Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          JR4AEBz4bdWGL/p3CuLD4Bm3XgwrZS0PCqd0MsEWmE0=
Subject key identifier:   A5:70:A3:67:7D:09:03:F5:24:B8:9E:62:5A:0F:97:93:11:13:BA:21
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       019659147375370DB224705DD1D4C8760AF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 16:00:34 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:34 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:34 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: 8zLmt1JI31sOSLFAv5gRVH3snVGwj9q1gKx/q9HeZcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:73:75:37:0d:b2:24:70:5d:d1:d4:c8:76:0a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Apr 21 16:00:34 2025 GMT
            Not After : Apr 22 16:00:34 2025 GMT
        Subject: CN=a570a3677d0903f524b89e625a0f97931113ba21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2a:40:32:56:4d:87:8f:37:22:84:0e:f1:05:
                    63:23:8c:80:7f:fb:4e:87:fb:65:7d:a2:4d:e2:55:
                    38:3e:d2:0a:18:5f:4a:9c:b4:05:62:1d:f5:0b:ee:
                    a8:a4:56:a3:7a:49:c6:4a:73:a7:e5:06:b1:c5:c9:
                    45:02:b2:c3:39:f2:1d:67:06:28:92:eb:7e:37:c6:
                    e8:42:a4:d2:21:3f:eb:ca:ff:d2:c4:ee:6a:db:57:
                    ff:28:46:70:49:bc:60:ea:7d:36:87:13:56:63:75:
                    de:6a:f4:b3:a8:c6:7a:68:e7:91:3c:8c:b6:b5:c4:
                    c9:b9:6e:a9:18:39:45:81:fc:ac:f9:e0:65:e6:f3:
                    b0:76:7b:85:de:d5:62:bf:00:f8:f4:aa:bd:62:10:
                    08:d0:65:fa:09:bb:9b:1c:0e:f0:e2:1a:63:18:9d:
                    8a:a6:39:a3:e3:d7:ab:be:84:f0:5c:32:b2:26:fc:
                    38:a9:b2:a5:0f:fb:c8:62:5c:bf:f1:e1:be:e7:cc:
                    4a:b8:9b:1d:27:d6:91:43:22:f5:5d:b3:53:18:6f:
                    7a:4c:db:fb:1b:67:9f:b6:7d:87:15:8d:3d:40:02:
                    aa:67:0e:f5:4b:4d:40:61:9e:a1:04:b9:8b:4d:65:
                    48:5e:23:bd:18:a6:c5:c5:7a:79:ae:4d:4a:88:c7:
                    19:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:70:A3:67:7D:09:03:F5:24:B8:9E:62:5A:0F:97:93:11:13:BA:21
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:86:3f:0f:bd:6b:48:83:78:ba:46:b0:e5:12:4b:31:b6:d1:
         25:08:4d:6b:a1:1b:ac:86:1f:81:55:6e:b1:fe:1c:98:08:cf:
         8a:3e:27:b1:65:d1:79:37:67:22:f9:03:55:5b:ea:ea:2b:c2:
         b8:36:7a:ef:bf:83:72:48:1b:4b:93:38:57:6d:04:04:94:1b:
         01:74:63:3f:27:91:cd:91:92:cf:59:b6:2d:96:fe:24:67:7d:
         cf:9f:bd:d2:93:64:1a:1d:71:ce:e1:5b:c6:4e:03:34:f2:34:
         c9:66:a5:81:9d:2b:42:7f:b7:c5:90:7f:da:60:8e:93:49:78:
         1a:3f:90:2c:7d:22:8f:fc:8d:3c:8a:ab:8d:4d:53:95:82:6d:
         15:9a:c2:98:5e:5a:8b:7e:3b:66:2e:11:59:56:da:ea:ba:d9:
         77:95:12:1f:90:b1:59:18:55:7b:e3:08:87:d3:62:47:19:77:
         85:a5:3f:19:72:38:b9:0d:69:6f:a4:02:ec:74:99:ed:1d:60:
         07:81:91:d2:fc:e1:23:e5:d1:65:90:8b:1e:61:c3:1e:35:c7:
         df:f0:59:3e:a3:65:67:48:b3:24:b4:d2:8e:98:e5:04:b1:9d:
         6c:01:69:1f:c0:3a:ea:7e:b3:be:18:26:8b:b4:af:43:b4:1f:
         a4:67:5b:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFHN1Nw2yJHBd0dTIdgr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwNDIxMTYwMDM0WhcNMjUwNDIyMTYwMDM0WjAzMTEwLwYDVQQD
EyhhNTcwYTM2NzdkMDkwM2Y1MjRiODllNjI1YTBmOTc5MzExMTNiYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuypAMlZNh483IoQO8QVjI4yAf/tO
h/tlfaJN4lU4PtIKGF9KnLQFYh31C+6opFajeknGSnOn5QaxxclFArLDOfIdZwYo
kut+N8boQqTSIT/ryv/SxO5q21f/KEZwSbxg6n02hxNWY3XeavSzqMZ6aOeRPIy2
tcTJuW6pGDlFgfys+eBl5vOwdnuF3tVivwD49Kq9YhAI0GX6CbubHA7w4hpjGJ2K
pjmj49ervoTwXDKyJvw4qbKlD/vIYly/8eG+58xKuJsdJ9aRQyL1XbNTGG96TNv7
G2eftn2HFY09QAKqZw71S01AYZ6hBLmLTWVIXiO9GKbFxXp5rk1KiMcZIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVwo2d9CQP1JLieYloPl5MRE7ohMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoY/D71r
SIN4ukaw5RJLMbbRJQhNa6EbrIYfgVVusf4cmAjPij4nsWXReTdnIvkDVVvq6ivC
uDZ677+DckgbS5M4V20EBJQbAXRjPyeRzZGSz1m2LZb+JGd9z5+90pNkGh1xzuFb
xk4DNPI0yWalgZ0rQn+3xZB/2mCOk0l4Gj+QLH0ij/yNPIqrjU1TlYJtFZrCmF5a
i347Zi4RWVba6rrZd5USH5CxWRhVe+MIh9NiRxl3haU/GXI4uQ1pb6QC7HSZ7R1g
B4GR0vzhI+XRZZCLHmHDHjXH3/BZPqNlZ0izJLTSjpjlBLGdbAFpH8A66n6zvhgm
i7SvQ7QfpGdbEg==
-----END CERTIFICATE-----