Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          pUeW/7+z/8sC8BlU2S7gZxOlmhW5RVhGM1XSDfbBBa8=
Subject key identifier:   91:D9:37:6B:B3:89:BB:E5:C9:13:3E:C4:2C:DE:66:4D:F5:85:39:95
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       0197488C86BC659D270BF8670911552453E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 04:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:58 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: Rhucg7WRnJcf636vNLAYPyr1nRoKMp8lHUXHSzktAQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:86:bc:65:9d:27:0b:f8:67:09:11:55:24:53:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Jun  7 04:00:58 2025 GMT
            Not After : Jun  8 04:00:58 2025 GMT
        Subject: CN=91d9376bb389bbe5c9133ec42cde664df5853995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:aa:d4:b0:b9:05:f3:04:db:d6:d0:55:7c:76:
                    4b:53:19:09:68:ca:9c:9f:ac:2b:35:ba:18:1e:a2:
                    45:6b:41:de:8f:5f:0a:9e:f5:e2:b2:74:56:43:e4:
                    e2:96:65:c0:c8:bd:c1:34:a3:f5:07:cf:ac:24:17:
                    4c:db:a2:d2:84:7c:a0:86:da:6d:d9:c2:b4:3a:5e:
                    50:b6:3f:85:f0:0a:16:57:5f:7a:34:7f:8e:bd:9f:
                    89:29:2a:57:4f:94:34:de:be:82:20:c5:05:78:4c:
                    ce:0a:98:16:af:15:d0:c6:5c:50:cd:bd:a9:a7:98:
                    75:3d:7f:1f:ce:7e:b1:2e:c4:e7:9b:f4:ed:86:18:
                    8c:94:bd:ff:c7:de:f1:b2:a4:f6:11:bd:14:79:9e:
                    7c:97:83:43:fc:ca:6d:f1:bf:5a:90:f0:3d:ce:74:
                    55:27:5c:2d:d0:08:20:37:64:86:7e:70:76:2e:d1:
                    c5:54:00:d7:11:01:69:b1:f9:6a:79:5c:6f:77:62:
                    9a:20:67:64:48:78:46:53:7c:62:e6:df:33:18:8f:
                    16:83:5a:17:92:65:e9:7e:69:f6:b7:f5:34:1e:a2:
                    ba:a2:35:ea:40:2e:1e:5f:6f:e0:39:ac:54:67:b8:
                    23:e5:9c:7d:37:c5:5b:80:f9:73:35:27:1e:23:81:
                    02:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D9:37:6B:B3:89:BB:E5:C9:13:3E:C4:2C:DE:66:4D:F5:85:39:95
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:e3:88:43:c7:e8:ef:70:d2:d7:ba:26:41:50:ee:88:37:aa:
         df:ad:cd:22:c2:a7:c8:3d:38:8c:41:02:a6:dd:1d:f6:18:f0:
         14:3c:81:2f:aa:fc:d7:d0:d8:54:77:90:4f:97:27:d6:29:53:
         33:f6:94:38:12:98:b1:e6:b2:3f:ef:cf:5d:ab:88:92:73:e0:
         4a:42:3e:98:bc:ab:8a:21:69:04:61:be:54:e1:08:d2:21:8d:
         18:31:24:a8:99:90:ba:a0:38:91:b3:0a:be:a4:f3:a4:27:1d:
         60:e2:e7:4a:66:0e:ea:fd:f1:a1:dc:fa:66:19:be:1f:83:8f:
         80:a0:ce:e3:69:8e:2e:8e:3a:a1:00:e2:3b:98:68:c4:26:41:
         b2:14:e0:b6:3e:c8:11:b9:d3:2b:f2:03:94:5e:00:97:e3:26:
         b3:ab:84:18:bc:e2:c6:9f:02:cf:45:a1:16:45:f6:40:20:d6:
         cd:83:51:fe:09:a0:5b:1a:71:08:2c:6c:87:3e:65:ca:ca:12:
         89:99:48:c1:e7:f2:df:4e:01:77:9c:f0:e1:55:16:fa:7d:65:
         76:aa:9b:0f:39:c0:78:ce:ef:0e:6f:76:b1:3a:cb:b4:05:57:
         cd:e6:28:d9:09:59:d6:ef:e8:5a:4c:49:ca:d2:a1:20:59:52:
         f3:30:8b:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjIa8ZZ0nC/hnCRFVJFPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwNjA3MDQwMDU4WhcNMjUwNjA4MDQwMDU4WjAzMTEwLwYDVQQD
Eyg5MWQ5Mzc2YmIzODliYmU1YzkxMzNlYzQyY2RlNjY0ZGY1ODUzOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqrUsLkF8wTb1tBVfHZLUxkJaMqc
n6wrNboYHqJFa0Hej18KnvXisnRWQ+TilmXAyL3BNKP1B8+sJBdM26LShHyghtpt
2cK0Ol5Qtj+F8AoWV196NH+OvZ+JKSpXT5Q03r6CIMUFeEzOCpgWrxXQxlxQzb2p
p5h1PX8fzn6xLsTnm/TthhiMlL3/x97xsqT2Eb0UeZ58l4ND/Mpt8b9akPA9znRV
J1wt0AggN2SGfnB2LtHFVADXEQFpsflqeVxvd2KaIGdkSHhGU3xi5t8zGI8Wg1oX
kmXpfmn2t/U0HqK6ojXqQC4eX2/gOaxUZ7gj5Zx9N8VbgPlzNSceI4ECnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHZN2uzibvlyRM+xCzeZk31hTmVMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+OIQ8fo
73DS17omQVDuiDeq363NIsKnyD04jEECpt0d9hjwFDyBL6r819DYVHeQT5cn1ilT
M/aUOBKYseayP+/PXauIknPgSkI+mLyriiFpBGG+VOEI0iGNGDEkqJmQuqA4kbMK
vqTzpCcdYOLnSmYO6v3xodz6Zhm+H4OPgKDO42mOLo46oQDiO5hoxCZBshTgtj7I
EbnTK/IDlF4Al+Mms6uEGLzixp8Cz0WhFkX2QCDWzYNR/gmgWxpxCCxshz5lysoS
iZlIwefy304Bd5zw4VUW+n1ldqqbDznAeM7vDm92sTrLtAVXzeYo2QlZ1u/oWkxJ
ytKhIFlS8zCLrg==
-----END CERTIFICATE-----