Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          s8cZv5kEymitncQrj07jVQWuao0j/eS/IPVdZskLB9s=
Subject key identifier:   B9:20:C4:37:C2:99:06:B1:A2:08:5B:AA:A6:1A:23:F9:48:DC:47:52
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       0199239FA14128484775CD16E3D113ACD3A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0E13
Signing time:             Sun 07 Sep 2025 10:01:27 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:27 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:27 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: PyIS6mdqtmWWTcgZ3BX420hZt8gisSsb6iCt1NsVxSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:a1:41:28:48:47:75:cd:16:e3:d1:13:ac:d3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Sep  7 10:01:27 2025 GMT
            Not After : Sep  8 10:01:27 2025 GMT
        Subject: CN=b920c437c29906b1a2085baaa61a23f948dc4752
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8f:f7:8a:de:63:62:94:ac:30:59:3b:6c:20:
                    2b:1b:32:1f:f0:83:cf:56:94:c4:f0:2e:28:a5:ba:
                    5d:b3:e1:5f:f4:0a:c2:fe:47:6b:05:44:03:95:b7:
                    2f:8d:16:38:ee:f1:e3:bc:a2:32:42:44:22:ff:56:
                    45:ef:74:5f:dd:de:0f:7d:cb:e2:0a:a1:a9:94:1c:
                    7a:fe:fc:2b:e1:50:32:f0:42:66:56:7d:6d:c2:ec:
                    9f:2c:e4:cb:ba:10:ff:72:fd:c1:85:98:04:a4:47:
                    5d:a9:30:dd:db:13:85:b7:63:b9:00:f3:81:22:5a:
                    4c:a9:70:f5:9b:2c:0c:d2:b3:76:39:f9:ee:eb:9c:
                    19:97:13:47:2c:99:15:f5:1c:ca:5d:fe:23:b7:bd:
                    d3:af:cf:22:7e:04:4a:9e:8d:61:ff:44:d6:0a:68:
                    47:47:e1:38:c8:b7:b4:63:3d:f3:bd:fc:61:13:dd:
                    48:96:c4:82:75:14:ec:af:ba:25:2f:2a:91:a6:3e:
                    e6:f1:c5:f6:56:34:4a:8b:2b:9f:3c:cd:d4:eb:e2:
                    fb:c2:1f:36:7a:25:9d:99:76:ae:2d:d3:a9:bb:09:
                    10:05:88:ae:5a:e7:76:3d:25:1f:7e:ed:a0:f6:14:
                    05:3f:4e:6d:b3:14:2d:58:cc:db:90:e5:96:1e:a5:
                    c5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:20:C4:37:C2:99:06:B1:A2:08:5B:AA:A6:1A:23:F9:48:DC:47:52
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:bf:fe:76:7c:d2:59:d9:20:18:ba:ee:cb:27:a7:f3:12:20:
         d3:9d:03:24:43:37:85:2b:a4:f7:6a:85:c4:a2:a0:85:0f:33:
         d8:3c:23:6b:e3:d2:c6:86:d0:28:9f:09:9c:17:5d:30:4e:f1:
         d7:00:30:81:ed:c3:d8:52:c7:38:1b:5a:d3:f7:54:28:77:be:
         be:8f:de:15:e8:a7:ca:ed:16:c7:b4:c7:82:44:79:fd:a3:bb:
         ab:58:30:ef:ca:8a:3c:b0:b5:ac:d3:af:74:be:e6:c4:dd:75:
         57:1d:ac:55:c3:0b:a0:1e:79:e5:4d:f3:b4:d9:8d:73:db:de:
         09:83:c6:bf:ff:70:ad:d1:e6:a2:84:c4:70:c5:65:06:3b:22:
         f5:eb:08:d7:03:3d:67:31:b1:54:39:cc:b8:75:63:fc:c7:81:
         6c:d4:49:1c:fd:cd:78:53:74:ba:c9:25:5e:dd:07:ce:de:33:
         b6:2e:6a:9a:0c:76:c8:52:db:56:e7:f4:09:95:4c:66:ba:c0:
         da:f0:49:60:58:39:db:47:84:92:a1:71:7b:c4:e8:bb:e1:46:
         0e:42:d9:e2:b3:e7:14:96:bc:75:b5:1c:03:8b:a5:25:04:d8:
         1a:c8:6c:86:2d:0e:cb:af:70:2d:4b:25:d8:81:c7:09:fc:aa:
         2d:af:3e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn6FBKEhHdc0W49ETrNOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwOTA3MTAwMTI3WhcNMjUwOTA4MTAwMTI3WjAzMTEwLwYDVQQD
EyhiOTIwYzQzN2MyOTkwNmIxYTIwODViYWFhNjFhMjNmOTQ4ZGM0NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo/3it5jYpSsMFk7bCArGzIf8IPP
VpTE8C4opbpds+Ff9ArC/kdrBUQDlbcvjRY47vHjvKIyQkQi/1ZF73Rf3d4Pfcvi
CqGplBx6/vwr4VAy8EJmVn1twuyfLOTLuhD/cv3BhZgEpEddqTDd2xOFt2O5APOB
IlpMqXD1mywM0rN2Ofnu65wZlxNHLJkV9RzKXf4jt73Tr88ifgRKno1h/0TWCmhH
R+E4yLe0Yz3zvfxhE91IlsSCdRTsr7olLyqRpj7m8cX2VjRKiyufPM3U6+L7wh82
eiWdmXauLdOpuwkQBYiuWud2PSUffu2g9hQFP05tsxQtWMzbkOWWHqXFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkgxDfCmQaxoghbqqYaI/lI3EdSMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKb/+dnzS
WdkgGLruyyen8xIg050DJEM3hSuk92qFxKKghQ8z2Dwja+PSxobQKJ8JnBddME7x
1wAwge3D2FLHOBta0/dUKHe+vo/eFeinyu0Wx7THgkR5/aO7q1gw78qKPLC1rNOv
dL7mxN11Vx2sVcMLoB555U3ztNmNc9veCYPGv/9wrdHmooTEcMVlBjsi9esI1wM9
ZzGxVDnMuHVj/MeBbNRJHP3NeFN0usklXt0Hzt4zti5qmgx2yFLbVuf0CZVMZrrA
2vBJYFg520eEkqFxe8Tou+FGDkLZ4rPnFJa8dbUcA4ulJQTYGshshi0Oy69wLUsl
2IHHCfyqLa8+yw==
-----END CERTIFICATE-----