Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          mhFUc+Aj5KwNefU1XrVraC+bd2U2cfTDL95CkgHffBI=
Subject key identifier:   F1:85:78:21:91:10:19:38:7D:23:3E:58:36:CF:71:07:40:48:85:FC
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       019748C2F2D67EC64A78855904FB5A2359DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          03E5
Signing time:             Sat 07 Jun 2025 05:00:24 +0000
Manifest this update:     Sat 07 Jun 2025 05:00:24 +0000
Manifest next update:     Sun 08 Jun 2025 05:00:24 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: QNOtxiaZTjLIq3Z47lukT3RhYKunCli7Mt9856J/JTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:c2:f2:d6:7e:c6:4a:78:85:59:04:fb:5a:23:59:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Jun  7 05:00:24 2025 GMT
            Not After : Jun  8 05:00:24 2025 GMT
        Subject: CN=f1857821911019387d233e5836cf7107404885fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:88:eb:bc:41:fd:47:a1:26:d6:09:7f:57:8d:
                    77:4d:64:64:d3:4f:86:08:2b:d5:3b:15:4c:1b:8f:
                    5d:92:11:46:01:07:11:95:4c:45:f7:26:66:89:bd:
                    97:c4:f5:34:92:10:7f:da:e4:fd:57:7f:c2:2d:96:
                    12:b9:8f:9a:14:21:ac:b9:52:a3:f9:01:ff:25:cd:
                    63:50:33:4c:0c:55:dc:1a:cc:93:ca:72:52:d6:38:
                    0e:9f:c9:8f:88:2a:4c:64:3d:2f:64:0b:52:39:d8:
                    a7:f8:e1:66:f7:b4:43:82:3c:f7:f2:de:18:79:df:
                    53:1b:4e:ea:81:c5:80:20:ec:86:f2:59:a6:71:e9:
                    9a:22:a0:01:47:53:65:45:6f:05:d7:2a:a1:28:b2:
                    23:f3:71:34:e3:61:86:4f:30:8d:94:3c:b6:be:ad:
                    08:5b:25:31:25:e0:28:15:2b:ba:e4:db:69:79:6e:
                    f9:84:2b:4b:3f:c2:58:37:a2:9a:0e:63:2c:ff:3c:
                    44:51:0a:b2:c1:9f:57:a7:62:3f:19:6c:ec:44:0f:
                    61:86:e8:33:08:d5:34:9a:f0:f2:98:3e:63:bd:3f:
                    8c:16:35:a1:31:0d:c5:b3:40:ec:07:8a:7b:46:f4:
                    29:93:6e:50:6a:bd:7d:71:3f:2f:25:8b:2f:38:4d:
                    ac:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:85:78:21:91:10:19:38:7D:23:3E:58:36:CF:71:07:40:48:85:FC
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:76:94:49:81:7d:3d:a6:d8:65:84:7d:7e:e7:38:32:d8:ac:
         b1:25:32:3b:19:eb:a9:d1:ea:71:4e:1e:06:bd:12:1e:3e:bd:
         78:1d:02:8d:65:7a:d8:fd:04:71:c9:ea:d9:fd:53:77:a7:b8:
         62:e0:e8:9c:6c:22:95:94:6d:90:35:e2:26:cf:df:1e:18:dc:
         a9:35:25:31:85:90:7d:25:3c:df:0e:88:e7:23:cf:5b:c9:f8:
         3e:dc:91:d7:7f:fe:80:72:04:69:4c:b2:93:78:98:43:7a:96:
         1c:44:a0:00:93:47:fb:1d:93:54:0a:81:8c:8f:3f:c7:78:de:
         cb:eb:5e:9a:fc:8b:b0:3b:48:a1:1c:35:2d:ad:42:6a:09:f7:
         88:33:4e:62:06:67:c3:79:18:0a:b3:b7:35:a9:bd:67:d0:2a:
         b0:d8:b6:ae:6f:fe:a8:8f:2e:bd:ec:2b:c3:e2:85:5d:02:e7:
         3a:7d:fe:b5:40:47:5f:a8:eb:1c:4b:74:74:be:9e:42:7d:51:
         88:c8:ab:53:06:46:e3:4b:4f:1d:2f:3e:ea:07:50:0e:01:8a:
         34:83:2b:1f:f8:55:5d:55:7b:67:e3:8f:5f:64:19:8a:c4:22:
         35:d2:0f:36:8b:ba:84:5b:2d:d4:86:2b:6e:73:d1:80:66:d1:
         d0:71:4d:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIwvLWfsZKeIVZBPtaI1naMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwNjA3MDUwMDI0WhcNMjUwNjA4MDUwMDI0WjAzMTEwLwYDVQQD
EyhmMTg1NzgyMTkxMTAxOTM4N2QyMzNlNTgzNmNmNzEwNzQwNDg4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IjrvEH9R6Em1gl/V413TWRk00+G
CCvVOxVMG49dkhFGAQcRlUxF9yZmib2XxPU0khB/2uT9V3/CLZYSuY+aFCGsuVKj
+QH/Jc1jUDNMDFXcGsyTynJS1jgOn8mPiCpMZD0vZAtSOdin+OFm97RDgjz38t4Y
ed9TG07qgcWAIOyG8lmmcemaIqABR1NlRW8F1yqhKLIj83E042GGTzCNlDy2vq0I
WyUxJeAoFSu65NtpeW75hCtLP8JYN6KaDmMs/zxEUQqywZ9Xp2I/GWzsRA9hhugz
CNU0mvDymD5jvT+MFjWhMQ3Fs0DsB4p7RvQpk25Qar19cT8vJYsvOE2szwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGFeCGREBk4fSM+WDbPcQdASIX8MB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3aUSYF9
PabYZYR9fuc4MtissSUyOxnrqdHqcU4eBr0SHj69eB0CjWV62P0Eccnq2f1Td6e4
YuDonGwilZRtkDXiJs/fHhjcqTUlMYWQfSU83w6I5yPPW8n4PtyR13/+gHIEaUyy
k3iYQ3qWHESgAJNH+x2TVAqBjI8/x3jey+temvyLsDtIoRw1La1Cagn3iDNOYgZn
w3kYCrO3Nam9Z9AqsNi2rm/+qI8uvewrw+KFXQLnOn3+tUBHX6jrHEt0dL6eQn1R
iMirUwZG40tPHS8+6gdQDgGKNIMrH/hVXVV7Z+OPX2QZisQiNdIPNou6hFst1IYr
bnPRgGbR0HFNtA==
-----END CERTIFICATE-----