Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          wkzBgIDuGSn7kzZdiE5yU2nosK1Y97BlFE2qyci5mtA=
Subject key identifier:   8E:3B:71:FA:6C:78:2D:52:62:D3:DB:0B:3D:56:C1:F9:0C:22:87:E5
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       019750466A4772898622D39D015187C79802
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          09F5
Signing time:             Sun 08 Jun 2025 16:01:21 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:21 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:21 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: S59NAeBwZowfK25P+P19W7fT6agvuB88MBMFpxQqwDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:44:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:6a:47:72:89:86:22:d3:9d:01:51:87:c7:98:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Jun  8 16:01:21 2025 GMT
            Not After : Jun  9 16:01:21 2025 GMT
        Subject: CN=8e3b71fa6c782d5262d3db0b3d56c1f90c2287e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4e:08:ad:e0:ab:7d:00:1f:89:ad:49:d1:97:
                    bd:91:11:be:04:ee:89:dd:3e:28:95:8a:bc:64:42:
                    bf:5f:1a:54:16:35:ea:6c:8c:50:f4:3c:a9:96:d7:
                    bc:c2:11:b6:cd:49:df:d8:ce:ee:c9:8d:b2:ef:9d:
                    e4:c8:79:51:f5:12:e9:c3:9f:ea:08:7c:89:af:61:
                    29:a0:dc:b7:eb:c1:9b:5a:31:14:44:3f:0d:b9:36:
                    99:82:aa:a7:8b:d3:95:55:f1:ae:a5:22:ec:1c:36:
                    12:8e:e6:3c:e0:1c:04:4e:ff:98:a4:c5:58:cb:4d:
                    4f:a5:a9:ed:ad:f7:e6:12:16:49:85:b8:54:9a:b2:
                    f2:4d:3d:3d:4e:ca:91:7f:c5:f0:36:73:18:89:55:
                    3b:b9:84:b5:20:04:99:7a:14:c3:ff:43:86:84:44:
                    5f:4d:db:11:6b:30:42:e8:1f:38:2b:0d:9e:17:99:
                    de:41:cb:16:de:c0:e9:de:83:2f:9b:10:ae:ea:77:
                    9a:32:23:97:e6:7e:3b:6a:db:dc:67:17:72:fe:78:
                    38:36:a2:ca:e3:b2:84:42:61:53:65:16:9a:95:c3:
                    6d:38:e7:71:e0:c4:b3:ab:be:9f:16:3f:87:25:f0:
                    eb:8c:22:59:4e:00:ba:a2:0d:4c:13:19:e9:8c:d2:
                    44:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3B:71:FA:6C:78:2D:52:62:D3:DB:0B:3D:56:C1:F9:0C:22:87:E5
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c7:68:2f:de:3c:a9:b8:62:c6:c5:68:b5:b1:fc:c2:c0:15:
         86:84:c3:50:56:17:54:f7:fd:0d:2c:4b:b6:d7:8f:a2:9f:8d:
         96:6e:52:c3:d1:c1:59:79:0b:82:3a:72:de:42:06:a4:d7:39:
         1b:04:bc:a7:e6:74:e8:9a:88:60:60:8a:da:61:68:2c:04:ec:
         83:63:c6:5c:00:69:dc:b4:f4:32:2e:0b:52:57:48:5d:10:30:
         e5:55:cf:6b:bb:fc:a5:9b:c3:a6:4a:ff:09:f7:bf:21:21:fb:
         07:c8:59:41:f4:e4:9f:a1:55:63:c5:4c:f2:72:be:89:70:2b:
         f6:bf:7c:5d:c2:28:18:48:74:39:e1:6c:b2:0c:89:a7:be:3e:
         db:41:cb:3d:0d:50:cb:2e:dc:5c:b3:ec:18:cb:63:9e:ef:5f:
         b7:0a:62:0f:d1:65:31:95:a5:a7:8f:77:e7:2c:3c:96:10:19:
         91:d8:aa:8f:e5:41:a5:f2:d1:e6:7a:ad:84:2d:c2:55:6e:95:
         19:a8:aa:ea:0f:4e:d8:67:28:b4:e7:9d:e4:55:38:b1:b5:fa:
         48:79:42:fb:d7:57:d9:b7:90:9a:da:2d:b9:c8:f6:56:7f:a2:
         0b:a5:e2:41:a0:b9:7d:21:da:37:92:cb:ff:b2:a2:bd:13:ac:
         95:05:f0:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRmpHcomGItOdAVGHx5gCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUwNjA4MTYwMTIxWhcNMjUwNjA5MTYwMTIxWjAzMTEwLwYDVQQD
Eyg4ZTNiNzFmYTZjNzgyZDUyNjJkM2RiMGIzZDU2YzFmOTBjMjI4N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyE4IreCrfQAfia1J0Ze9kRG+BO6J
3T4olYq8ZEK/XxpUFjXqbIxQ9Dyplte8whG2zUnf2M7uyY2y753kyHlR9RLpw5/q
CHyJr2EpoNy368GbWjEURD8NuTaZgqqni9OVVfGupSLsHDYSjuY84BwETv+YpMVY
y01PpantrffmEhZJhbhUmrLyTT09TsqRf8XwNnMYiVU7uYS1IASZehTD/0OGhERf
TdsRazBC6B84Kw2eF5neQcsW3sDp3oMvmxCu6neaMiOX5n47atvcZxdy/ng4NqLK
47KEQmFTZRaalcNtOOdx4MSzq76fFj+HJfDrjCJZTgC6og1MExnpjNJEsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI47cfpseC1SYtPbCz1WwfkMIoflMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8doL948
qbhixsVotbH8wsAVhoTDUFYXVPf9DSxLttePop+Nlm5Sw9HBWXkLgjpy3kIGpNc5
GwS8p+Z06JqIYGCK2mFoLATsg2PGXABp3LT0Mi4LUldIXRAw5VXPa7v8pZvDpkr/
Cfe/ISH7B8hZQfTkn6FVY8VM8nK+iXAr9r98XcIoGEh0OeFssgyJp74+20HLPQ1Q
yy7cXLPsGMtjnu9ftwpiD9FlMZWlp4935yw8lhAZkdiqj+VBpfLR5nqthC3CVW6V
Gaiq6g9O2GcotOed5FU4sbX6SHlC+9dX2beQmtotucj2Vn+iC6XiQaC5fSHaN5LL
/7KivROslQXw7w==
-----END CERTIFICATE-----