Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          Mp76DQbOvc8ldaorQcNLmTS5436L6pB9FM4X1ovbiVA=
Subject key identifier:   01:F2:40:1F:4A:2E:8B:A2:A3:5D:4C:3E:F0:1D:A7:75:26:DB:5F:EE
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019747E7ABB6468CB67E4208DDAA5109EB94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1420
Signing time:             Sat 07 Jun 2025 01:00:54 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:54 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:54 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: J0V2vLIxqSnvRexdWOioYqWqQjSqLx89gVkxWQum67k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:ab:b6:46:8c:b6:7e:42:08:dd:aa:51:09:eb:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Jun  7 01:00:54 2025 GMT
            Not After : Jun  8 01:00:54 2025 GMT
        Subject: CN=01f2401f4a2e8ba2a35d4c3ef01da77526db5fee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ce:10:33:61:4d:e0:fe:31:c5:94:c9:5e:9b:
                    25:b6:62:7a:f9:15:dc:1b:d7:79:f5:e5:d8:8c:d1:
                    e6:ad:16:2f:eb:46:d9:df:fc:81:2f:98:90:6a:cb:
                    a8:40:dc:06:fc:78:fd:0b:31:69:df:99:d1:29:54:
                    fe:c8:de:b1:57:10:b6:db:e6:bb:a3:61:f3:14:20:
                    25:ac:2b:c7:0a:50:57:b0:52:34:bf:2c:f9:34:fc:
                    58:39:1f:06:28:d2:ed:28:3b:02:d8:e7:a8:4c:a3:
                    b3:8c:f9:04:9b:21:d9:8f:8f:f5:79:25:39:88:e6:
                    c5:20:9d:f5:bb:f0:f4:f9:a7:ab:b3:c8:3d:f9:a9:
                    1b:81:4f:35:6f:00:31:7a:eb:78:40:ac:d3:0f:ee:
                    43:1f:73:06:2c:2d:d5:92:ca:30:b0:71:f5:05:3a:
                    09:c6:75:f6:f2:70:ee:e0:07:da:79:ae:d7:21:8c:
                    d7:5e:36:7f:2d:c8:07:b6:00:61:fc:5c:7f:7e:84:
                    c5:4d:82:38:16:19:5c:23:f8:66:26:2f:b9:ca:b1:
                    15:fc:f8:8f:36:de:cd:2a:0a:dc:85:0e:15:e8:29:
                    35:1a:c3:6d:0f:e0:e7:d8:8c:c3:52:76:77:89:9c:
                    08:5a:d1:6b:58:a2:7b:0a:74:a0:c7:c4:06:f8:01:
                    79:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:F2:40:1F:4A:2E:8B:A2:A3:5D:4C:3E:F0:1D:A7:75:26:DB:5F:EE
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:d6:77:78:e0:bd:a0:27:0f:0f:15:96:62:40:c3:3a:4e:d9:
         48:bf:de:6c:43:a2:ca:41:05:a3:2a:1a:e7:0b:7e:92:08:f5:
         fc:cc:c8:93:5d:a8:97:c1:1c:a6:84:c4:b9:4d:d3:70:cd:02:
         df:7e:cb:c5:69:bc:7f:d4:7b:bf:e4:22:bf:4a:fe:d9:bd:b5:
         7a:98:ec:00:4f:26:fb:45:a7:64:cd:11:16:2a:b3:2f:63:98:
         78:08:3a:87:50:de:55:e7:65:1a:34:0b:4c:12:80:1f:66:e5:
         cd:24:5f:cb:a5:ac:fe:b2:e7:9e:ad:31:22:b4:b0:1a:4a:f4:
         7d:bd:e4:9e:e8:7f:18:bd:e3:8d:5e:2d:18:fb:37:9c:92:ad:
         8a:1a:41:70:a5:ac:5f:ff:43:bd:da:bd:99:2d:82:ba:c0:96:
         b7:f1:3a:01:97:1f:60:a8:8c:a9:4f:f7:3e:41:ef:ce:49:fb:
         b9:49:31:5a:6b:66:ee:3b:21:f5:62:b4:09:02:c4:52:16:dc:
         02:6f:a2:7d:ea:09:fb:11:90:13:5c:d9:e2:f0:7d:15:79:f4:
         96:0b:b1:d4:8e:97:d7:53:8c:3c:bd:2f:4c:9c:72:69:78:a0:
         b4:4e:fa:9a:57:4d:41:a5:99:f2:0a:5b:69:7d:dc:01:9f:81:
         6e:3b:4c:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH56u2Roy2fkII3apRCeuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwNjA3MDEwMDU0WhcNMjUwNjA4MDEwMDU0WjAzMTEwLwYDVQQD
EygwMWYyNDAxZjRhMmU4YmEyYTM1ZDRjM2VmMDFkYTc3NTI2ZGI1ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c4QM2FN4P4xxZTJXpsltmJ6+RXc
G9d59eXYjNHmrRYv60bZ3/yBL5iQasuoQNwG/Hj9CzFp35nRKVT+yN6xVxC22+a7
o2HzFCAlrCvHClBXsFI0vyz5NPxYOR8GKNLtKDsC2OeoTKOzjPkEmyHZj4/1eSU5
iObFIJ31u/D0+aers8g9+akbgU81bwAxeut4QKzTD+5DH3MGLC3VksowsHH1BToJ
xnX28nDu4Afaea7XIYzXXjZ/LcgHtgBh/Fx/foTFTYI4FhlcI/hmJi+5yrEV/PiP
Nt7NKgrchQ4V6Ck1GsNtD+Dn2IzDUnZ3iZwIWtFrWKJ7CnSgx8QG+AF58wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHyQB9KLouio11MPvAdp3Um21/uMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv9Z3eOC9
oCcPDxWWYkDDOk7ZSL/ebEOiykEFoyoa5wt+kgj1/MzIk12ol8EcpoTEuU3TcM0C
337LxWm8f9R7v+Qiv0r+2b21epjsAE8m+0WnZM0RFiqzL2OYeAg6h1DeVedlGjQL
TBKAH2blzSRfy6Ws/rLnnq0xIrSwGkr0fb3knuh/GL3jjV4tGPs3nJKtihpBcKWs
X/9Dvdq9mS2CusCWt/E6AZcfYKiMqU/3PkHvzkn7uUkxWmtm7jsh9WK0CQLEUhbc
Am+ifeoJ+xGQE1zZ4vB9FXn0lgux1I6X11OMPL0vTJxyaXigtE76mldNQaWZ8gpb
aX3cAZ+BbjtMpg==
-----END CERTIFICATE-----