Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          GdW8lwcmefAczC4rwiNk6YtpJR9JduLjKAvYrhk2jGU=
Subject key identifier:   F7:E9:F8:C4:C4:6D:74:E3:26:80:77:7F:59:4E:F3:4C:75:17:06:94
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       01963FF9A9168EBABB65EF2335F2E90E4707
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          0286
Signing time:             Wed 16 Apr 2025 19:00:48 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:48 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:48 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: jrzh3w44+clYc1gBV/gCp3EuA7nAdFWQe6xEVq6hvIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:a9:16:8e:ba:bb:65:ef:23:35:f2:e9:0e:47:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Apr 16 19:00:48 2025 GMT
            Not After : Apr 17 19:00:48 2025 GMT
        Subject: CN=f7e9f8c4c46d74e32680777f594ef34c75170694
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b5:c8:ae:37:e8:82:ad:ff:0b:53:13:d7:1d:
                    f2:bd:ca:dd:9c:c2:4a:5d:44:b7:d5:9b:bf:d3:27:
                    eb:0d:55:92:20:74:89:23:78:ff:13:a2:09:93:36:
                    c9:06:2b:dc:b3:41:a5:6b:78:54:e4:24:99:16:c2:
                    b8:fa:63:07:6e:ae:a6:c1:5f:93:44:f0:55:80:e2:
                    6e:44:74:71:ee:9f:7c:fd:8c:05:7d:5c:b4:1a:ba:
                    d2:6b:39:d6:da:94:2d:6b:f6:7f:e1:fb:01:23:93:
                    6a:9a:6a:24:4c:5b:af:d1:a2:23:53:9a:78:65:d7:
                    60:c7:6e:4d:0a:a0:08:e5:a8:5c:3f:dc:ce:bf:03:
                    41:6b:14:2b:91:b1:a3:5e:99:74:38:06:e3:2c:45:
                    b4:e9:f5:9a:e8:1e:22:dd:26:20:29:9b:cf:60:0f:
                    45:c3:cc:f8:fe:23:86:29:f4:ea:d3:be:d2:6b:f0:
                    7b:bd:bc:46:fa:20:12:54:0a:7a:e2:2b:a7:f7:f1:
                    0a:ba:d5:d1:5e:39:29:d6:4f:42:c3:b9:50:12:89:
                    5d:c0:52:18:52:a7:59:36:0d:ea:27:b7:37:42:33:
                    d4:94:d3:c3:af:8b:6b:33:b1:0a:89:d4:5a:7e:26:
                    e0:91:6c:83:38:88:0c:7f:80:ac:d5:eb:f9:bb:37:
                    ff:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:E9:F8:C4:C4:6D:74:E3:26:80:77:7F:59:4E:F3:4C:75:17:06:94
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:d9:e7:bf:0c:50:cb:1e:f1:b6:0d:d9:0b:39:6d:7c:7f:e6:
         43:59:5d:b4:47:7d:61:f0:0a:8f:a0:35:2c:ad:29:98:51:ab:
         c5:98:44:1d:94:18:90:19:0a:3d:cf:1e:ad:35:70:1f:c7:97:
         bc:a8:44:36:ce:27:aa:b9:6a:e9:10:8c:7f:21:a5:d7:3c:9d:
         f0:1a:03:c3:60:90:45:6e:04:c2:57:63:e6:bf:e4:cf:5e:d8:
         21:58:b7:e5:63:e6:7e:1a:0a:03:4d:93:33:f0:ea:86:68:8b:
         fe:5b:85:5b:f8:c0:19:b3:79:c8:1f:aa:03:61:5d:97:da:1b:
         da:45:7d:3c:82:3f:e3:3d:71:7c:d1:27:74:48:b7:3e:12:95:
         2a:d7:3a:97:81:7a:f2:04:a8:04:f0:b9:3c:3c:15:4e:1b:dc:
         11:dc:15:08:02:b2:a8:e1:2c:9e:b1:f0:ed:34:ad:4a:f0:64:
         22:ee:d4:30:65:23:41:63:b3:2d:2b:39:5c:38:4f:ca:f1:90:
         54:3a:4d:06:56:27:fe:6f:8e:8e:f2:32:bd:1e:fd:51:d1:d1:
         92:32:27:0a:c0:ed:5c:d8:cb:d2:76:49:ca:57:68:01:ef:70:
         44:24:32:5a:dd:46:50:a2:0b:35:eb:b2:ca:61:9a:77:91:28:
         58:77:df:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+akWjrq7Ze8jNfLpDkcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjUwNDE2MTkwMDQ4WhcNMjUwNDE3MTkwMDQ4WjAzMTEwLwYDVQQD
EyhmN2U5ZjhjNGM0NmQ3NGUzMjY4MDc3N2Y1OTRlZjM0Yzc1MTcwNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubXIrjfogq3/C1MT1x3yvcrdnMJK
XUS31Zu/0yfrDVWSIHSJI3j/E6IJkzbJBivcs0Gla3hU5CSZFsK4+mMHbq6mwV+T
RPBVgOJuRHRx7p98/YwFfVy0GrrSaznW2pQta/Z/4fsBI5NqmmokTFuv0aIjU5p4
Zddgx25NCqAI5ahcP9zOvwNBaxQrkbGjXpl0OAbjLEW06fWa6B4i3SYgKZvPYA9F
w8z4/iOGKfTq077Sa/B7vbxG+iASVAp64iun9/EKutXRXjkp1k9Cw7lQEoldwFIY
UqdZNg3qJ7c3QjPUlNPDr4trM7EKidRafibgkWyDOIgMf4Cs1ev5uzf/OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfp+MTEbXTjJoB3f1lO80x1FwaUMB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUNnnvwxQ
yx7xtg3ZCzltfH/mQ1ldtEd9YfAKj6A1LK0pmFGrxZhEHZQYkBkKPc8erTVwH8eX
vKhENs4nqrlq6RCMfyGl1zyd8BoDw2CQRW4Ewldj5r/kz17YIVi35WPmfhoKA02T
M/DqhmiL/luFW/jAGbN5yB+qA2Fdl9ob2kV9PII/4z1xfNEndEi3PhKVKtc6l4F6
8gSoBPC5PDwVThvcEdwVCAKyqOEsnrHw7TStSvBkIu7UMGUjQWOzLSs5XDhPyvGQ
VDpNBlYn/m+OjvIyvR79UdHRkjInCsDtXNjL0nZJyldoAe9wRCQyWt1GUKILNeuy
ymGad5EoWHffjQ==
-----END CERTIFICATE-----