Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          430KN9FgAD0FenTpG1QLORSsim5B3mB39kZkhJurizw=
Subject key identifier:   F8:44:48:0F:A8:52:BE:68:A3:19:B6:E1:DE:6C:EA:ED:8F:9D:AE:D3
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       01964EC77B70605B77BC204AA6AA7DE839DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          139F
Signing time:             Sat 19 Apr 2025 16:00:18 +0000
Manifest this update:     Sat 19 Apr 2025 16:00:18 +0000
Manifest next update:     Sun 20 Apr 2025 16:00:18 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: e4ygzqZdNrJXAr5loeqaNrSvnBBfEErsGUzxQIcxOuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:c7:7b:70:60:5b:77:bc:20:4a:a6:aa:7d:e8:39:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Apr 19 16:00:18 2025 GMT
            Not After : Apr 20 16:00:18 2025 GMT
        Subject: CN=f844480fa852be68a319b6e1de6ceaed8f9daed3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7a:38:78:30:56:7c:e8:ce:59:ab:1d:17:05:
                    a5:a1:c7:dc:34:36:c5:a1:9f:75:7e:18:6d:0a:2c:
                    b8:98:47:aa:90:13:69:7f:ea:17:11:75:14:ae:85:
                    7d:9d:fa:56:c4:2b:20:b7:53:b9:32:46:38:e6:10:
                    75:ba:ba:bb:3b:54:f3:bf:80:6d:e1:59:22:08:5e:
                    2a:38:85:24:f7:a4:34:05:0c:20:e1:22:3e:eb:1e:
                    d1:08:95:a7:92:2f:7a:54:92:69:39:78:a5:c3:90:
                    f5:01:b5:c1:7c:fb:1a:33:4b:c6:b9:2f:62:04:a1:
                    7a:0e:a8:2e:b7:c8:d8:d5:66:e0:37:4e:7f:13:c0:
                    93:e4:66:76:64:83:d0:4c:db:26:99:aa:52:0f:12:
                    08:26:ce:99:43:02:ff:9b:30:8e:2c:4d:52:a2:a7:
                    e8:ce:d4:17:44:dd:5f:3a:48:b3:7b:2d:b6:b7:bc:
                    53:70:f2:49:d3:a1:ab:b5:be:9a:f3:b9:30:cd:bf:
                    0c:e0:9f:90:43:f6:4d:c1:db:81:d1:b4:99:c4:27:
                    ea:de:20:3f:59:a1:50:6a:10:6c:8b:30:fb:51:38:
                    7e:81:81:44:2b:08:af:a7:cd:d5:49:51:db:da:53:
                    20:4f:73:df:d3:e0:c4:27:cc:05:6d:21:70:e9:c5:
                    7e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:44:48:0F:A8:52:BE:68:A3:19:B6:E1:DE:6C:EA:ED:8F:9D:AE:D3
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:1d:b6:d7:f9:a6:0b:84:01:8b:0b:0a:8d:b7:21:c7:0c:51:
         e9:c1:a3:84:e6:4e:89:53:79:8e:17:c8:01:81:9d:05:37:4e:
         bd:d6:93:b8:40:43:bc:39:1b:00:c0:6a:47:e1:7a:70:61:13:
         61:01:f4:00:6c:33:6d:91:32:86:44:00:62:6f:31:d5:7b:ec:
         6f:c0:6e:b1:9d:2c:ce:41:41:26:0d:31:f5:b3:0b:21:d1:6c:
         16:9c:11:bc:c0:d9:06:1f:fd:64:e1:8a:f5:45:a3:65:01:02:
         97:14:87:18:24:5f:23:06:c4:f9:3f:11:12:e6:cd:0d:fc:93:
         b9:33:2c:cf:2e:71:50:75:dc:ac:03:e9:9b:a2:6b:ef:d5:6d:
         44:b2:16:07:f6:65:8d:b1:fc:38:9d:6f:ad:c4:8d:f9:57:5f:
         8c:57:ae:c2:c6:7d:ee:03:b4:ed:2f:85:62:6b:b9:95:fb:80:
         b1:65:0d:aa:34:1c:63:dc:ef:6c:b1:c7:17:27:b2:6a:07:b0:
         dc:42:06:50:60:ca:bb:54:5f:08:74:3d:4f:75:e7:38:d9:08:
         c4:6b:57:2d:68:cc:57:d7:18:0a:ba:c3:e0:fe:d4:71:27:f0:
         8c:45:c9:55:13:47:47:21:32:bf:f3:0e:70:c1:aa:5a:9e:b7:
         6a:ce:df:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOx3twYFt3vCBKpqp96DnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUwNDE5MTYwMDE4WhcNMjUwNDIwMTYwMDE4WjAzMTEwLwYDVQQD
EyhmODQ0NDgwZmE4NTJiZTY4YTMxOWI2ZTFkZTZjZWFlZDhmOWRhZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXo4eDBWfOjOWasdFwWlocfcNDbF
oZ91fhhtCiy4mEeqkBNpf+oXEXUUroV9nfpWxCsgt1O5MkY45hB1urq7O1Tzv4Bt
4VkiCF4qOIUk96Q0BQwg4SI+6x7RCJWnki96VJJpOXilw5D1AbXBfPsaM0vGuS9i
BKF6Dqgut8jY1WbgN05/E8CT5GZ2ZIPQTNsmmapSDxIIJs6ZQwL/mzCOLE1Soqfo
ztQXRN1fOkizey22t7xTcPJJ06Grtb6a87kwzb8M4J+QQ/ZNwduB0bSZxCfq3iA/
WaFQahBsizD7UTh+gYFEKwivp83VSVHb2lMgT3Pf0+DEJ8wFbSFw6cV+9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhESA+oUr5ooxm24d5s6u2Pna7TMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxx221/mm
C4QBiwsKjbchxwxR6cGjhOZOiVN5jhfIAYGdBTdOvdaTuEBDvDkbAMBqR+F6cGET
YQH0AGwzbZEyhkQAYm8x1Xvsb8BusZ0szkFBJg0x9bMLIdFsFpwRvMDZBh/9ZOGK
9UWjZQEClxSHGCRfIwbE+T8REubNDfyTuTMszy5xUHXcrAPpm6Jr79VtRLIWB/Zl
jbH8OJ1vrcSN+VdfjFeuwsZ97gO07S+FYmu5lfuAsWUNqjQcY9zvbLHHFyeyagew
3EIGUGDKu1RfCHQ9T3XnONkIxGtXLWjMV9cYCrrD4P7UcSfwjEXJVRNHRyEyv/MO
cMGqWp63as7foQ==
-----END CERTIFICATE-----