Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          +Gub2iqZV99bkR0r8fJVjA6gJgVCTTTvjascVZ5GVSA=
Subject key identifier:   3D:05:57:E1:7C:D6:8D:DC:9B:65:AC:B6:88:25:16:42:F1:E0:CF:BF
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       019923311F285A1BC03AC0554BF42CA5AD91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          024B
Signing time:             Sun 07 Sep 2025 08:00:45 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:45 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:45 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: v8iZsHa6hiQyASg7tUlNgmdghsbsT1gIWwk2K4upkF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:1f:28:5a:1b:c0:3a:c0:55:4b:f4:2c:a5:ad:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Sep  7 08:00:45 2025 GMT
            Not After : Sep  8 08:00:45 2025 GMT
        Subject: CN=3d0557e17cd68ddc9b65acb688251642f1e0cfbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:d0:32:9b:02:61:7b:83:ff:a0:de:6a:86:05:
                    72:dd:0a:ea:67:f1:32:45:21:30:eb:92:b1:3b:79:
                    13:a5:e2:7a:05:b4:9d:c1:4c:8a:7b:6c:da:7e:d7:
                    f9:96:e4:95:c8:e5:f7:82:c4:61:2d:bd:6b:34:c0:
                    e6:2f:eb:50:10:72:8c:69:6b:be:bb:b5:4a:80:bc:
                    c3:74:06:9e:c3:02:d6:3f:0a:e7:72:fa:6e:41:97:
                    29:9e:20:d8:25:71:ec:79:d5:97:08:dc:ab:b1:e4:
                    00:46:1f:ee:c3:45:b6:07:e6:8f:81:b6:8b:7a:bf:
                    bd:97:87:60:f9:ba:46:c5:08:e4:4a:73:ff:f6:ad:
                    99:ac:f1:38:2c:66:70:b4:1a:82:96:c5:ad:ba:91:
                    ad:87:c2:11:61:49:a6:a2:4a:3a:03:89:db:bd:ec:
                    c2:79:13:8a:75:4f:65:94:49:ad:2b:77:6d:c4:90:
                    33:85:f4:5e:9c:43:2e:a3:78:b6:9a:16:37:87:2a:
                    04:38:52:73:e1:d7:c4:95:77:e5:bc:15:78:81:44:
                    b4:12:25:f7:09:9b:a1:49:b9:96:c5:06:9d:be:fb:
                    8d:c9:57:fd:a9:33:04:b9:ae:68:18:f2:35:fd:fc:
                    c1:e8:68:e8:da:23:9b:49:87:1b:eb:8f:76:cd:8a:
                    52:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:05:57:E1:7C:D6:8D:DC:9B:65:AC:B6:88:25:16:42:F1:E0:CF:BF
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:5d:c4:1d:b2:9c:58:f5:c7:94:f6:44:b6:ba:01:9e:63:9a:
         d8:4c:04:5b:62:ab:64:91:af:c0:d7:30:90:3d:da:2e:55:f8:
         8d:24:d1:2c:85:f4:88:f7:99:b2:26:48:ea:04:15:d8:e1:ae:
         2b:2a:c4:36:df:e3:f0:0c:13:62:3c:cb:f4:ee:c0:42:7b:fd:
         88:65:4e:6d:ec:95:00:1f:d2:9f:85:5a:43:31:bf:7c:5a:19:
         16:23:b3:e2:d8:3e:43:b7:d6:f9:4e:39:9d:29:0a:35:1c:05:
         b5:55:1c:65:f7:02:a9:8a:7c:fe:f8:e8:ed:8e:bc:a5:bb:a4:
         72:1a:4b:e9:ff:db:34:cd:19:34:c0:4a:34:4b:9c:a3:b1:c5:
         f9:d5:83:72:4f:d3:c4:90:a1:45:90:e6:9e:13:fd:36:8c:56:
         59:71:cb:3c:ce:2b:f6:db:1d:27:78:fb:2f:8b:99:36:43:c6:
         84:db:08:3c:b0:42:e6:75:7a:b0:f9:34:22:6f:78:49:50:28:
         b9:ff:0e:dd:3d:0c:5d:38:ae:93:40:a2:cd:8f:ad:85:cf:4a:
         93:8c:99:6e:d0:21:0c:4c:48:6e:c5:0a:68:86:84:7a:32:c5:
         9d:99:96:53:8f:d4:a0:7c:63:c6:dd:5b:4a:37:4a:6a:9f:14:
         e3:c3:40:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMR8oWhvAOsBVS/Qspa2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjUwOTA3MDgwMDQ1WhcNMjUwOTA4MDgwMDQ1WjAzMTEwLwYDVQQD
EygzZDA1NTdlMTdjZDY4ZGRjOWI2NWFjYjY4ODI1MTY0MmYxZTBjZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9tAymwJhe4P/oN5qhgVy3QrqZ/Ey
RSEw65KxO3kTpeJ6BbSdwUyKe2zaftf5luSVyOX3gsRhLb1rNMDmL+tQEHKMaWu+
u7VKgLzDdAaewwLWPwrncvpuQZcpniDYJXHsedWXCNyrseQARh/uw0W2B+aPgbaL
er+9l4dg+bpGxQjkSnP/9q2ZrPE4LGZwtBqClsWtupGth8IRYUmmoko6A4nbvezC
eROKdU9llEmtK3dtxJAzhfRenEMuo3i2mhY3hyoEOFJz4dfElXflvBV4gUS0EiX3
CZuhSbmWxQadvvuNyVf9qTMEua5oGPI1/fzB6Gjo2iObSYcb6492zYpSDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0FV+F81o3cm2WstoglFkLx4M+/MB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApV3EHbKc
WPXHlPZEtroBnmOa2EwEW2KrZJGvwNcwkD3aLlX4jSTRLIX0iPeZsiZI6gQV2OGu
KyrENt/j8AwTYjzL9O7AQnv9iGVObeyVAB/Sn4VaQzG/fFoZFiOz4tg+Q7fW+U45
nSkKNRwFtVUcZfcCqYp8/vjo7Y68pbukchpL6f/bNM0ZNMBKNEuco7HF+dWDck/T
xJChRZDmnhP9NoxWWXHLPM4r9tsdJ3j7L4uZNkPGhNsIPLBC5nV6sPk0Im94SVAo
uf8O3T0MXTiuk0CizY+thc9Kk4yZbtAhDExIbsUKaIaEejLFnZmWU4/UoHxjxt1b
SjdKap8U48NAXw==
-----END CERTIFICATE-----