Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          dkPPutEQ/t4Ll8MysbAsP7fqULzGmUsgt56m3NMSBHc=
Subject key identifier:   D6:FD:7F:56:7E:CB:CD:45:5A:B1:96:53:28:80:C0:57:00:3E:86:29
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       01974DB247C1720D7F2E0C4BF4104664696E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          033B
Signing time:             Sun 08 Jun 2025 04:00:18 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:18 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:18 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: +vdBD7WiEfKcRRktApJTxDPaPnrITY7pQQjAEM7IuCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:47:c1:72:0d:7f:2e:0c:4b:f4:10:46:64:69:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Jun  8 04:00:18 2025 GMT
            Not After : Jun  9 04:00:18 2025 GMT
        Subject: CN=d6fd7f567ecbcd455ab196532880c057003e8629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:52:83:11:f8:36:0d:d0:04:83:da:41:18:
                    97:30:b5:6e:c5:df:27:8d:e0:2f:ab:c1:e1:e3:22:
                    fb:92:0d:b4:cf:f4:63:0c:04:cd:3e:9b:6b:1f:11:
                    7f:90:6e:55:b1:64:c8:0b:bc:19:c7:b1:2b:a4:0a:
                    0e:87:02:ab:2c:21:b0:87:4d:c0:2f:a0:9d:d6:e4:
                    67:73:32:eb:9c:09:85:f2:7b:1d:07:bd:fc:76:2f:
                    2c:59:54:ed:61:b9:35:f6:e6:2f:e5:60:d7:8f:16:
                    22:91:3e:90:6f:c9:96:cf:5e:4f:40:fb:1d:2e:3b:
                    8f:49:c8:f9:76:29:e0:35:6d:a1:c5:1a:0c:85:b1:
                    be:77:2f:d2:4d:b4:8c:4c:54:ac:e4:1d:c3:49:3f:
                    eb:43:13:51:f3:c6:42:2f:81:5d:14:b9:3a:3c:96:
                    a3:88:84:1a:8f:db:16:eb:6d:4f:3a:d6:5d:e1:fe:
                    ee:76:f5:5e:d2:03:26:2d:6a:e1:f8:02:5a:c5:62:
                    74:7a:f2:24:a6:07:be:a7:c0:19:d2:6f:e9:70:70:
                    84:ad:a2:26:85:08:d5:02:67:90:c8:39:9a:67:1f:
                    e8:39:f2:3a:47:1f:9f:ff:fb:0f:9c:aa:4e:fc:32:
                    a4:aa:c6:11:86:f8:9d:cd:98:9d:81:9a:04:c8:30:
                    99:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:FD:7F:56:7E:CB:CD:45:5A:B1:96:53:28:80:C0:57:00:3E:86:29
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:88:93:8c:e9:37:b5:7e:f6:37:56:ac:f8:11:ff:59:3f:06:
         a8:cc:2b:8b:d2:ae:8b:7e:79:e8:11:9b:44:1f:19:09:76:06:
         97:01:14:c5:4d:fa:b9:1c:f0:15:f6:22:eb:7c:24:a3:ce:d4:
         d9:6a:a6:7c:11:71:12:ac:53:65:d3:fb:b5:91:59:b3:b4:b7:
         f4:a5:13:7a:d9:2b:8f:1f:46:9c:bc:ce:99:b7:be:85:95:bb:
         8f:21:99:02:ea:de:58:27:e5:09:02:1a:6c:40:fe:83:d6:4e:
         11:5c:6c:ef:8b:c0:b0:11:d0:e2:a5:dd:3c:22:42:14:5b:81:
         85:a5:8f:eb:79:25:6c:a5:b8:8d:d0:42:95:2f:26:fb:40:b1:
         7a:c0:c8:03:a4:ff:c8:41:f3:3b:ec:f0:2f:81:55:10:74:e7:
         65:e8:dd:a5:6e:56:12:35:bd:b2:a9:72:42:32:57:c9:ab:7e:
         86:57:99:8b:c9:4b:3b:14:91:7e:6c:4e:c9:19:6e:94:90:a3:
         2b:31:7b:2c:52:6e:c5:b9:bb:a6:5e:01:ff:d3:6f:be:50:cf:
         a2:e6:33:64:66:02:5e:f8:23:96:95:f6:18:10:a4:c3:7f:be:
         31:6a:45:74:78:24:5d:05:a8:16:90:f3:6c:1e:0f:ac:54:f8:
         f4:2f:5d:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNskfBcg1/LgxL9BBGZGluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwNjA4MDQwMDE4WhcNMjUwNjA5MDQwMDE4WjAzMTEwLwYDVQQD
EyhkNmZkN2Y1NjdlY2JjZDQ1NWFiMTk2NTMyODgwYzA1NzAwM2U4NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsxSgxH4Ng3QBIPaQRiXMLVuxd8n
jeAvq8Hh4yL7kg20z/RjDATNPptrHxF/kG5VsWTIC7wZx7ErpAoOhwKrLCGwh03A
L6Cd1uRnczLrnAmF8nsdB738di8sWVTtYbk19uYv5WDXjxYikT6Qb8mWz15PQPsd
LjuPScj5dingNW2hxRoMhbG+dy/STbSMTFSs5B3DST/rQxNR88ZCL4FdFLk6PJaj
iIQaj9sW621POtZd4f7udvVe0gMmLWrh+AJaxWJ0evIkpge+p8AZ0m/pcHCEraIm
hQjVAmeQyDmaZx/oOfI6Rx+f//sPnKpO/DKkqsYRhvidzZidgZoEyDCZnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNb9f1Z+y81FWrGWUyiAwFcAPoYpMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIiTjOk3
tX72N1as+BH/WT8GqMwri9Kui3556BGbRB8ZCXYGlwEUxU36uRzwFfYi63wko87U
2WqmfBFxEqxTZdP7tZFZs7S39KUTetkrjx9GnLzOmbe+hZW7jyGZAureWCflCQIa
bED+g9ZOEVxs74vAsBHQ4qXdPCJCFFuBhaWP63klbKW4jdBClS8m+0CxesDIA6T/
yEHzO+zwL4FVEHTnZejdpW5WEjW9sqlyQjJXyat+hleZi8lLOxSRfmxOyRlulJCj
KzF7LFJuxbm7pl4B/9NvvlDPouYzZGYCXvgjlpX2GBCkw3++MWpFdHgkXQWoFpDz
bB4PrFT49C9d+g==
-----END CERTIFICATE-----