Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          2Cf2v2doAP2Onzfgf2mbfkDoQy+H0So2L4zHfsrqM6o=
Subject key identifier:   7F:99:80:E6:BE:34:60:45:A5:D7:A2:7A:4A:8E:E6:99:3A:04:ED:6D
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       0197469DA67863810E30DACBD4C1F2FFE29C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 19:00:26 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:26 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:26 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: CTQMnP3GnnnG7RuHHRvJR9MnQEOv49o+ZeCtecEtOzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:a6:78:63:81:0e:30:da:cb:d4:c1:f2:ff:e2:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Jun  6 19:00:26 2025 GMT
            Not After : Jun  7 19:00:26 2025 GMT
        Subject: CN=7f9980e6be346045a5d7a27a4a8ee6993a04ed6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:92:fd:d5:d6:a7:37:56:5d:74:ef:b2:b9:e8:
                    5f:32:41:95:fe:3a:e6:32:0d:a7:07:a6:79:f1:dd:
                    68:59:e2:45:af:15:d5:82:36:1b:d0:e4:e7:ff:c5:
                    8f:10:16:64:43:9b:01:de:0a:3f:c4:68:1e:20:ea:
                    04:2c:7d:d3:ce:bf:30:97:ce:b5:5d:39:8c:60:08:
                    34:2f:39:61:bb:d8:0f:1f:2e:b3:74:3b:1c:ba:34:
                    d7:38:f5:94:33:04:45:c9:ca:d5:32:34:e5:aa:ea:
                    b9:8f:6d:b1:4b:6d:52:ec:fd:fc:bd:b3:59:a8:c6:
                    6b:57:f7:43:f9:a9:79:e2:1b:52:38:5f:6d:9c:57:
                    1f:c3:fb:5b:60:41:c3:90:f3:1c:4f:40:d1:56:0e:
                    4e:13:a0:72:bf:54:df:fe:d7:61:f8:6d:7f:b8:46:
                    48:90:e5:41:b0:e8:97:6d:6a:dc:1a:21:a9:8a:a3:
                    1d:f9:dc:e9:62:b2:e4:87:05:13:cb:ac:c4:ab:f8:
                    e9:9a:54:35:de:3c:1b:d5:49:f0:85:0d:02:9f:3e:
                    0a:2b:41:5a:14:63:bf:c4:59:58:60:78:89:eb:c8:
                    fe:22:47:a0:1b:c9:d8:33:43:84:e3:b9:cf:3f:74:
                    9c:4e:73:db:76:47:f8:da:8a:97:30:d0:68:48:ea:
                    de:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:99:80:E6:BE:34:60:45:A5:D7:A2:7A:4A:8E:E6:99:3A:04:ED:6D
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:df:d0:5d:a2:ad:b3:d1:e2:91:17:ca:57:80:e0:fc:dd:0b:
         50:a8:a5:3b:1d:7e:18:7c:fe:c4:4c:9d:00:c7:12:fb:fb:9e:
         4c:1a:98:bd:e3:78:7c:5d:84:c3:13:46:05:05:f7:90:b4:81:
         be:99:5b:ba:f7:ca:d4:ed:f7:50:31:1d:3a:2f:5d:16:64:20:
         3e:e9:e7:5f:c9:f9:a7:b5:cd:4d:30:11:30:66:8d:95:b5:ff:
         69:b8:c7:78:1e:8d:74:23:51:f6:41:de:89:f3:ef:a6:52:8f:
         f3:7b:92:27:35:7f:6e:cc:69:71:eb:ce:a1:84:ab:8e:5d:81:
         2b:3c:6e:99:b6:ee:ea:42:30:ca:a2:3a:84:76:b7:98:db:55:
         e8:d9:d1:5a:a0:b8:4b:19:f5:92:9b:f3:fb:c2:38:8d:8b:da:
         6b:30:11:fe:a9:25:46:ee:68:4f:85:e2:66:ad:a3:a1:5e:05:
         cc:d3:fa:4d:ba:9a:45:34:f3:6c:0e:52:95:4d:dc:b7:c3:6e:
         eb:35:e6:ab:e6:56:82:ba:4c:bc:cb:7a:20:0c:9b:02:04:9d:
         22:2d:f0:ce:1f:e0:ba:25:2c:73:08:e5:0d:26:9a:14:50:7b:
         6b:60:be:f4:d4:ae:1a:c3:51:21:98:85:8d:f4:54:16:ae:ac:
         1e:dd:ae:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnaZ4Y4EOMNrL1MHy/+KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwNjA2MTkwMDI2WhcNMjUwNjA3MTkwMDI2WjAzMTEwLwYDVQQD
Eyg3Zjk5ODBlNmJlMzQ2MDQ1YTVkN2EyN2E0YThlZTY5OTNhMDRlZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpL91danN1ZddO+yuehfMkGV/jrm
Mg2nB6Z58d1oWeJFrxXVgjYb0OTn/8WPEBZkQ5sB3go/xGgeIOoELH3Tzr8wl861
XTmMYAg0Lzlhu9gPHy6zdDscujTXOPWUMwRFycrVMjTlquq5j22xS21S7P38vbNZ
qMZrV/dD+al54htSOF9tnFcfw/tbYEHDkPMcT0DRVg5OE6Byv1Tf/tdh+G1/uEZI
kOVBsOiXbWrcGiGpiqMd+dzpYrLkhwUTy6zEq/jpmlQ13jwb1UnwhQ0Cnz4KK0Fa
FGO/xFlYYHiJ68j+IkegG8nYM0OE47nPP3ScTnPbdkf42oqXMNBoSOre7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+ZgOa+NGBFpdeiekqO5pk6BO1tMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAed/QXaKt
s9HikRfKV4Dg/N0LUKilOx1+GHz+xEydAMcS+/ueTBqYveN4fF2EwxNGBQX3kLSB
vplbuvfK1O33UDEdOi9dFmQgPunnX8n5p7XNTTARMGaNlbX/abjHeB6NdCNR9kHe
ifPvplKP83uSJzV/bsxpcevOoYSrjl2BKzxumbbu6kIwyqI6hHa3mNtV6NnRWqC4
Sxn1kpvz+8I4jYvaazAR/qklRu5oT4XiZq2joV4FzNP6TbqaRTTzbA5SlU3ct8Nu
6zXmq+ZWgrpMvMt6IAybAgSdIi3wzh/guiUscwjlDSaaFFB7a2C+9NSuGsNRIZiF
jfRUFq6sHt2uRw==
-----END CERTIFICATE-----