Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          25qi45k7qw+KWg6FNkl9b8TNWCREJeELeivSg3frlZg=
Subject key identifier:   B7:B3:FB:D6:86:86:42:97:32:10:AD:5D:9C:8E:85:39:6A:59:60:12
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       019747797A56F085F22671F2B67E08C56E29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          027F
Signing time:             Fri 06 Jun 2025 23:00:32 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:32 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:32 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: ASufePxkbTt36RmW9YwZUVVYonWEpqyXTxWa/0jLIN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:7a:56:f0:85:f2:26:71:f2:b6:7e:08:c5:6e:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Jun  6 23:00:32 2025 GMT
            Not After : Jun  7 23:00:32 2025 GMT
        Subject: CN=b7b3fbd6868642973210ad5d9c8e85396a596012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ca:8f:f3:dd:5c:b7:0b:38:a6:01:10:78:85:
                    ff:03:43:e4:5f:21:98:29:a6:e5:5c:92:19:f5:4d:
                    4e:1f:69:d1:5f:45:ae:5c:59:dc:a3:42:19:92:aa:
                    a7:45:6c:fb:6a:7e:51:21:85:4c:93:ea:b1:64:60:
                    fa:5b:93:84:9f:20:11:68:c3:a9:0d:34:47:95:2c:
                    89:82:9d:0a:f4:19:ab:6b:07:44:5f:b0:70:d9:3b:
                    d2:ab:a5:e8:64:86:5a:f6:49:7f:a3:43:e2:43:b4:
                    cb:06:77:81:53:b8:79:9e:e4:6b:14:3c:a5:2b:94:
                    b9:d9:22:72:82:20:51:8c:96:4f:7e:ad:0b:9e:80:
                    a3:cb:d9:8a:1e:d0:a3:3d:f5:d8:f7:d1:e5:62:59:
                    16:27:10:3a:e8:55:18:9a:62:00:4a:3a:50:ad:ea:
                    88:66:6e:3e:4f:a0:cd:09:35:52:91:6f:97:79:f2:
                    94:35:00:e1:ab:4b:69:b3:c8:03:65:53:98:e0:fc:
                    73:e2:27:4f:97:56:55:fc:6c:dc:e5:3a:ad:1c:5a:
                    27:43:29:e3:d5:16:0f:f7:48:80:79:cf:55:25:24:
                    db:ba:b1:65:c6:1e:c7:15:cc:77:bc:5c:6e:75:6e:
                    c9:eb:c9:5c:e5:64:fc:fb:36:98:aa:69:26:19:fb:
                    4e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B3:FB:D6:86:86:42:97:32:10:AD:5D:9C:8E:85:39:6A:59:60:12
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ee:78:f7:9d:0b:aa:b1:99:00:0f:4e:a7:bc:26:f6:4e:7d:
         d4:ed:26:8a:79:91:4d:d9:2e:74:a0:a7:27:a1:29:22:70:8b:
         b9:d0:ac:32:dc:dd:42:cf:e9:1f:17:9d:8b:e5:2b:f7:83:2d:
         7d:97:b7:72:14:9d:82:e1:3b:c6:84:d0:23:3d:a0:d8:8e:90:
         ca:19:e3:5c:80:80:86:6a:0a:a4:40:bf:fd:21:bc:01:06:d2:
         3e:82:7e:b1:4a:ae:09:1a:71:3c:d5:f1:b7:dc:fc:ba:63:ea:
         bc:15:f6:8a:f9:5e:99:51:1c:ea:cf:6e:a6:8b:7a:4a:a8:ce:
         22:3a:83:e8:cf:bd:79:cc:42:90:1a:57:a6:e7:59:56:79:f9:
         2f:de:5b:bf:f6:0b:82:6f:eb:e6:e3:73:e1:f0:b7:0a:d3:3d:
         be:6f:d1:16:65:c2:5f:08:29:f5:4e:15:4c:42:cf:13:b6:aa:
         15:33:35:a0:bc:07:19:73:cf:33:72:ce:2e:43:e3:4a:d3:dc:
         82:22:c3:18:43:e9:71:eb:56:95:90:e6:79:2b:13:d9:47:8e:
         19:b3:d1:46:19:73:5e:bb:76:b3:3e:0e:72:91:ab:33:f2:a2:
         b4:42:e4:15:2e:a4:56:5c:85:2e:9c:27:6a:7a:b1:84:71:1b:
         c2:d2:80:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeXpW8IXyJnHytn4IxW4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUwNjA2MjMwMDMyWhcNMjUwNjA3MjMwMDMyWjAzMTEwLwYDVQQD
EyhiN2IzZmJkNjg2ODY0Mjk3MzIxMGFkNWQ5YzhlODUzOTZhNTk2MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18qP891ctws4pgEQeIX/A0PkXyGY
KablXJIZ9U1OH2nRX0WuXFnco0IZkqqnRWz7an5RIYVMk+qxZGD6W5OEnyARaMOp
DTRHlSyJgp0K9BmrawdEX7Bw2TvSq6XoZIZa9kl/o0PiQ7TLBneBU7h5nuRrFDyl
K5S52SJygiBRjJZPfq0LnoCjy9mKHtCjPfXY99HlYlkWJxA66FUYmmIASjpQreqI
Zm4+T6DNCTVSkW+XefKUNQDhq0tps8gDZVOY4Pxz4idPl1ZV/Gzc5TqtHFonQynj
1RYP90iAec9VJSTburFlxh7HFcx3vFxudW7J68lc5WT8+zaYqmkmGftOUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLez+9aGhkKXMhCtXZyOhTlqWWASMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACO54950L
qrGZAA9Op7wm9k591O0minmRTdkudKCnJ6EpInCLudCsMtzdQs/pHxedi+Ur94Mt
fZe3chSdguE7xoTQIz2g2I6QyhnjXICAhmoKpEC//SG8AQbSPoJ+sUquCRpxPNXx
t9z8umPqvBX2ivlemVEc6s9upot6SqjOIjqD6M+9ecxCkBpXpudZVnn5L95bv/YL
gm/r5uNz4fC3CtM9vm/RFmXCXwgp9U4VTELPE7aqFTM1oLwHGXPPM3LOLkPjStPc
giLDGEPpcetWlZDmeSsT2UeOGbPRRhlzXrt2sz4OcpGrM/KitELkFS6kVlyFLpwn
anqxhHEbwtKAkg==
-----END CERTIFICATE-----