Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          ox2rBjQE/X2Z37l0aq+cMHmSdTT/bpRk8xEHzAo+Z7Q=
Subject key identifier:   E7:42:43:17:32:5C:C6:96:95:B3:DD:99:40:1E:72:4F:6A:49:22:8A
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       0196504869D98F3A799AE6C7BA0E2FFC2EC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          01FF
Signing time:             Sat 19 Apr 2025 23:00:45 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:45 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:45 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: 70iGX1zu1FGENxTibKxdjJevlG/LDWRvWHz+wy2yzJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:69:d9:8f:3a:79:9a:e6:c7:ba:0e:2f:fc:2e:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Apr 19 23:00:45 2025 GMT
            Not After : Apr 20 23:00:45 2025 GMT
        Subject: CN=e7424317325cc69695b3dd99401e724f6a49228a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e8:26:69:16:03:a3:c9:69:45:0a:38:db:8e:
                    5a:82:c9:92:9f:ff:60:f9:71:b7:95:a7:f5:3f:e1:
                    7e:d4:6d:d0:92:04:d8:c2:61:06:35:2d:a3:82:9d:
                    2d:0e:93:30:4c:98:9d:b9:60:14:8d:98:f4:af:23:
                    82:f7:85:0e:9a:1e:fa:4d:9b:6d:99:ff:12:c1:67:
                    d7:09:94:f0:41:47:1c:f4:64:bc:b5:9b:15:04:7d:
                    a1:10:60:aa:7f:8a:66:45:25:bc:ab:1c:f5:7d:b5:
                    a3:50:da:57:70:c5:33:04:6a:20:16:f4:6c:b7:ba:
                    8d:8c:31:b2:6e:cb:d9:31:5a:a2:a3:c3:41:6e:a8:
                    dd:cd:6d:f3:05:e0:df:13:21:95:5b:5b:46:18:d6:
                    d2:5d:2e:38:68:df:52:1c:4b:f7:e1:6e:5e:0f:86:
                    dd:88:e5:7a:81:83:da:3b:7e:4e:24:69:e6:60:cc:
                    e6:38:68:14:4d:fd:b5:b7:1f:2e:04:19:ea:fe:5a:
                    58:e8:35:f9:0f:ba:52:58:82:86:62:04:f2:fa:56:
                    59:4b:ce:6d:3c:ef:7f:0c:db:1f:0e:31:de:6a:e0:
                    a9:d5:55:7e:75:b2:d1:c0:b6:a2:e7:c5:40:8d:4e:
                    55:86:bf:11:64:ac:99:15:55:c8:20:e6:48:66:8f:
                    63:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:42:43:17:32:5C:C6:96:95:B3:DD:99:40:1E:72:4F:6A:49:22:8A
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:b0:18:48:5e:a0:df:76:29:77:8f:0b:2d:08:48:7d:84:b9:
         75:7b:b3:78:52:bf:d5:e3:bf:62:f9:1a:37:cc:11:8b:ac:6e:
         5f:9c:e9:bc:03:ae:db:9c:5a:35:4e:49:28:72:38:f4:0c:65:
         44:dd:06:31:e1:44:1e:93:53:07:5a:fd:5c:04:ca:94:ec:da:
         fb:bd:3a:3e:b3:26:d9:d5:57:be:a7:a5:a9:ae:bb:31:17:37:
         64:99:7b:46:14:35:1e:d3:7d:5e:3c:ee:73:f8:f4:07:50:c6:
         d6:93:86:cd:2d:e0:d1:9a:de:5b:5e:4f:48:d5:07:07:1e:05:
         76:08:50:e3:31:a4:8c:9e:34:36:d5:e3:08:9d:5a:9a:d8:dd:
         9a:0b:f2:b2:83:60:72:0e:5b:ad:ac:17:2e:d3:8f:2c:f5:88:
         37:46:11:9c:f0:12:4a:22:75:6d:bc:17:f9:1e:8c:e1:b7:74:
         c4:3c:03:16:e4:27:dd:23:5e:af:0c:53:76:03:67:6c:3e:7d:
         1b:ec:ec:75:bd:a3:76:43:85:b6:0f:1f:e5:f7:9a:fa:48:2c:
         04:55:fe:b4:6e:1c:f1:ba:97:3e:09:15:8b:60:a4:f6:25:d7:
         73:26:13:aa:9f:f6:f7:cf:54:50:69:c3:89:9e:f5:38:48:de:
         ac:29:17:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSGnZjzp5mubHug4v/C7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUwNDE5MjMwMDQ1WhcNMjUwNDIwMjMwMDQ1WjAzMTEwLwYDVQQD
EyhlNzQyNDMxNzMyNWNjNjk2OTViM2RkOTk0MDFlNzI0ZjZhNDkyMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ugmaRYDo8lpRQo4245agsmSn/9g
+XG3laf1P+F+1G3QkgTYwmEGNS2jgp0tDpMwTJiduWAUjZj0ryOC94UOmh76TZtt
mf8SwWfXCZTwQUcc9GS8tZsVBH2hEGCqf4pmRSW8qxz1fbWjUNpXcMUzBGogFvRs
t7qNjDGybsvZMVqio8NBbqjdzW3zBeDfEyGVW1tGGNbSXS44aN9SHEv34W5eD4bd
iOV6gYPaO35OJGnmYMzmOGgUTf21tx8uBBnq/lpY6DX5D7pSWIKGYgTy+lZZS85t
PO9/DNsfDjHeauCp1VV+dbLRwLai58VAjU5Vhr8RZKyZFVXIIOZIZo9j5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOdCQxcyXMaWlbPdmUAeck9qSSKKMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7AYSF6g
33Ypd48LLQhIfYS5dXuzeFK/1eO/YvkaN8wRi6xuX5zpvAOu25xaNU5JKHI49Axl
RN0GMeFEHpNTB1r9XATKlOza+706PrMm2dVXvqelqa67MRc3ZJl7RhQ1HtN9Xjzu
c/j0B1DG1pOGzS3g0ZreW15PSNUHBx4FdghQ4zGkjJ40NtXjCJ1amtjdmgvysoNg
cg5brawXLtOPLPWIN0YRnPASSiJ1bbwX+R6M4bd0xDwDFuQn3SNerwxTdgNnbD59
G+zsdb2jdkOFtg8f5fea+kgsBFX+tG4c8bqXPgkVi2Ck9iXXcyYTqp/2989UUGnD
iZ71OEjerCkXbg==
-----END CERTIFICATE-----