Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft (raw, json)
Hash identifier:          HQlq+6lL02iZpxuDiORyOcB3+fDkVCsJWLVQb9wQmwk=
Subject key identifier:   7B:66:ED:BB:FE:4D:32:5E:98:FB:B9:EB:2E:B6:37:23:B5:BF:80:9E
Authority key identifier: AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Certificate issuer:       /CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
Certificate serial:       01974AE880727DF03099F113AA0ED386CCB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
Manifest number:          0DFF
Signing time:             Sat 07 Jun 2025 15:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:40 +0000
Files and hashes:         1: qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl (hash: 0KDLn/RaXJOmJ1TegfbYViZ3SdYN9PnOq/5Jor5oLsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:80:72:7d:f0:30:99:f1:13:aa:0e:d3:86:cc:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Validity
            Not Before: Jun  7 15:00:40 2025 GMT
            Not After : Jun  8 15:00:40 2025 GMT
        Subject: CN=7b66edbbfe4d325e98fbb9eb2eb63723b5bf809e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f3:08:a8:1f:02:35:87:76:ac:2b:22:ad:10:
                    38:7b:f0:c7:df:7d:34:21:a3:de:5e:0c:63:58:64:
                    3d:f2:7e:55:1d:15:4d:42:02:7a:cb:c2:23:16:18:
                    af:93:85:4e:86:15:26:2d:7f:3c:22:0e:6d:3a:c2:
                    e6:49:7c:cf:b4:99:8b:99:f1:0e:77:ed:69:e8:1f:
                    36:67:16:81:02:22:74:f2:a2:31:ee:b0:44:02:eb:
                    d7:69:fe:74:d1:ae:de:5d:a3:6a:67:42:59:f2:2c:
                    9e:ca:c2:44:8e:22:7f:3c:ae:4a:63:ba:ac:ae:f8:
                    61:11:9f:cc:9f:41:33:82:bb:9e:c7:c0:89:9f:f0:
                    0a:e1:8f:0a:9a:cd:6a:17:d2:1c:33:74:5f:a8:d4:
                    2a:ee:2c:cd:f2:5d:93:34:fd:cd:2c:4d:86:68:aa:
                    ee:24:54:c2:37:10:df:88:5f:7f:58:1b:05:ea:3e:
                    51:ad:42:f3:c2:3b:c5:27:40:b8:19:45:32:f1:c1:
                    5b:a4:94:84:e2:08:1d:88:b6:25:e7:26:99:8b:44:
                    50:a8:ed:39:67:50:88:e4:d8:03:aa:6c:28:27:b2:
                    ee:d1:6d:67:21:9a:49:f2:5c:8c:33:7f:bc:06:39:
                    bc:20:83:1a:82:0a:92:99:ec:cd:27:1e:5a:b4:f9:
                    65:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:66:ED:BB:FE:4D:32:5E:98:FB:B9:EB:2E:B6:37:23:B5:BF:80:9E
            X509v3 Authority Key Identifier:
                keyid:AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:dd:fd:27:fa:ab:1a:44:63:57:b5:2d:51:b2:87:21:16:3d:
         a9:2c:7c:44:5a:d8:9a:23:5a:61:63:8a:0e:6b:51:b6:89:9a:
         17:7b:49:e9:e1:95:c8:5b:85:1d:6f:3d:f0:e6:fc:c9:6a:b6:
         4a:fc:91:48:f6:32:42:4f:c3:57:47:76:d6:ad:a0:cf:b3:1f:
         0d:3e:76:49:c7:9f:c4:00:15:11:a9:e4:d4:c2:4c:06:e9:3c:
         49:3e:54:87:ee:14:db:ed:33:7d:55:0a:a1:2b:ec:48:eb:27:
         3b:1c:18:47:51:6b:8d:9a:92:5f:e1:e8:2e:be:77:44:8a:e6:
         50:b0:8a:e4:c9:21:52:ea:18:3a:66:e4:7f:25:ad:12:92:23:
         8f:a5:9e:52:42:83:ec:c0:20:78:b3:99:fa:01:05:e3:06:96:
         17:c7:94:2a:22:2e:56:be:0b:7b:6f:05:65:b3:53:df:14:21:
         c6:52:97:13:b8:0e:07:12:b5:be:63:d7:27:38:fa:c1:f7:26:
         52:35:e0:5c:a7:c0:62:01:09:73:fe:31:06:03:18:65:96:46:
         40:c9:74:b1:3f:ae:1d:8e:b4:d8:c1:a6:a8:6c:30:6c:86:a1:
         d8:41:b8:79:43:3b:2d:51:c6:e8:35:e0:08:34:05:7e:d2:f8:
         74:51:c4:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6IByffAwmfETqg7Thsy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE3MDc5MzhiYTYyZmUxOWU2NDc0ZGFjNzg3ZGYzZjhj
ZmRlZTQwHhcNMjUwNjA3MTUwMDQwWhcNMjUwNjA4MTUwMDQwWjAzMTEwLwYDVQQD
Eyg3YjY2ZWRiYmZlNGQzMjVlOThmYmI5ZWIyZWI2MzcyM2I1YmY4MDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPMIqB8CNYd2rCsirRA4e/DH3300
IaPeXgxjWGQ98n5VHRVNQgJ6y8IjFhivk4VOhhUmLX88Ig5tOsLmSXzPtJmLmfEO
d+1p6B82ZxaBAiJ08qIx7rBEAuvXaf500a7eXaNqZ0JZ8iyeysJEjiJ/PK5KY7qs
rvhhEZ/Mn0Ezgruex8CJn/AK4Y8Kms1qF9IcM3RfqNQq7izN8l2TNP3NLE2GaKru
JFTCNxDfiF9/WBsF6j5RrULzwjvFJ0C4GUUy8cFbpJSE4ggdiLYl5yaZi0RQqO05
Z1CI5NgDqmwoJ7Lu0W1nIZpJ8lyMM3+8Bjm8IIMaggqSmezNJx5atPlllwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtm7bv+TTJemPu56y62NyO1v4CeMB8GA1UdIwQY
MBaAFKoqcHk4umL+GeZHTax4ffP4z97kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMt
ZDcxNmY0MDY4MTM5LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMtZDcxNmY0MDY4MTM5
LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAId39J/qr
GkRjV7UtUbKHIRY9qSx8RFrYmiNaYWOKDmtRtomaF3tJ6eGVyFuFHW898Ob8yWq2
SvyRSPYyQk/DV0d21q2gz7MfDT52ScefxAAVEank1MJMBuk8ST5Uh+4U2+0zfVUK
oSvsSOsnOxwYR1FrjZqSX+HoLr53RIrmULCK5MkhUuoYOmbkfyWtEpIjj6WeUkKD
7MAgeLOZ+gEF4waWF8eUKiIuVr4Le28FZbNT3xQhxlKXE7gOBxK1vmPXJzj6wfcm
UjXgXKfAYgEJc/4xBgMYZZZGQMl0sT+uHY602MGmqGwwbIah2EG4eUM7LVHG6DXg
CDQFftL4dFHEgA==
-----END CERTIFICATE-----