Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          IJS5/u1JTzDcL9QKHxKOrfiZpXICNX60jLguULeHXF0=
Subject key identifier:   79:C6:9B:5B:AA:70:01:1A:E4:FA:E9:AD:FB:C3:34:31:37:07:12:1B
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       0197493181579995454AC2E49FAA717BA443
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          04A0
Signing time:             Sat 07 Jun 2025 07:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 07:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 07:01:10 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: OfrmHf3Lg9YST4LyRm1u5vXJut/UtTVa8a2rhI6+Rs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:81:57:99:95:45:4a:c2:e4:9f:aa:71:7b:a4:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Jun  7 07:01:10 2025 GMT
            Not After : Jun  8 07:01:10 2025 GMT
        Subject: CN=79c69b5baa70011ae4fae9adfbc334313707121b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:96:11:19:f8:a9:b6:6a:5b:54:03:e0:3d:61:
                    6b:0e:63:85:e0:e6:42:9c:17:fc:a8:e9:7a:a4:73:
                    02:b6:c4:3f:60:26:a4:f9:fc:37:f9:e9:8a:5e:67:
                    65:eb:86:1d:ba:d6:18:5e:de:57:4e:50:96:72:8d:
                    d1:73:c5:3c:f6:cc:79:34:bc:a9:b5:1e:37:33:b2:
                    7b:83:12:c3:2c:7b:7d:5e:04:ed:39:42:5c:80:99:
                    05:74:cd:d8:b6:60:ab:5f:f4:bc:f7:d1:19:ab:ee:
                    4a:19:dd:d1:eb:dc:49:51:7b:26:4c:21:18:73:0d:
                    20:36:53:5c:d1:4c:59:79:61:bd:31:6b:f6:f9:60:
                    e2:c2:4e:60:ba:7c:89:c0:a3:ad:2e:e8:5d:33:0c:
                    49:46:e8:e1:bf:f4:b6:b8:f3:24:21:66:0b:e9:65:
                    aa:af:0d:78:99:25:b1:ce:0f:0a:93:0e:b6:f2:82:
                    a6:6f:9d:40:7b:ff:d1:f4:43:75:3d:a9:12:69:e1:
                    d3:b8:8f:74:aa:b7:fa:cf:18:29:80:8e:77:7e:e6:
                    78:0b:53:e0:79:d2:8c:8f:12:e5:a7:cc:de:c1:ee:
                    9a:67:9a:32:52:0a:38:4b:75:b6:1b:ed:b0:12:47:
                    44:79:2b:04:27:db:49:16:61:1e:4c:31:22:36:15:
                    b8:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:C6:9B:5B:AA:70:01:1A:E4:FA:E9:AD:FB:C3:34:31:37:07:12:1B
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:3a:e2:6e:46:e8:91:7f:e5:f7:f8:15:1f:df:94:c2:f6:50:
         88:d8:57:94:6d:19:48:43:42:84:1b:0c:6f:c1:90:18:61:6d:
         eb:24:12:cc:18:ee:fa:0f:a8:2e:4f:c2:5d:58:19:5e:92:b8:
         a9:39:82:6d:8e:42:e2:1a:f0:b5:3d:8f:03:9a:a1:05:85:51:
         e1:73:f7:8a:35:4b:c7:3b:df:08:c4:e9:9c:f3:5c:09:1e:7e:
         4c:7f:0b:29:96:f3:6a:40:b7:7c:e2:67:25:43:77:c0:4b:83:
         b7:04:53:6c:48:d2:63:b6:e4:14:af:f3:96:04:a5:61:b5:76:
         29:7e:7d:11:78:20:02:9b:0b:08:b5:c1:f2:03:28:ec:8c:75:
         fd:bd:96:18:bc:35:05:7d:a6:21:a2:a5:a0:9a:94:87:8a:aa:
         97:14:e2:7f:ac:ee:0e:6a:5d:89:9c:54:80:a8:0a:fc:64:01:
         e5:c1:52:a0:94:87:32:69:6c:d6:49:3e:7b:58:ad:a9:1a:0d:
         b0:ae:45:34:33:cf:62:01:88:04:1a:cf:14:b3:09:fe:46:ed:
         47:6b:7b:9f:76:1b:08:88:0b:90:52:ad:65:48:4d:1d:bf:8a:
         07:dd:9a:4c:f4:51:fa:b6:7b:14:9c:48:4b:49:56:5b:44:d2:
         1c:83:b8:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMYFXmZVFSsLkn6pxe6RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUwNjA3MDcwMTEwWhcNMjUwNjA4MDcwMTEwWjAzMTEwLwYDVQQD
Eyg3OWM2OWI1YmFhNzAwMTFhZTRmYWU5YWRmYmMzMzQzMTM3MDcxMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZYRGfiptmpbVAPgPWFrDmOF4OZC
nBf8qOl6pHMCtsQ/YCak+fw3+emKXmdl64YdutYYXt5XTlCWco3Rc8U89sx5NLyp
tR43M7J7gxLDLHt9XgTtOUJcgJkFdM3YtmCrX/S899EZq+5KGd3R69xJUXsmTCEY
cw0gNlNc0UxZeWG9MWv2+WDiwk5gunyJwKOtLuhdMwxJRujhv/S2uPMkIWYL6WWq
rw14mSWxzg8Kkw628oKmb51Ae//R9EN1PakSaeHTuI90qrf6zxgpgI53fuZ4C1Pg
edKMjxLlp8zewe6aZ5oyUgo4S3W2G+2wEkdEeSsEJ9tJFmEeTDEiNhW4gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnGm1uqcAEa5PrprfvDNDE3BxIbMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTribkbo
kX/l9/gVH9+UwvZQiNhXlG0ZSENChBsMb8GQGGFt6yQSzBju+g+oLk/CXVgZXpK4
qTmCbY5C4hrwtT2PA5qhBYVR4XP3ijVLxzvfCMTpnPNcCR5+TH8LKZbzakC3fOJn
JUN3wEuDtwRTbEjSY7bkFK/zlgSlYbV2KX59EXggApsLCLXB8gMo7Ix1/b2WGLw1
BX2mIaKloJqUh4qqlxTif6zuDmpdiZxUgKgK/GQB5cFSoJSHMmls1kk+e1itqRoN
sK5FNDPPYgGIBBrPFLMJ/kbtR2t7n3YbCIgLkFKtZUhNHb+KB92aTPRR+rZ7FJxI
S0lWW0TSHIO4OQ==
-----END CERTIFICATE-----