Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          Hx5fIdOOwRbLpPKGtXDa6vebKwQVuMOOBGq07IrKYuk=
Subject key identifier:   9D:70:E6:BE:4F:E3:72:B9:25:83:81:ED:5F:27:F8:1C:DA:2B:14:EC
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       019655A6089B860610E7FC6FA32A3C0E5B56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          14FA
Signing time:             Mon 21 Apr 2025 00:01:06 +0000
Manifest this update:     Mon 21 Apr 2025 00:01:06 +0000
Manifest next update:     Tue 22 Apr 2025 00:01:06 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: azzVGpnTfYnd5qAoV/1wIksjbYnTBXGWQ3/xyp5opIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a6:08:9b:86:06:10:e7:fc:6f:a3:2a:3c:0e:5b:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Apr 21 00:01:06 2025 GMT
            Not After : Apr 22 00:01:06 2025 GMT
        Subject: CN=9d70e6be4fe372b9258381ed5f27f81cda2b14ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f5:a4:83:52:7d:57:fe:e1:c8:1b:95:a1:eb:
                    cf:54:d5:15:7a:a6:d4:02:9e:b7:ad:40:0c:fd:09:
                    68:34:23:cc:90:54:b0:b1:61:e2:be:e7:b8:af:d3:
                    84:42:d1:a7:4f:a0:ed:e8:97:16:0f:1a:07:2c:84:
                    b7:5b:93:58:09:48:ae:de:2d:0e:22:01:ef:83:25:
                    39:4b:94:bc:55:fc:40:34:f9:ae:03:ff:df:ce:5a:
                    fc:18:9c:9e:4b:de:98:e0:9e:57:d1:f9:d4:15:92:
                    64:c1:61:74:0f:a9:fb:7e:20:3b:f9:7b:3a:c7:ee:
                    b6:ca:61:d8:b5:0e:dd:8b:8d:ef:d7:42:e7:60:b6:
                    f5:24:e9:3a:78:d9:78:c0:31:1c:39:6e:7d:15:b6:
                    b4:7e:bb:56:44:da:6d:45:ea:23:a7:ed:b0:a4:11:
                    ae:d8:5f:56:a7:ba:5c:ff:79:e3:69:9f:ce:cb:bd:
                    fd:b8:c5:00:8c:55:59:a1:80:8c:1a:29:10:04:1e:
                    c6:37:ea:8a:f8:f5:d0:f9:65:d2:53:7e:5f:7f:b7:
                    0b:ea:ce:ac:33:1e:38:3e:b2:fc:d2:6f:73:a5:ae:
                    c6:f7:b4:0d:16:c8:c0:5a:9d:cb:22:c7:3c:be:46:
                    7e:9a:93:a0:e3:a5:8b:0c:d1:5f:62:84:0f:9c:94:
                    bc:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:70:E6:BE:4F:E3:72:B9:25:83:81:ED:5F:27:F8:1C:DA:2B:14:EC
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a6:d6:0c:96:5f:b0:20:1f:e9:d5:a2:cc:6c:76:ae:c6:3b:
         63:53:02:78:56:67:7c:a5:94:ab:f0:98:f0:9a:f0:4c:8d:f3:
         f5:1c:ec:9a:04:e8:4c:1b:89:22:06:a3:b8:97:eb:61:cb:9f:
         3e:9d:48:67:22:8d:d9:fa:a3:cd:c4:ff:f9:ff:0d:2c:d9:ee:
         19:91:81:f7:24:06:d6:16:63:60:74:41:8b:29:7b:d2:76:7b:
         e9:89:e0:90:41:8d:35:cd:e4:51:f6:c8:b6:09:cd:b8:f7:77:
         5d:ac:3e:10:3f:20:83:1f:0f:55:be:de:59:77:d2:f4:c5:49:
         22:af:65:0b:63:e7:f6:4d:f7:0d:ab:79:59:0c:ce:e8:84:18:
         57:6a:99:2d:6d:9b:9a:16:d7:25:8f:a5:de:37:a1:40:74:81:
         eb:cb:80:36:d3:ba:00:3d:c0:d9:ab:0c:1a:72:dd:77:3f:1a:
         a9:ed:79:8b:df:48:3c:54:b2:c5:8d:56:19:e3:90:cb:30:fd:
         ab:02:de:a1:da:5b:76:b3:52:18:8f:d3:3b:c1:e2:ba:c5:82:
         eb:64:e0:4b:16:aa:61:5a:6c:65:be:28:fe:05:1d:0b:ef:46:
         ef:b6:d0:f4:5c:25:e6:e8:ef:93:bf:8a:96:02:62:8d:22:6d:
         46:1c:2e:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpgibhgYQ5/xvoyo8DltWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjUwNDIxMDAwMTA2WhcNMjUwNDIyMDAwMTA2WjAzMTEwLwYDVQQD
Eyg5ZDcwZTZiZTRmZTM3MmI5MjU4MzgxZWQ1ZjI3ZjgxY2RhMmIxNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPWkg1J9V/7hyBuVoevPVNUVeqbU
Ap63rUAM/QloNCPMkFSwsWHivue4r9OEQtGnT6Dt6JcWDxoHLIS3W5NYCUiu3i0O
IgHvgyU5S5S8VfxANPmuA//fzlr8GJyeS96Y4J5X0fnUFZJkwWF0D6n7fiA7+Xs6
x+62ymHYtQ7di43v10LnYLb1JOk6eNl4wDEcOW59Fba0frtWRNptReojp+2wpBGu
2F9Wp7pc/3njaZ/Oy739uMUAjFVZoYCMGikQBB7GN+qK+PXQ+WXSU35ff7cL6s6s
Mx44PrL80m9zpa7G97QNFsjAWp3LIsc8vkZ+mpOg46WLDNFfYoQPnJS8XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1w5r5P43K5JYOB7V8n+BzaKxTsMB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6bWDJZf
sCAf6dWizGx2rsY7Y1MCeFZnfKWUq/CY8JrwTI3z9RzsmgToTBuJIgajuJfrYcuf
Pp1IZyKN2fqjzcT/+f8NLNnuGZGB9yQG1hZjYHRBiyl70nZ76YngkEGNNc3kUfbI
tgnNuPd3Xaw+ED8ggx8PVb7eWXfS9MVJIq9lC2Pn9k33Dat5WQzO6IQYV2qZLW2b
mhbXJY+l3jehQHSB68uANtO6AD3A2asMGnLddz8aqe15i99IPFSyxY1WGeOQyzD9
qwLeodpbdrNSGI/TO8HiusWC62TgSxaqYVpsZb4o/gUdC+9G77bQ9Fwl5ujvk7+K
lgJijSJtRhwu1Q==
-----END CERTIFICATE-----