Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          AVbbHLqZfKTp827IQbLSM+Fm1v+j+2JgZpb7qMt/v8s=
Subject key identifier:   AD:AF:D1:BA:BE:1D:0E:7F:2C:8D:10:37:C4:7D:E5:31:82:A7:01:E5
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       01958EF32B16F92E8D44364D730DC58D81AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          1493
Signing time:             Thu 13 Mar 2025 10:00:55 +0000
Manifest this update:     Thu 13 Mar 2025 10:00:55 +0000
Manifest next update:     Fri 14 Mar 2025 10:00:55 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: mRctEhprqlZ0Xk7HhGS1Ar+SCepQYkmefG6zhSr57NU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:f3:2b:16:f9:2e:8d:44:36:4d:73:0d:c5:8d:81:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Mar 13 10:00:55 2025 GMT
            Not After : Mar 14 10:00:55 2025 GMT
        Subject: CN=adafd1babe1d0e7f2c8d1037c47de53182a701e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ac:f8:4a:40:10:e4:06:e5:b0:5f:8a:d3:37:
                    fb:8b:1f:65:b9:f6:c8:99:27:4b:ea:98:09:76:e0:
                    fa:81:09:60:25:46:95:69:86:f3:36:c0:39:39:70:
                    8f:84:09:d0:ac:91:16:78:34:bd:8e:77:9a:f5:23:
                    d9:16:fa:17:3c:ce:0f:85:f2:46:7a:3b:24:d9:fa:
                    0f:a8:27:43:73:e1:b0:ba:e1:70:4d:3e:85:9f:e1:
                    0b:fa:aa:89:ae:98:83:2b:93:95:16:74:00:fa:ac:
                    a5:fb:ac:13:93:ed:8b:e3:84:79:01:12:70:e8:02:
                    a1:66:d1:c1:51:9b:96:0c:73:73:a0:cb:e5:58:a5:
                    c7:a3:a2:2c:66:fa:bd:53:81:e8:fc:0e:33:13:52:
                    f0:fb:9f:51:25:d2:34:e2:e6:6f:e2:ac:e5:e1:2b:
                    8c:16:03:35:75:bd:96:75:88:05:64:4a:40:fd:d4:
                    ee:23:15:04:5e:9f:b1:20:82:60:4b:3b:81:c6:1c:
                    1e:fb:d7:13:6c:02:b1:ae:be:9d:65:17:2f:44:5b:
                    b8:55:63:56:9c:85:8b:a6:5d:f0:44:c0:04:66:49:
                    73:ee:47:1a:d3:33:d7:fe:ca:50:a7:0e:d5:a4:b0:
                    64:db:81:a1:c6:52:0c:e9:94:2e:bb:f2:b2:a0:e1:
                    22:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:AF:D1:BA:BE:1D:0E:7F:2C:8D:10:37:C4:7D:E5:31:82:A7:01:E5
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:5d:c8:48:8f:cd:f1:86:6e:a6:71:5a:60:56:c6:99:87:5e:
         77:6e:33:af:a2:13:31:86:d9:38:4e:8d:c7:9c:bf:eb:2a:02:
         83:0c:b1:12:6f:7b:9e:3f:5b:f3:e2:c2:2c:ac:f0:b3:a4:4f:
         25:af:74:29:39:cc:1e:2f:a8:91:f9:1e:68:38:f0:75:4f:48:
         dc:d4:5b:7f:9a:df:00:f1:b8:57:9b:f2:a7:65:aa:0b:9b:8d:
         52:ae:73:ac:cb:02:ee:be:d8:87:b4:f2:6a:43:b8:19:82:50:
         fb:09:6a:f2:27:2f:31:aa:de:8b:7a:bd:49:f6:17:55:75:1d:
         22:74:e2:b3:17:0f:68:36:5b:9f:00:dd:b9:92:cb:0d:8f:a3:
         84:ba:b0:4c:8c:f0:01:2f:77:61:c6:47:67:4e:85:9c:1c:99:
         32:61:f2:2c:43:69:66:77:c8:7c:0f:a7:6e:ba:dc:ee:61:c6:
         e5:3b:13:8a:fe:cd:57:30:75:0c:3d:21:33:db:82:0b:72:c7:
         23:51:bb:8b:8d:1d:b9:56:3b:da:75:d1:a5:a9:a3:26:e9:88:
         45:27:74:d2:38:01:dd:15:18:25:6d:b0:ba:fe:cd:78:22:8b:
         3c:0e:f9:f0:36:69:81:42:21:3b:3e:16:4e:6f:bb:49:1c:6f:
         cd:f1:64:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO8ysW+S6NRDZNcw3FjYGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwMzEzMTAwMDU1WhcNMjUwMzE0MTAwMDU1WjAzMTEwLwYDVQQD
EyhhZGFmZDFiYWJlMWQwZTdmMmM4ZDEwMzdjNDdkZTUzMTgyYTcwMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76z4SkAQ5AblsF+K0zf7ix9lufbI
mSdL6pgJduD6gQlgJUaVaYbzNsA5OXCPhAnQrJEWeDS9jnea9SPZFvoXPM4PhfJG
ejsk2foPqCdDc+GwuuFwTT6Fn+EL+qqJrpiDK5OVFnQA+qyl+6wTk+2L44R5ARJw
6AKhZtHBUZuWDHNzoMvlWKXHo6IsZvq9U4Ho/A4zE1Lw+59RJdI04uZv4qzl4SuM
FgM1db2WdYgFZEpA/dTuIxUEXp+xIIJgSzuBxhwe+9cTbAKxrr6dZRcvRFu4VWNW
nIWLpl3wRMAEZklz7kca0zPX/spQpw7VpLBk24GhxlIM6ZQuu/KyoOEi1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2v0bq+HQ5/LI0QN8R95TGCpwHlMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANl3ISI/N
8YZupnFaYFbGmYded24zr6ITMYbZOE6Nx5y/6yoCgwyxEm97nj9b8+LCLKzws6RP
Ja90KTnMHi+okfkeaDjwdU9I3NRbf5rfAPG4V5vyp2WqC5uNUq5zrMsC7r7Yh7Ty
akO4GYJQ+wlq8icvMarei3q9SfYXVXUdInTisxcPaDZbnwDduZLLDY+jhLqwTIzw
AS93YcZHZ06FnByZMmHyLENpZnfIfA+nbrrc7mHG5TsTiv7NVzB1DD0hM9uCC3LH
I1G7i40duVY72nXRpamjJumIRSd00jgB3RUYJW2wuv7NeCKLPA758DZpgUIhOz4W
Tm+7SRxvzfFkXw==
-----END CERTIFICATE-----