Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          9sCNw00RI39+pwx9eH+AD9+fa1j2wGzf2d4e801SQw8=
Subject key identifier:   C5:E4:F4:B4:40:EE:E8:A4:DC:A3:5E:A3:D2:9C:94:6A:0B:65:D3:F2
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       01974FD81A7A3E6F2342122289BF23F1940E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          0159
Signing time:             Sun 08 Jun 2025 14:00:51 +0000
Manifest this update:     Sun 08 Jun 2025 14:00:51 +0000
Manifest next update:     Mon 09 Jun 2025 14:00:51 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: QKn4gkShu0uZ/ur4A7W89U7XFb2C+/vH1W5MM4MYk/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 14:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:d8:1a:7a:3e:6f:23:42:12:22:89:bf:23:f1:94:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Jun  8 14:00:51 2025 GMT
            Not After : Jun  9 14:00:51 2025 GMT
        Subject: CN=c5e4f4b440eee8a4dca35ea3d29c946a0b65d3f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:2d:11:34:e3:68:b8:76:d1:ba:91:15:23:56:
                    90:1c:88:07:c3:10:ae:77:20:dd:c8:34:20:6c:99:
                    6d:a4:95:2f:5c:f2:e6:ae:a2:2b:cf:15:51:8b:c5:
                    bc:07:ee:e2:18:aa:bd:e5:43:5d:bc:01:88:ac:b9:
                    56:48:78:e3:3f:42:1f:eb:67:3d:79:59:5b:d9:1c:
                    37:3c:f7:21:6f:96:35:40:60:1e:cf:43:f6:ec:ab:
                    f7:6b:02:b8:04:1b:44:a6:7a:59:3f:e7:b9:63:10:
                    2c:88:bb:50:b0:63:86:fc:71:11:0c:4b:a2:fd:12:
                    b3:e4:0c:57:0c:f2:d8:3c:f1:6d:69:d5:61:93:c9:
                    49:ea:eb:ba:fd:7d:40:b1:0a:a1:fa:cc:d3:d7:b6:
                    c0:45:e9:79:e2:67:a9:24:7d:69:8a:86:6e:c9:fb:
                    48:9c:e5:3a:26:99:1c:c5:75:5b:f1:18:f2:bc:df:
                    e6:73:af:2b:bd:f5:85:2a:74:50:9b:5b:76:61:b4:
                    12:c2:33:73:81:ea:57:f1:93:c3:98:0c:f0:20:e7:
                    21:9f:d8:9d:c1:ba:27:d0:65:f8:69:45:78:5c:22:
                    f1:0d:e8:f2:76:22:e7:70:b5:0e:0e:dc:97:9b:7b:
                    0a:73:dd:c3:0d:39:ea:b6:0a:a7:03:9d:3f:7b:c0:
                    dc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E4:F4:B4:40:EE:E8:A4:DC:A3:5E:A3:D2:9C:94:6A:0B:65:D3:F2
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:4b:b0:44:4b:53:f3:19:de:bb:9e:23:65:29:7f:4d:f6:87:
         99:c8:21:5b:9c:63:1b:34:43:cf:d9:7c:3a:51:32:3f:a7:33:
         4b:21:e1:73:83:4d:a0:c6:57:6d:0a:b3:f2:27:e9:19:e7:56:
         00:8d:a3:62:f9:ca:a2:a1:12:20:f0:5f:81:db:50:88:bd:31:
         60:51:d6:4b:5e:c4:86:ce:24:79:c2:4e:0c:d0:90:b5:d0:2a:
         e8:7f:8f:13:46:0c:b7:1d:1a:cb:86:1c:c3:b5:ad:b9:89:88:
         4b:4c:72:74:f3:fa:38:a6:23:57:0e:e8:3b:7b:5e:05:db:32:
         ec:17:a1:8e:90:75:08:ce:ee:2c:a3:8c:ff:cd:7f:fe:c6:8a:
         69:51:1e:a3:71:88:f8:12:38:0b:83:2a:ad:14:ab:70:44:cd:
         f3:f0:e0:a8:35:1d:71:20:9a:1b:0e:58:f4:01:fb:48:65:db:
         7f:0a:f3:7d:15:58:56:7e:c5:1b:a0:95:63:0a:f4:b2:d5:62:
         ed:df:ac:76:22:ae:23:66:71:66:eb:5d:ca:1d:6c:fb:38:c3:
         a4:72:82:cc:d2:d5:81:d7:3d:20:d8:6a:91:7f:34:6a:fd:1f:
         2f:50:26:7b:a8:3f:0d:4e:90:a6:1c:1d:0d:1f:d9:01:61:1c:
         90:40:99:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdP2Bp6Pm8jQhIiib8j8ZQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjUwNjA4MTQwMDUxWhcNMjUwNjA5MTQwMDUxWjAzMTEwLwYDVQQD
EyhjNWU0ZjRiNDQwZWVlOGE0ZGNhMzVlYTNkMjljOTQ2YTBiNjVkM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7C0RNONouHbRupEVI1aQHIgHwxCu
dyDdyDQgbJltpJUvXPLmrqIrzxVRi8W8B+7iGKq95UNdvAGIrLlWSHjjP0If62c9
eVlb2Rw3PPchb5Y1QGAez0P27Kv3awK4BBtEpnpZP+e5YxAsiLtQsGOG/HERDEui
/RKz5AxXDPLYPPFtadVhk8lJ6uu6/X1AsQqh+szT17bARel54mepJH1pioZuyftI
nOU6JpkcxXVb8RjyvN/mc68rvfWFKnRQm1t2YbQSwjNzgepX8ZPDmAzwIOchn9id
wbon0GX4aUV4XCLxDejydiLncLUODtyXm3sKc93DDTnqtgqnA50/e8DctQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXk9LRA7uik3KNeo9KclGoLZdPyMB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkUuwREtT
8xneu54jZSl/TfaHmcghW5xjGzRDz9l8OlEyP6czSyHhc4NNoMZXbQqz8ifpGedW
AI2jYvnKoqESIPBfgdtQiL0xYFHWS17Ehs4kecJODNCQtdAq6H+PE0YMtx0ay4Yc
w7WtuYmIS0xydPP6OKYjVw7oO3teBdsy7BehjpB1CM7uLKOM/81//saKaVEeo3GI
+BI4C4MqrRSrcETN8/DgqDUdcSCaGw5Y9AH7SGXbfwrzfRVYVn7FG6CVYwr0stVi
7d+sdiKuI2ZxZutdyh1s+zjDpHKCzNLVgdc9INhqkX80av0fL1Ame6g/DU6Qphwd
DR/ZAWEckECZ1g==
-----END CERTIFICATE-----