Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          VixtsVyOXUn1XjN/VxgUeYkOAjGZ3XiYls0cWbTm+jU=
Subject key identifier:   15:7A:E7:D7:53:A0:FB:CC:DD:D6:1A:63:2A:A2:A8:02:D6:34:C8:6B
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       019750B3CA52F74D6C9E21B761E94988AC59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 18:00:49 +0000
Manifest this update:     Sun 08 Jun 2025 18:00:49 +0000
Manifest next update:     Mon 09 Jun 2025 18:00:49 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: XF2oGFSw+uQD+vvxGJps6mU2xAcavfR/XjRDy8G8Ae0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b3:ca:52:f7:4d:6c:9e:21:b7:61:e9:49:88:ac:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Jun  8 18:00:49 2025 GMT
            Not After : Jun  9 18:00:49 2025 GMT
        Subject: CN=157ae7d753a0fbccddd61a632aa2a802d634c86b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:74:14:e6:be:5c:2f:e8:88:67:36:4a:ab:c0:
                    e4:28:cc:bf:cf:6d:f7:20:13:91:cb:14:7e:10:ed:
                    bf:bb:22:35:94:85:fb:f8:66:85:56:5b:26:49:52:
                    ae:0d:bc:06:3d:1a:33:6b:a4:63:52:51:f0:7a:01:
                    27:2f:1b:62:02:cc:60:f7:ce:5a:9b:0d:65:12:fc:
                    ca:66:23:91:11:f6:a7:68:5a:6b:f0:45:4f:c1:60:
                    be:73:8f:7a:c2:84:54:50:80:8b:dd:11:81:76:2a:
                    b1:2b:10:ab:dd:2b:ab:fd:d5:e6:f8:88:6b:bc:b4:
                    5d:8d:db:fc:ba:af:9d:2c:1c:42:7a:34:ee:75:ac:
                    19:1d:82:33:fa:93:54:33:bd:7f:60:6b:94:89:ff:
                    60:15:a2:f6:9b:5e:f4:82:e1:98:ba:ce:06:fe:6b:
                    86:ef:ee:53:12:92:68:05:89:33:a5:c2:20:e2:5e:
                    b2:a2:9a:c5:30:f2:6d:6b:6e:c7:aa:c8:96:a5:ea:
                    2d:dc:ae:5b:57:fc:77:93:67:0e:0f:1f:1f:e8:9b:
                    3f:fe:ca:31:39:ae:3a:d0:0f:17:04:a8:2b:45:8d:
                    31:34:2c:1a:e2:94:ad:aa:97:c6:f6:e6:33:da:9d:
                    c8:e9:cb:53:a7:37:7e:bf:49:d5:ad:3f:61:66:38:
                    72:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:7A:E7:D7:53:A0:FB:CC:DD:D6:1A:63:2A:A2:A8:02:D6:34:C8:6B
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:e0:9b:bc:ac:29:b4:f3:58:5a:1c:58:f8:66:6e:a0:53:35:
         10:61:a5:66:bb:1c:e8:3e:db:c8:c2:5b:51:72:3b:94:72:39:
         2b:5a:82:50:e4:df:13:6f:f3:16:e5:aa:a9:e5:a5:bc:3e:50:
         01:10:e6:11:13:75:26:0a:46:1c:69:4e:06:47:21:96:65:8d:
         a2:52:5f:99:57:b8:68:38:84:45:2e:f0:b9:9a:3f:46:79:25:
         17:30:ce:80:e7:63:4d:df:32:1a:78:21:1e:07:39:a0:45:e3:
         28:b9:45:fa:10:fc:b9:c9:c2:f0:f7:ea:5d:70:19:51:ea:22:
         61:7c:8c:85:6a:34:d1:d4:03:5c:4e:07:81:6c:48:0e:f9:06:
         18:c2:a4:14:91:fa:06:58:0c:3e:96:d9:cb:5f:52:d8:69:8a:
         be:30:1b:b3:36:54:8f:61:b1:02:6e:19:15:71:dd:0d:85:a3:
         cd:16:23:df:2a:c3:36:85:80:cb:92:f4:34:e7:39:99:4e:ce:
         13:92:52:a5:bc:c2:a5:d7:3c:f8:a4:f2:bb:86:22:e1:bb:a3:
         cf:e9:b0:3c:ad:73:f6:83:bb:84:52:02:73:ff:39:a2:28:d1:
         a7:be:50:3a:73:23:99:a9:39:0b:ed:79:19:45:e7:d8:38:06:
         21:05:5c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQs8pS901sniG3YelJiKxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjUwNjA4MTgwMDQ5WhcNMjUwNjA5MTgwMDQ5WjAzMTEwLwYDVQQD
EygxNTdhZTdkNzUzYTBmYmNjZGRkNjFhNjMyYWEyYTgwMmQ2MzRjODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HQU5r5cL+iIZzZKq8DkKMy/z233
IBORyxR+EO2/uyI1lIX7+GaFVlsmSVKuDbwGPRoza6RjUlHwegEnLxtiAsxg985a
mw1lEvzKZiOREfanaFpr8EVPwWC+c496woRUUICL3RGBdiqxKxCr3Sur/dXm+Ihr
vLRdjdv8uq+dLBxCejTudawZHYIz+pNUM71/YGuUif9gFaL2m170guGYus4G/muG
7+5TEpJoBYkzpcIg4l6yoprFMPJta27HqsiWpeot3K5bV/x3k2cODx8f6Js//sox
Oa460A8XBKgrRY0xNCwa4pStqpfG9uYz2p3I6ctTpzd+v0nVrT9hZjhy8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBV659dToPvM3dYaYyqiqALWNMhrMB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOCbvKwp
tPNYWhxY+GZuoFM1EGGlZrsc6D7byMJbUXI7lHI5K1qCUOTfE2/zFuWqqeWlvD5Q
ARDmERN1JgpGHGlOBkchlmWNolJfmVe4aDiERS7wuZo/RnklFzDOgOdjTd8yGngh
Hgc5oEXjKLlF+hD8ucnC8PfqXXAZUeoiYXyMhWo00dQDXE4HgWxIDvkGGMKkFJH6
BlgMPpbZy19S2GmKvjAbszZUj2GxAm4ZFXHdDYWjzRYj3yrDNoWAy5L0NOc5mU7O
E5JSpbzCpdc8+KTyu4Yi4bujz+mwPK1z9oO7hFICc/85oijRp75QOnMjmak5C+15
GUXn2DgGIQVceg==
-----END CERTIFICATE-----