Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
File:                     QnbajwSHyFCAm0qYcoysIXKycD0.mft (raw, json)
Hash identifier:          HyHBcEq5oI/NBlmpGNehm+6YggXqKYEwybCmws1qK9E=
Subject key identifier:   57:6D:1F:5A:D2:9C:75:41:9E:61:17:D4:53:0F:C6:E4:91:48:EB:47
Authority key identifier: 42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D
Certificate issuer:       /CN=4276da8f0487c850809b4a98728cac2172b2703d
Certificate serial:       0197504662DC538B6276216BFED0C01F8552
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
Manifest number:          157E
Signing time:             Sun 08 Jun 2025 16:01:19 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:19 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:19 +0000
Files and hashes:         1: QnbajwSHyFCAm0qYcoysIXKycD0.crl (hash: DOvqW500UO16AXR4U41LWhys34G/byABGfFpLbP2sUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:62:dc:53:8b:62:76:21:6b:fe:d0:c0:1f:85:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4276da8f0487c850809b4a98728cac2172b2703d
        Validity
            Not Before: Jun  8 16:01:19 2025 GMT
            Not After : Jun  9 16:01:19 2025 GMT
        Subject: CN=576d1f5ad29c75419e6117d4530fc6e49148eb47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5a:45:65:77:91:c5:b3:78:98:08:33:aa:25:
                    13:5b:fa:04:d4:b1:2a:24:37:61:23:84:69:b4:44:
                    86:ca:65:79:23:c9:ed:cc:9b:c6:4d:ca:ec:12:db:
                    4a:02:2f:ed:39:14:40:9d:bb:9c:33:db:df:6e:0e:
                    67:e3:ea:27:30:18:ab:36:0f:26:5b:92:fa:4b:11:
                    32:34:6e:ff:3d:07:c8:41:4e:c5:31:17:24:33:b3:
                    a1:25:ab:53:8c:1c:5d:1b:b6:68:13:7f:a9:d5:c1:
                    65:fa:36:00:61:fe:b3:50:d0:a3:23:37:b7:4e:b3:
                    0a:6f:24:75:6f:c5:ef:36:a8:45:ab:32:bc:9e:c6:
                    a4:93:58:66:bd:88:ee:03:d0:46:76:ac:56:d8:ae:
                    6a:47:5e:6d:9e:27:70:ad:ab:03:dc:35:86:9d:89:
                    a7:18:62:8e:5b:e3:63:b4:b6:c9:e3:74:99:f5:34:
                    cc:66:2d:f5:87:59:82:13:9f:de:14:75:bc:58:19:
                    9c:e6:cb:8c:3b:14:c6:bb:15:0c:f8:b5:9e:93:40:
                    9d:63:50:d8:82:16:ce:e6:23:19:29:70:68:1f:94:
                    8f:97:47:87:7c:ad:d3:3b:34:90:da:b9:d5:36:45:
                    aa:69:7d:80:dd:8f:41:e1:4b:b2:53:14:3d:73:33:
                    0c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:6D:1F:5A:D2:9C:75:41:9E:61:17:D4:53:0F:C6:E4:91:48:EB:47
            X509v3 Authority Key Identifier:
                keyid:42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:6d:01:ee:cb:05:0d:3a:3a:b7:92:35:08:3e:23:eb:30:a0:
         79:3c:79:09:42:8f:72:e1:45:b2:75:c1:81:0e:c5:92:99:a7:
         0e:8c:fa:14:56:81:86:31:20:1b:55:d1:5d:10:0c:77:84:51:
         2c:a7:be:c4:fe:bb:5c:98:30:c3:45:96:92:55:89:7b:69:93:
         14:81:47:e0:80:67:74:db:92:5a:d0:6c:5e:5d:2e:a3:5f:ac:
         09:8f:d0:22:ec:c1:7e:9f:e0:df:c3:f2:bf:a3:31:c1:c5:b5:
         39:b7:9e:ea:46:5b:cd:bd:4b:1c:95:db:a0:3d:c8:94:6a:6d:
         f0:5c:f8:d9:c6:f3:cb:df:af:04:8f:f1:83:2a:21:32:e5:ad:
         63:e6:f7:e2:2b:69:35:81:bd:8c:c8:0c:66:df:d9:13:f5:0d:
         3e:db:a2:3e:85:64:75:2b:6d:1b:54:49:d9:58:85:ee:1b:80:
         3e:84:99:ac:f7:18:ef:71:0f:8b:22:56:7f:11:2f:e4:c1:97:
         7f:b5:88:f3:87:90:6f:04:65:18:40:91:d9:5e:b1:41:2e:82:
         d7:0c:b4:58:f5:2a:06:d6:88:d9:d6:59:62:a1:5d:a1:92:dc:
         4a:51:c5:35:45:20:13:66:6b:90:6c:2d:05:af:f9:f0:3c:58:
         cb:f8:da:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRmLcU4tidiFr/tDAH4VSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNzZkYThmMDQ4N2M4NTA4MDliNGE5ODcyOGNhYzIxNzJi
MjcwM2QwHhcNMjUwNjA4MTYwMTE5WhcNMjUwNjA5MTYwMTE5WjAzMTEwLwYDVQQD
Eyg1NzZkMWY1YWQyOWM3NTQxOWU2MTE3ZDQ1MzBmYzZlNDkxNDhlYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFpFZXeRxbN4mAgzqiUTW/oE1LEq
JDdhI4RptESGymV5I8ntzJvGTcrsEttKAi/tORRAnbucM9vfbg5n4+onMBirNg8m
W5L6SxEyNG7/PQfIQU7FMRckM7OhJatTjBxdG7ZoE3+p1cFl+jYAYf6zUNCjIze3
TrMKbyR1b8XvNqhFqzK8nsakk1hmvYjuA9BGdqxW2K5qR15tnidwrasD3DWGnYmn
GGKOW+NjtLbJ43SZ9TTMZi31h1mCE5/eFHW8WBmc5suMOxTGuxUM+LWek0CdY1DY
ghbO5iMZKXBoH5SPl0eHfK3TOzSQ2rnVNkWqaX2A3Y9B4UuyUxQ9czMMZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdtH1rSnHVBnmEX1FMPxuSRSOtHMB8GA1UdIwQY
MBaAFEJ22o8Eh8hQgJtKmHKMrCFysnA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEt
YmE5YjBmYTFiN2EyLzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEtYmE5YjBmYTFiN2Ey
LzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPG0B7ssF
DTo6t5I1CD4j6zCgeTx5CUKPcuFFsnXBgQ7FkpmnDoz6FFaBhjEgG1XRXRAMd4RR
LKe+xP67XJgww0WWklWJe2mTFIFH4IBndNuSWtBsXl0uo1+sCY/QIuzBfp/g38Py
v6MxwcW1Obee6kZbzb1LHJXboD3IlGpt8Fz42cbzy9+vBI/xgyohMuWtY+b34itp
NYG9jMgMZt/ZE/UNPtuiPoVkdSttG1RJ2ViF7huAPoSZrPcY73EPiyJWfxEv5MGX
f7WI84eQbwRlGECR2V6xQS6C1wy0WPUqBtaI2dZZYqFdoZLcSlHFNUUgE2ZrkGwt
Ba/58DxYy/jadg==
-----END CERTIFICATE-----