Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          zxBb3oAhXEaOCIuWGOq7BXAUMlHpnSt9hn7XvT8254M=
Subject key identifier:   C1:96:23:67:B2:E6:27:96:46:D7:BC:40:EA:2B:35:1F:16:75:EB:1C
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       019921E7880484F3EDDF4644525DC20A3CD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          04DA
Signing time:             Sun 07 Sep 2025 02:00:45 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:45 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:45 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: zypgM1ed6DPtGXIzpj4a8gAEQpkq3sn8hucUkAQtjg4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:88:04:84:f3:ed:df:46:44:52:5d:c2:0a:3c:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Sep  7 02:00:45 2025 GMT
            Not After : Sep  8 02:00:45 2025 GMT
        Subject: CN=c1962367b2e6279646d7bc40ea2b351f1675eb1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1b:c8:47:09:f5:38:aa:58:d1:ab:17:ab:d2:
                    0a:cb:08:9d:f9:1d:fd:2a:a0:98:60:5c:88:a3:3c:
                    80:f6:60:af:61:70:0a:03:38:77:da:9a:77:4c:25:
                    17:a8:92:33:dc:a0:d3:15:f6:40:70:2d:f4:98:c7:
                    56:17:ee:94:5f:ca:29:b8:0e:f8:92:a0:02:04:18:
                    03:91:6c:2f:87:d7:86:9e:07:b3:b2:22:c5:5a:8b:
                    06:3c:35:54:79:21:1a:fb:38:01:04:be:b6:ea:1f:
                    c7:35:a5:7b:e5:e2:4b:36:36:4c:81:d9:b6:b8:a3:
                    18:a1:ff:bd:4c:f4:79:ba:63:67:88:f6:6b:5f:f9:
                    b4:15:69:6e:0e:88:9c:22:5d:1d:67:ff:6e:25:48:
                    a8:bd:7f:43:0a:87:70:16:c1:c4:53:6c:11:af:1b:
                    6f:e7:cd:65:93:5d:c4:58:76:ab:e4:be:c2:97:e8:
                    6d:50:ef:9a:4c:cb:32:26:a1:06:d9:da:5e:bd:7d:
                    e5:03:bf:9a:a2:bb:43:21:57:41:97:38:06:c3:c8:
                    3d:2b:da:43:1f:e2:55:d9:c3:02:16:71:ef:01:19:
                    fc:09:03:b5:cc:31:4c:c0:e7:a9:92:47:93:77:31:
                    33:d8:3e:bb:4e:ab:b7:6c:67:81:43:6a:9c:5c:e4:
                    f4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:96:23:67:B2:E6:27:96:46:D7:BC:40:EA:2B:35:1F:16:75:EB:1C
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:45:07:60:fd:c4:d9:e4:ae:50:41:83:95:07:43:4b:c9:3e:
         41:a0:a3:f9:eb:f8:92:61:ac:c2:ab:6d:e2:ea:0e:da:49:f4:
         79:ef:69:bf:49:47:3a:f4:e5:1e:aa:e1:f7:ac:4e:43:51:6f:
         ae:cb:77:e3:5b:1d:7b:f0:8c:b1:1e:e4:f9:c8:8a:b1:0c:f8:
         7c:78:26:68:11:5d:3c:14:fe:c3:c6:45:b1:ed:e1:71:9a:ba:
         50:c3:07:e2:37:4f:f6:54:a5:42:2c:53:9c:ab:a1:67:aa:7f:
         24:10:48:f6:d7:ed:34:1e:68:8f:f0:7c:91:58:20:6b:38:e0:
         90:7b:ae:f0:da:5e:44:a9:a0:89:65:80:51:9a:a2:e5:89:27:
         b4:40:10:ab:45:4b:3e:18:17:71:6b:0c:d3:21:67:a2:4d:84:
         85:cf:6a:8e:60:2b:5b:fc:70:d7:83:0b:ec:5b:61:3c:42:0a:
         8c:e0:1a:15:e3:94:3d:f1:2a:38:2f:9f:c6:66:6e:0e:32:c4:
         83:b7:db:d6:6d:60:fa:32:11:8e:d8:35:c7:38:1f:f8:0c:4d:
         c3:b4:51:f0:89:51:10:07:ae:ee:83:91:9f:5b:d2:d0:a0:2d:
         53:2e:62:fe:d7:7c:29:29:08:46:fc:60:14:8b:50:d7:31:46:
         dd:ec:73:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh54gEhPPt30ZEUl3CCjzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwOTA3MDIwMDQ1WhcNMjUwOTA4MDIwMDQ1WjAzMTEwLwYDVQQD
EyhjMTk2MjM2N2IyZTYyNzk2NDZkN2JjNDBlYTJiMzUxZjE2NzVlYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBvIRwn1OKpY0asXq9IKywid+R39
KqCYYFyIozyA9mCvYXAKAzh32pp3TCUXqJIz3KDTFfZAcC30mMdWF+6UX8opuA74
kqACBBgDkWwvh9eGngezsiLFWosGPDVUeSEa+zgBBL626h/HNaV75eJLNjZMgdm2
uKMYof+9TPR5umNniPZrX/m0FWluDoicIl0dZ/9uJUiovX9DCodwFsHEU2wRrxtv
581lk13EWHar5L7Cl+htUO+aTMsyJqEG2dpevX3lA7+aortDIVdBlzgGw8g9K9pD
H+JV2cMCFnHvARn8CQO1zDFMwOepkkeTdzEz2D67Tqu3bGeBQ2qcXOT0owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGWI2ey5ieWRte8QOorNR8WdescMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0UHYP3E
2eSuUEGDlQdDS8k+QaCj+ev4kmGswqtt4uoO2kn0ee9pv0lHOvTlHqrh96xOQ1Fv
rst341sde/CMsR7k+ciKsQz4fHgmaBFdPBT+w8ZFse3hcZq6UMMH4jdP9lSlQixT
nKuhZ6p/JBBI9tftNB5oj/B8kVggazjgkHuu8NpeRKmgiWWAUZqi5YkntEAQq0VL
PhgXcWsM0yFnok2Ehc9qjmArW/xw14ML7FthPEIKjOAaFeOUPfEqOC+fxmZuDjLE
g7fb1m1g+jIRjtg1xzgf+AxNw7RR8IlREAeu7oORn1vS0KAtUy5i/td8KSkIRvxg
FItQ1zFG3exzUg==
-----END CERTIFICATE-----