Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          cggLknJMnItSz9x64D59ZHzwdDLTfbRQ478FJ1G+DpE=
Subject key identifier:   C4:C8:CD:C4:DD:C3:97:5D:F4:93:19:11:17:29:2B:82:8F:36:43:78
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       01976D3D499AC91DE7A1722AD429088BEF3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          0322
Signing time:             Sat 14 Jun 2025 07:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:22 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: BD8ec5L05L6uPBP3ofd7ZeAwc+hxntYw23wJvURE1gA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:49:9a:c9:1d:e7:a1:72:2a:d4:29:08:8b:ef:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Jun 14 07:00:22 2025 GMT
            Not After : Jun 15 07:00:22 2025 GMT
        Subject: CN=c4c8cdc4ddc3975df493191117292b828f364378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:66:38:a1:52:39:ff:cb:48:82:c2:7e:c9:67:
                    e5:e7:2a:4d:09:63:42:25:1e:11:1f:c4:f6:cd:c3:
                    59:10:ff:b6:b3:02:9e:22:ee:a9:16:45:8b:49:77:
                    06:65:a2:ba:ae:40:45:88:24:39:0e:cb:81:40:da:
                    4d:89:e6:4d:61:63:4e:77:6a:a4:22:66:35:b7:cb:
                    ea:2c:ee:18:60:06:d9:c6:ce:8b:9e:5f:73:52:55:
                    78:bf:da:15:0f:be:b2:3a:d6:ed:9e:4a:10:5f:d8:
                    d4:63:07:74:89:f6:3e:c8:ad:7e:d9:10:b7:ea:5b:
                    0f:73:b0:7e:d7:4e:9c:ab:62:0d:bf:ca:12:58:52:
                    25:45:91:35:b4:24:44:8a:82:8d:d1:84:f4:c6:cf:
                    6f:5d:4b:46:da:30:fb:76:8b:6f:a4:70:0c:f2:b1:
                    0a:59:c3:71:37:10:82:3b:04:ad:d5:1a:1e:7c:e9:
                    1a:43:eb:60:d7:c4:7e:02:79:91:8e:78:12:3f:69:
                    16:56:01:3c:c3:7c:64:cb:0d:b6:0f:e3:68:15:ce:
                    c5:2f:89:80:12:f2:f0:e5:7f:c6:d4:51:a6:0b:55:
                    dc:2e:ec:6b:76:18:63:01:23:56:48:0e:80:5e:55:
                    0c:f3:a3:c9:36:b3:28:6a:c3:02:f5:eb:f4:4e:3b:
                    da:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:C8:CD:C4:DD:C3:97:5D:F4:93:19:11:17:29:2B:82:8F:36:43:78
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:5b:46:b3:c6:93:91:32:a3:b1:86:1c:8f:66:43:16:2c:8e:
         16:69:3c:11:f5:70:ed:23:13:8e:b5:90:c5:e8:21:86:ad:f2:
         81:5b:be:db:12:cf:69:55:01:d8:b8:cf:fd:f8:2e:96:c2:53:
         cf:16:4b:2d:38:68:58:9e:be:d7:b6:b4:3c:6d:67:fb:e7:2b:
         a7:ea:7b:52:2c:59:83:0a:3a:be:2b:be:f3:55:c3:3a:db:f9:
         2d:fc:c7:1c:a7:49:ed:9f:c9:34:f7:a7:eb:49:bc:31:0b:74:
         28:75:15:52:c0:53:e9:91:1d:93:a6:43:a8:c3:a9:17:6c:34:
         40:04:60:e0:f3:a7:a4:fb:fc:45:f3:5c:a9:73:d2:a0:7c:ab:
         d6:d0:1f:86:95:c6:90:e0:c6:a5:39:09:38:3e:fe:bf:ab:73:
         5a:bf:87:e4:ac:7f:91:bd:b6:86:35:67:02:c3:f8:b6:fa:ad:
         9a:d6:76:29:c4:29:95:37:3f:67:49:e4:eb:4b:46:26:c1:28:
         84:24:92:d5:f1:47:4d:ca:05:48:14:0c:b5:5c:f7:08:2d:d4:
         a2:24:e6:62:86:1b:c8:c1:6f:14:46:4e:5d:4a:0c:9e:71:e0:
         e5:17:2a:bc:05:98:99:fc:e6:af:5d:55:87:f6:54:14:b0:03:
         48:03:1b:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPUmayR3noXIq1CkIi+88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjUwNjE0MDcwMDIyWhcNMjUwNjE1MDcwMDIyWjAzMTEwLwYDVQQD
EyhjNGM4Y2RjNGRkYzM5NzVkZjQ5MzE5MTExNzI5MmI4MjhmMzY0Mzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2Y4oVI5/8tIgsJ+yWfl5ypNCWNC
JR4RH8T2zcNZEP+2swKeIu6pFkWLSXcGZaK6rkBFiCQ5DsuBQNpNieZNYWNOd2qk
ImY1t8vqLO4YYAbZxs6Lnl9zUlV4v9oVD76yOtbtnkoQX9jUYwd0ifY+yK1+2RC3
6lsPc7B+106cq2INv8oSWFIlRZE1tCREioKN0YT0xs9vXUtG2jD7dotvpHAM8rEK
WcNxNxCCOwSt1RoefOkaQ+tg18R+AnmRjngSP2kWVgE8w3xkyw22D+NoFc7FL4mA
EvLw5X/G1FGmC1XcLuxrdhhjASNWSA6AXlUM86PJNrMoasMC9ev0Tjva4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTIzcTdw5dd9JMZERcpK4KPNkN4MB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1tGs8aT
kTKjsYYcj2ZDFiyOFmk8EfVw7SMTjrWQxeghhq3ygVu+2xLPaVUB2LjP/fgulsJT
zxZLLThoWJ6+17a0PG1n++crp+p7UixZgwo6viu+81XDOtv5LfzHHKdJ7Z/JNPen
60m8MQt0KHUVUsBT6ZEdk6ZDqMOpF2w0QARg4POnpPv8RfNcqXPSoHyr1tAfhpXG
kODGpTkJOD7+v6tzWr+H5Kx/kb22hjVnAsP4tvqtmtZ2KcQplTc/Z0nk60tGJsEo
hCSS1fFHTcoFSBQMtVz3CC3UoiTmYoYbyMFvFEZOXUoMnnHg5RcqvAWYmfzmr11V
h/ZUFLADSAMbwA==
-----END CERTIFICATE-----