Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
File:                     QTsVW4BGJkf4WUaogk0in-6q--Y.mft (raw, json)
Hash identifier:          RPpJ6PXO+lfg5DHvf7BE929uOxrXI6B1MsM5DTqaRUg=
Subject key identifier:   0B:4D:86:B5:69:B7:EA:B1:8B:C3:57:38:E9:AA:85:81:D6:44:C0:7D
Authority key identifier: 41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6
Certificate issuer:       /CN=413b155b80462647f85946a8824d229feeaafbe6
Certificate serial:       019654251D1708E73E5BAFE024A97E1857B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
Manifest number:          7F
Signing time:             Sun 20 Apr 2025 17:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 17:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 17:00:40 +0000
Files and hashes:         1: QTsVW4BGJkf4WUaogk0in-6q--Y.crl (hash: IhYblf23s5ZujF2mvUx9I6dl9PuFlcjlr5nMkb1/3xA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:1d:17:08:e7:3e:5b:af:e0:24:a9:7e:18:57:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=413b155b80462647f85946a8824d229feeaafbe6
        Validity
            Not Before: Apr 20 17:00:40 2025 GMT
            Not After : Apr 21 17:00:40 2025 GMT
        Subject: CN=0b4d86b569b7eab18bc35738e9aa8581d644c07d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e3:a3:b1:22:44:58:2e:30:ea:a5:d6:3c:92:
                    09:0b:71:65:3f:f1:e9:8f:a3:a5:4e:bf:f1:18:5d:
                    44:21:59:0a:c0:0a:84:c6:50:6d:e9:2f:d1:1f:ad:
                    cc:3d:cc:76:d7:6a:b8:1b:19:ba:cd:e7:b2:2c:30:
                    a2:40:0a:7f:ba:16:5c:e7:34:fc:7a:1b:d7:2d:74:
                    a3:25:a5:4c:7d:79:fe:1a:26:37:3b:ab:9b:e8:c4:
                    5f:75:8c:af:fd:99:df:52:db:74:5e:89:f2:d2:0d:
                    a4:2e:63:ba:41:76:cd:48:fe:a9:8f:35:33:fc:ab:
                    3f:c2:85:ee:be:a3:2b:2b:0a:80:24:d3:0f:bf:0a:
                    a0:45:67:30:5b:39:03:a5:a1:04:f6:1f:bd:20:41:
                    af:e4:18:75:94:5e:05:8e:7d:b4:77:27:db:42:a4:
                    5c:50:60:89:f1:72:98:b7:14:cc:5e:b9:e1:4a:7d:
                    8d:cb:ea:a6:e8:2e:b6:b4:83:9b:30:4a:c7:e7:dc:
                    aa:dd:96:60:8c:5d:a8:8d:d4:49:d2:60:60:4f:b4:
                    52:0a:8f:04:f7:78:cd:9a:cc:a2:cf:a8:ab:77:38:
                    1f:a5:db:17:29:91:d1:07:c0:cf:7d:a4:f7:aa:47:
                    09:a9:ea:a4:1e:98:23:a2:a0:d8:a8:fd:3f:63:46:
                    31:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:4D:86:B5:69:B7:EA:B1:8B:C3:57:38:E9:AA:85:81:D6:44:C0:7D
            X509v3 Authority Key Identifier:
                keyid:41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:e1:4e:d9:0a:ca:05:7e:30:af:4a:3e:99:3d:02:7e:91:65:
         cb:05:46:24:e6:db:7d:ef:b7:a7:15:bf:85:32:04:20:b1:dc:
         f6:93:15:ee:d5:01:7d:e0:0a:b0:07:75:20:b5:3f:46:27:ee:
         c9:ca:8f:a5:88:4c:d3:8d:a4:6c:57:18:ea:9b:ff:98:2e:98:
         19:89:aa:27:06:9d:6d:dd:7b:0d:48:66:73:ef:85:3a:05:e8:
         2d:97:c1:25:1c:42:96:0e:d9:76:1c:bb:08:bc:e2:ea:2d:db:
         4d:05:94:76:c2:37:86:84:9a:bc:a9:1d:93:2f:47:ff:06:a5:
         17:5a:40:b9:e2:a9:b2:aa:67:05:a1:44:55:e9:a7:11:8f:43:
         20:32:a8:9c:85:7d:2a:bd:08:c3:f6:c0:22:bc:2e:5b:29:22:
         45:86:af:94:0c:b6:16:3c:81:f7:eb:f1:88:81:93:25:d6:e6:
         22:f0:19:d5:49:ca:11:df:c7:c5:f3:ba:ae:0a:c6:df:29:66:
         a9:f0:d3:3c:3a:4b:c3:a9:36:83:22:47:58:58:6d:79:d2:02:
         83:e6:04:78:a9:f0:e0:83:f8:6a:65:75:0e:a4:18:03:2e:27:
         43:63:d3:71:35:a9:22:9f:f9:05:07:50:8c:2f:de:3a:8d:65:
         c8:fb:24:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJR0XCOc+W6/gJKl+GFexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2IxNTViODA0NjI2NDdmODU5NDZhODgyNGQyMjlmZWVh
YWZiZTYwHhcNMjUwNDIwMTcwMDQwWhcNMjUwNDIxMTcwMDQwWjAzMTEwLwYDVQQD
EygwYjRkODZiNTY5YjdlYWIxOGJjMzU3MzhlOWFhODU4MWQ2NDRjMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+OjsSJEWC4w6qXWPJIJC3FlP/Hp
j6OlTr/xGF1EIVkKwAqExlBt6S/RH63MPcx212q4Gxm6zeeyLDCiQAp/uhZc5zT8
ehvXLXSjJaVMfXn+GiY3O6ub6MRfdYyv/ZnfUtt0Xony0g2kLmO6QXbNSP6pjzUz
/Ks/woXuvqMrKwqAJNMPvwqgRWcwWzkDpaEE9h+9IEGv5Bh1lF4Fjn20dyfbQqRc
UGCJ8XKYtxTMXrnhSn2Ny+qm6C62tIObMErH59yq3ZZgjF2ojdRJ0mBgT7RSCo8E
93jNmsyiz6irdzgfpdsXKZHRB8DPfaT3qkcJqeqkHpgjoqDYqP0/Y0YxFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtNhrVpt+qxi8NXOOmqhYHWRMB9MB8GA1UdIwQY
MBaAFEE7FVuARiZH+FlGqIJNIp/uqvvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUt
NGEyNTFjYmVjNzkxLzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUtNGEyNTFjYmVjNzkx
LzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAluFO2QrK
BX4wr0o+mT0CfpFlywVGJObbfe+3pxW/hTIEILHc9pMV7tUBfeAKsAd1ILU/Rifu
ycqPpYhM042kbFcY6pv/mC6YGYmqJwadbd17DUhmc++FOgXoLZfBJRxClg7Zdhy7
CLzi6i3bTQWUdsI3hoSavKkdky9H/walF1pAueKpsqpnBaFEVemnEY9DIDKonIV9
Kr0Iw/bAIrwuWykiRYavlAy2FjyB9+vxiIGTJdbmIvAZ1UnKEd/HxfO6rgrG3ylm
qfDTPDpLw6k2gyJHWFhtedICg+YEeKnw4IP4amV1DqQYAy4nQ2PTcTWpIp/5BQdQ
jC/eOo1lyPskqg==
-----END CERTIFICATE-----