Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
File:                     QnqV1vkbZ2udcauK4RQZQY3jww4.mft (raw, json)
Hash identifier:          mTPiLyGW3GdVu6xqO8YpUC0YyIEOxkdxdE9rRQM95s4=
Subject key identifier:   98:FF:A7:EF:4D:D9:AE:FE:01:A0:2A:86:07:5A:F1:49:E1:1B:17:87
Authority key identifier: 42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E
Certificate issuer:       /CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
Certificate serial:       019653EEB2C53F02803DDD798CCC552BAED0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
Manifest number:          102C
Signing time:             Sun 20 Apr 2025 16:01:14 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:14 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:14 +0000
Files and hashes:         1: QnqV1vkbZ2udcauK4RQZQY3jww4.crl (hash: OqeO4V61zmwaZrh6aJ591BwFjUI0aiYwfv2sZr6UYRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:b2:c5:3f:02:80:3d:dd:79:8c:cc:55:2b:ae:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
        Validity
            Not Before: Apr 20 16:01:14 2025 GMT
            Not After : Apr 21 16:01:14 2025 GMT
        Subject: CN=98ffa7ef4dd9aefe01a02a86075af149e11b1787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c8:d5:cc:c2:7b:1b:66:13:39:bc:82:a7:e3:
                    eb:76:7d:06:ba:5b:f5:e7:06:11:f8:39:34:3b:fe:
                    67:db:5f:3a:97:39:fb:7e:cb:0b:71:cc:24:79:bf:
                    54:39:da:17:2f:22:4d:49:00:15:93:ce:a7:c3:ed:
                    a2:72:ab:a0:19:de:77:ec:79:01:65:cb:f6:67:d4:
                    24:34:c4:27:e3:f5:70:80:6b:ad:ed:5d:be:96:51:
                    14:d1:fb:f6:b4:49:2b:06:7f:c0:3f:dc:6d:ca:d3:
                    10:6b:d7:05:c7:0e:da:80:e2:54:35:37:a4:4c:4d:
                    ee:89:17:1f:25:8e:0c:a7:e0:91:f7:66:ad:b5:cb:
                    03:a8:c7:5a:d3:b6:85:58:af:d9:ee:86:5d:c3:f2:
                    9f:db:2a:88:ac:dd:46:2e:5a:fd:43:e2:33:4b:ea:
                    5b:e6:df:82:e4:dd:96:65:fc:e4:7b:09:6f:c7:10:
                    f5:18:1b:71:5f:02:21:6c:bb:b5:95:0b:f0:72:ed:
                    9a:93:9f:1d:e7:da:0d:07:f8:06:d3:62:15:9f:43:
                    f6:ab:21:50:e9:63:42:8d:22:90:b7:3d:6b:37:cd:
                    c2:13:78:96:bf:b9:a0:b1:f6:9e:b6:63:9f:d2:3f:
                    45:ea:11:b1:e4:51:43:f4:04:7b:c4:a3:6b:3d:af:
                    1a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:FF:A7:EF:4D:D9:AE:FE:01:A0:2A:86:07:5A:F1:49:E1:1B:17:87
            X509v3 Authority Key Identifier:
                keyid:42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:54:c3:41:0c:00:fe:17:5b:80:2f:b3:48:98:b2:d2:88:b8:
         9b:ad:10:2f:ad:e8:b3:b3:49:78:47:bb:b3:c3:72:66:49:39:
         f9:e6:53:a2:2d:93:b2:e3:d5:af:e8:23:7c:88:95:24:8d:ec:
         f6:69:d1:33:66:dc:f5:e1:b8:a0:fe:8a:fa:1c:d8:9c:73:07:
         93:e4:1c:f0:2d:6b:0c:7f:99:e4:0a:57:14:1d:6b:0e:9e:aa:
         33:4c:09:7d:8c:3b:29:54:fe:38:14:78:0b:c5:ff:f9:01:67:
         8c:61:3e:10:7c:37:07:0d:f1:b0:a2:1b:67:b4:9b:3f:66:4f:
         d3:ec:da:f3:a0:d2:e4:f3:a4:eb:4f:6e:54:d1:f1:66:31:f2:
         8a:47:d0:84:00:03:72:68:b4:64:e6:8c:6d:b7:e1:35:b9:d5:
         a6:f9:45:2b:0c:f2:fc:08:d6:1d:e7:7e:17:df:2d:d4:a5:81:
         c5:56:50:21:44:09:d4:92:09:cb:d5:33:98:b7:5e:eb:9c:4e:
         28:1d:7b:9c:a3:4c:dc:2a:19:7a:b5:c7:31:ab:7d:7f:33:9e:
         bc:7d:ac:0b:ad:03:61:fb:a4:93:01:4c:8f:44:bf:c9:30:ba:
         dc:1d:6f:3f:16:c4:25:78:cf:87:a6:9b:6d:8f:ab:80:83:7f:
         bb:f7:c0:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7rLFPwKAPd15jMxVK67QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2E5NWQ2ZjkxYjY3NmI5ZDcxYWI4YWUxMTQxOTQxOGRl
M2MzMGUwHhcNMjUwNDIwMTYwMTE0WhcNMjUwNDIxMTYwMTE0WjAzMTEwLwYDVQQD
Eyg5OGZmYTdlZjRkZDlhZWZlMDFhMDJhODYwNzVhZjE0OWUxMWIxNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMjVzMJ7G2YTObyCp+Prdn0Gulv1
5wYR+Dk0O/5n2186lzn7fssLccwkeb9UOdoXLyJNSQAVk86nw+2icqugGd537HkB
Zcv2Z9QkNMQn4/VwgGut7V2+llEU0fv2tEkrBn/AP9xtytMQa9cFxw7agOJUNTek
TE3uiRcfJY4Mp+CR92attcsDqMda07aFWK/Z7oZdw/Kf2yqIrN1GLlr9Q+IzS+pb
5t+C5N2WZfzkewlvxxD1GBtxXwIhbLu1lQvwcu2ak58d59oNB/gG02IVn0P2qyFQ
6WNCjSKQtz1rN83CE3iWv7mgsfaetmOf0j9F6hGx5FFD9AR7xKNrPa8aBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJj/p+9N2a7+AaAqhgda8UnhGxeHMB8GA1UdIwQY
MBaAFEJ6ldb5G2drnXGriuEUGUGN48MOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYt
Y2U3YTUxYWEzMzE0LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYtY2U3YTUxYWEzMzE0
LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD1TDQQwA
/hdbgC+zSJiy0oi4m60QL63os7NJeEe7s8NyZkk5+eZToi2TsuPVr+gjfIiVJI3s
9mnRM2bc9eG4oP6K+hzYnHMHk+Qc8C1rDH+Z5ApXFB1rDp6qM0wJfYw7KVT+OBR4
C8X/+QFnjGE+EHw3Bw3xsKIbZ7SbP2ZP0+za86DS5POk609uVNHxZjHyikfQhAAD
cmi0ZOaMbbfhNbnVpvlFKwzy/AjWHed+F98t1KWBxVZQIUQJ1JIJy9UzmLde65xO
KB17nKNM3CoZerXHMat9fzOevH2sC60DYfukkwFMj0S/yTC63B1vPxbEJXjPh6ab
bY+rgIN/u/fA5A==
-----END CERTIFICATE-----