Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          w5Ui49YEXm5y7dOT7DMgUhSqYwWHGYbLQ0d7BmZLvlo=
Subject key identifier:   02:BF:5D:5D:6F:25:7E:69:93:EE:02:16:10:A1:16:C7:1F:A6:3F:82
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       019655DC9A3C7E8C7604B09288FB6B190382
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          0422
Signing time:             Mon 21 Apr 2025 01:00:42 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:42 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:42 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: Wh5bAWaE0UF+ujgqrd6LiAcU1TRjC6hFce93D1IMgpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:9a:3c:7e:8c:76:04:b0:92:88:fb:6b:19:03:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Apr 21 01:00:42 2025 GMT
            Not After : Apr 22 01:00:42 2025 GMT
        Subject: CN=02bf5d5d6f257e6993ee021610a116c71fa63f82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:88:31:75:c2:26:d3:0f:35:c7:65:75:d9:af:
                    8d:76:92:d3:8e:cf:c6:1c:a5:68:00:92:5e:06:ab:
                    97:aa:61:88:fc:0f:4e:6b:40:e8:19:1d:f4:b4:e4:
                    48:9c:9a:7f:d3:c4:20:83:e9:fb:7a:92:38:99:3e:
                    da:94:12:6a:ba:d1:fb:8d:b0:a1:b7:cd:1a:16:72:
                    cd:cd:94:62:6f:d9:9c:4c:d7:0a:de:c0:50:6e:fb:
                    0e:49:5c:df:c8:34:a8:fb:59:0f:e4:d8:a3:05:7e:
                    26:ea:2f:48:52:4b:09:7a:da:58:16:56:7c:35:61:
                    09:04:47:3c:c9:8a:3a:3b:a8:97:de:9f:78:32:f8:
                    c0:01:05:c9:24:7b:8c:50:71:2e:1f:26:86:94:b0:
                    b7:92:f1:8c:c3:45:5b:2a:4f:82:7b:18:4f:13:dc:
                    ad:29:6a:41:38:c6:8c:b3:62:75:4b:cd:ce:4f:0c:
                    2b:0b:60:62:10:47:ac:4d:fa:5e:1f:ea:64:96:fa:
                    59:1d:43:c9:d0:ef:a2:de:19:fa:69:74:e6:05:aa:
                    7a:81:36:a4:85:e5:fb:c5:b2:d1:96:ed:63:16:58:
                    ee:73:ed:31:e6:54:27:3c:df:85:14:d0:5e:f9:39:
                    0d:36:5d:f2:92:2e:f8:43:6a:de:e8:49:a9:80:fe:
                    4d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:BF:5D:5D:6F:25:7E:69:93:EE:02:16:10:A1:16:C7:1F:A6:3F:82
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:f2:d5:a6:00:ed:87:e1:83:2a:fc:61:9f:d8:f4:22:c8:9d:
         81:91:25:c2:84:43:23:fc:70:a1:a6:75:68:14:8a:18:fc:6e:
         17:b6:1c:6a:a1:ef:c2:16:c4:ab:f7:9d:44:90:a1:b4:75:ca:
         07:59:ec:23:18:f9:d2:c8:02:df:fd:56:21:da:80:7f:7b:b2:
         c2:98:fc:e8:8c:aa:64:ff:ff:92:d6:36:63:64:83:65:1c:0e:
         ff:d5:1b:b1:1f:9d:1e:c0:45:5e:a3:40:57:fd:24:c6:c4:c8:
         e2:31:56:cb:17:9b:1c:b0:83:12:67:10:36:2a:e3:2a:37:fb:
         5c:6b:fb:b8:7c:7a:61:72:1e:33:35:ad:d9:1f:13:d5:85:da:
         b2:80:4f:45:94:b1:52:e7:5f:d3:b0:9a:a2:5e:65:f5:98:09:
         a5:82:c2:fe:64:10:4f:9a:85:62:07:69:7c:8c:c2:d2:b7:8b:
         4e:5c:fe:be:e3:66:88:88:f8:5d:c7:91:9c:7d:1a:f7:a1:13:
         62:76:67:94:e4:21:82:57:b7:95:d2:90:d2:df:cf:16:88:63:
         f6:17:6e:1d:53:e6:db:23:21:0a:d4:67:8b:b7:99:85:54:b5:
         ea:39:d7:d3:09:48:34:a1:86:74:68:fa:c5:c7:0b:d4:86:bd:
         35:88:48:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3Jo8fox2BLCSiPtrGQOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUwNDIxMDEwMDQyWhcNMjUwNDIyMDEwMDQyWjAzMTEwLwYDVQQD
EygwMmJmNWQ1ZDZmMjU3ZTY5OTNlZTAyMTYxMGExMTZjNzFmYTYzZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54gxdcIm0w81x2V12a+NdpLTjs/G
HKVoAJJeBquXqmGI/A9Oa0DoGR30tORInJp/08Qgg+n7epI4mT7alBJqutH7jbCh
t80aFnLNzZRib9mcTNcK3sBQbvsOSVzfyDSo+1kP5NijBX4m6i9IUksJetpYFlZ8
NWEJBEc8yYo6O6iX3p94MvjAAQXJJHuMUHEuHyaGlLC3kvGMw0VbKk+CexhPE9yt
KWpBOMaMs2J1S83OTwwrC2BiEEesTfpeH+pklvpZHUPJ0O+i3hn6aXTmBap6gTak
heX7xbLRlu1jFljuc+0x5lQnPN+FFNBe+TkNNl3yki74Q2re6EmpgP5NwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAK/XV1vJX5pk+4CFhChFscfpj+CMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvLVpgDt
h+GDKvxhn9j0IsidgZElwoRDI/xwoaZ1aBSKGPxuF7YcaqHvwhbEq/edRJChtHXK
B1nsIxj50sgC3/1WIdqAf3uywpj86IyqZP//ktY2Y2SDZRwO/9UbsR+dHsBFXqNA
V/0kxsTI4jFWyxebHLCDEmcQNirjKjf7XGv7uHx6YXIeMzWt2R8T1YXasoBPRZSx
Uudf07Caol5l9ZgJpYLC/mQQT5qFYgdpfIzC0reLTlz+vuNmiIj4XceRnH0a96ET
YnZnlOQhgle3ldKQ0t/PFohj9hduHVPm2yMhCtRni7eZhVS16jnX0wlINKGGdGj6
xccL1Ia9NYhIMg==
-----END CERTIFICATE-----