrF/zAPjb7GRh2
dLcHCJdj4c2tyw==
-----END CERTIFICATE-----