Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          +ExwLGIsRKrFXcjuYQyIn5+YgZ8V8HZ7g0g/mEnFGJQ=
Subject key identifier:   F5:4D:5D:E2:49:E3:35:F7:AA:CD:36:F7:B2:B1:FF:EA:46:78:0C:31
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       0197D776B5E7762B9923EAAE3509E89D3194
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          0FAC
Signing time:             Fri 04 Jul 2025 22:02:50 +0000
Manifest this update:     Fri 04 Jul 2025 22:02:50 +0000
Manifest next update:     Sat 05 Jul 2025 22:02:50 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: 7UmFHppYlKDkTDIzy3qh9dQtBbvq9BKk8Gy3a/PkPYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d7:76:b5:e7:76:2b:99:23:ea:ae:35:09:e8:9d:31:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Jul  4 22:02:50 2025 GMT
            Not After : Jul  5 22:02:50 2025 GMT
        Subject: CN=f54d5de249e335f7aacd36f7b2b1ffea46780c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bd:56:96:b7:53:6a:64:3c:9b:2a:bf:00:5f:
                    c4:62:02:4e:b2:1e:ed:cd:14:c6:70:d4:b3:6c:06:
                    3e:23:83:27:6d:b7:04:95:ae:b1:d4:2e:15:a7:e6:
                    23:8b:0c:b8:4a:95:78:84:94:8e:50:81:c3:83:09:
                    62:1a:13:c4:82:1e:90:4b:fd:4e:71:ba:7f:d6:7d:
                    29:86:81:b0:d4:a1:02:fd:33:6b:d6:59:f6:8b:4a:
                    34:bb:73:ff:ab:ed:2b:cf:52:66:75:8e:8b:f6:3e:
                    1a:b5:f9:05:1e:59:a6:3f:b7:50:58:6d:92:17:33:
                    9d:a2:9d:68:82:79:b3:9a:8d:c2:73:23:a1:72:03:
                    5d:04:de:63:f8:c5:a6:22:50:70:8c:75:0b:26:1b:
                    e1:4f:37:73:b3:8f:f9:f1:a1:07:fc:cc:00:1f:08:
                    7c:d6:37:5d:01:58:9d:f3:18:81:92:b6:f6:9c:d2:
                    c4:ad:8b:e4:9a:c9:9f:33:cb:51:fd:fb:69:af:81:
                    16:ee:54:f5:96:71:71:d6:67:e4:ec:fb:84:1e:9c:
                    38:ad:9a:51:26:65:56:58:93:53:0f:1a:57:7c:8e:
                    ef:e0:e0:e1:2e:5f:80:1c:f1:66:0f:51:b8:3d:fb:
                    a4:73:ad:95:d0:e3:24:b8:48:a6:1f:da:0f:97:c4:
                    b1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:4D:5D:E2:49:E3:35:F7:AA:CD:36:F7:B2:B1:FF:EA:46:78:0C:31
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:8a:8a:ed:ef:87:cd:1c:53:2a:3c:3b:b1:fc:c6:ec:c7:d8:
         3d:de:d7:ca:fa:b4:b3:a4:a5:f7:30:8b:c4:76:1b:8c:cc:93:
         93:5b:0c:20:ed:b8:8d:09:dd:50:3a:97:69:c9:ab:6e:3e:ee:
         e4:46:90:79:7f:62:12:48:1c:18:e6:d6:c8:f9:13:7c:36:b4:
         db:59:00:7d:0e:05:7e:62:47:fd:88:20:09:c9:33:3a:7a:75:
         3b:b0:1b:95:51:ab:4c:ca:dc:86:3b:5d:90:5f:11:59:a8:0f:
         fd:22:04:3d:66:16:02:53:5c:4e:4e:91:6b:f9:94:91:64:2c:
         3f:44:71:ca:bd:e3:19:d3:54:48:de:f4:72:e0:85:76:9a:60:
         12:25:c8:2f:6e:cd:ba:28:fc:2d:24:6f:db:00:ba:55:ad:02:
         8a:94:20:1e:d4:23:fd:2e:9c:e8:6e:42:16:e3:c4:5c:56:54:
         91:26:31:50:64:16:3b:51:3c:bd:7b:fc:8f:ad:d5:02:fe:76:
         83:a0:5d:b9:4a:87:cf:b8:66:a1:1e:0d:e2:b1:3b:aa:67:9d:
         37:de:80:bf:fd:5d:61:00:99:88:5d:bb:22:dd:84:fd:c8:cb:
         9a:e1:c1:74:9a:3b:01:c7:ec:3f:6a:2b:4a:43:5c:24:cd:78:
         62:cf:59:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfXdrXndiuZI+quNQnonTGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjUwNzA0MjIwMjUwWhcNMjUwNzA1MjIwMjUwWjAzMTEwLwYDVQQD
EyhmNTRkNWRlMjQ5ZTMzNWY3YWFjZDM2ZjdiMmIxZmZlYTQ2NzgwYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs71WlrdTamQ8myq/AF/EYgJOsh7t
zRTGcNSzbAY+I4MnbbcEla6x1C4Vp+Yjiwy4SpV4hJSOUIHDgwliGhPEgh6QS/1O
cbp/1n0phoGw1KEC/TNr1ln2i0o0u3P/q+0rz1JmdY6L9j4atfkFHlmmP7dQWG2S
FzOdop1ognmzmo3CcyOhcgNdBN5j+MWmIlBwjHULJhvhTzdzs4/58aEH/MwAHwh8
1jddAVid8xiBkrb2nNLErYvkmsmfM8tR/ftpr4EW7lT1lnFx1mfk7PuEHpw4rZpR
JmVWWJNTDxpXfI7v4ODhLl+AHPFmD1G4Pfukc62V0OMkuEimH9oPl8SxPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVNXeJJ4zX3qs0297Kx/+pGeAwxMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkYqK7e+H
zRxTKjw7sfzG7MfYPd7Xyvq0s6Sl9zCLxHYbjMyTk1sMIO24jQndUDqXacmrbj7u
5EaQeX9iEkgcGObWyPkTfDa021kAfQ4FfmJH/YggCckzOnp1O7AblVGrTMrchjtd
kF8RWagP/SIEPWYWAlNcTk6Ra/mUkWQsP0Rxyr3jGdNUSN70cuCFdppgEiXIL27N
uij8LSRv2wC6Va0CipQgHtQj/S6c6G5CFuPEXFZUkSYxUGQWO1E8vXv8j63VAv52
g6BduUqHz7hmoR4N4rE7qmedN96Av/1dYQCZiF27It2E/cjLmuHBdJo7AcfsP2or
SkNcJM14Ys9Zkg==
-----END CERTIFICATE-----