Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          Z5Ns6puN0wqqJv65tOcrc4RBW2kiIpQ8qWGzgFCfA/A=
Subject key identifier:   AB:D4:AB:80:97:B4:91:31:FA:9C:2B:16:AC:6C:2F:C4:98:AC:01:7C
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       0194C38781EE70B5E448AD2CC990AF2C935B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          08A3
Signing time:             Sat 01 Feb 2025 22:00:25 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:25 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:25 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: tCzgnKKZhOWn/wtYchbytNTQdJ8RuS/yg1ihQeiPxCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:81:ee:70:b5:e4:48:ad:2c:c9:90:af:2c:93:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Feb  1 22:00:25 2025 GMT
            Not After : Feb  2 22:00:25 2025 GMT
        Subject: CN=abd4ab8097b49131fa9c2b16ac6c2fc498ac017c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8c:c0:3b:22:2e:ae:c2:c5:b1:19:f9:8a:ee:
                    fa:23:4d:9d:f5:d9:e6:f5:23:2b:b6:87:a1:58:f2:
                    2b:97:92:4e:74:09:c1:8b:a9:f5:bb:9a:ab:28:c5:
                    d0:e2:22:44:66:53:7f:90:d1:dd:2c:48:34:d1:f0:
                    31:22:89:e9:10:7c:32:d9:a4:35:a4:93:1f:a2:45:
                    48:ec:9d:b6:f2:19:cb:c8:63:6a:4b:dd:d1:fb:67:
                    59:e1:b2:31:da:8e:bc:ca:46:e7:dc:dc:47:59:40:
                    bb:e9:a8:83:56:df:ef:82:c3:92:55:be:67:20:4f:
                    b2:00:f3:7c:f2:dc:87:4e:7d:89:1a:5c:61:52:b9:
                    72:c7:49:22:35:8e:f9:50:2a:06:eb:cd:b7:6f:a8:
                    60:37:83:58:9f:bf:33:20:06:90:0e:71:06:e2:f3:
                    4c:d2:2d:9b:38:ed:72:2a:41:f6:b4:98:db:a3:f7:
                    5e:ee:17:31:14:59:e4:9f:52:c0:08:47:b5:32:b5:
                    fa:ca:b6:df:80:89:37:06:be:15:87:89:f2:bf:6c:
                    aa:cb:b7:42:4e:1f:8d:22:1e:22:c5:fa:dd:a6:fa:
                    4e:e1:8f:31:bd:75:ed:cd:1f:ce:cf:6e:48:92:e9:
                    0c:c2:ad:fa:1b:4d:c5:a8:97:67:54:7c:b2:0b:da:
                    1b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D4:AB:80:97:B4:91:31:FA:9C:2B:16:AC:6C:2F:C4:98:AC:01:7C
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:63:fa:99:7e:f7:24:58:90:be:77:24:35:04:69:33:79:ca:
         bb:38:06:25:b2:14:60:14:f1:b4:8b:b4:48:ef:4f:ce:98:76:
         37:c5:8f:5d:62:f1:c8:6b:96:34:0d:62:e3:6f:fd:ed:20:78:
         95:fc:10:b9:be:c3:bb:78:68:1a:4e:5b:35:a7:9e:c7:36:cf:
         92:db:a8:8f:42:8a:af:1a:ed:9a:d4:72:cf:c6:f3:69:08:77:
         47:c1:9e:56:fa:89:79:d9:ee:9e:b5:33:bd:05:93:cf:2f:54:
         6d:26:0b:e4:dc:8e:58:69:8d:51:35:dd:ad:cf:b8:d7:8a:3c:
         79:e3:eb:f1:c1:86:05:17:7c:ff:a3:12:48:ba:09:b4:a8:5e:
         8c:c5:8f:ad:ca:ea:6e:6c:39:6c:00:63:c1:27:66:4a:6c:a8:
         db:a9:93:8c:84:84:d5:59:fe:16:bb:99:ee:43:5b:97:74:59:
         7d:14:05:eb:f3:9a:67:13:e0:2a:f5:e4:d5:aa:0c:01:30:b8:
         e0:da:3a:8c:7a:a8:67:9c:23:c3:e7:1a:cb:ac:57:ba:2e:05:
         e8:69:2e:37:1f:a8:16:f8:82:bc:25:d0:f8:9d:ce:87:f0:dc:
         43:47:5a:80:17:a6:04:0d:b5:34:30:67:88:d1:c8:d0:b6:01:
         b8:09:af:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh4HucLXkSK0syZCvLJNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUwMjAxMjIwMDI1WhcNMjUwMjAyMjIwMDI1WjAzMTEwLwYDVQQD
EyhhYmQ0YWI4MDk3YjQ5MTMxZmE5YzJiMTZhYzZjMmZjNDk4YWMwMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4zAOyIursLFsRn5iu76I02d9dnm
9SMrtoehWPIrl5JOdAnBi6n1u5qrKMXQ4iJEZlN/kNHdLEg00fAxIonpEHwy2aQ1
pJMfokVI7J228hnLyGNqS93R+2dZ4bIx2o68ykbn3NxHWUC76aiDVt/vgsOSVb5n
IE+yAPN88tyHTn2JGlxhUrlyx0kiNY75UCoG6823b6hgN4NYn78zIAaQDnEG4vNM
0i2bOO1yKkH2tJjbo/de7hcxFFnkn1LACEe1MrX6yrbfgIk3Br4Vh4nyv2yqy7dC
Th+NIh4ixfrdpvpO4Y8xvXXtzR/Oz25IkukMwq36G03FqJdnVHyyC9obZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvUq4CXtJEx+pwrFqxsL8SYrAF8MB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmP6mX73
JFiQvnckNQRpM3nKuzgGJbIUYBTxtIu0SO9Pzph2N8WPXWLxyGuWNA1i42/97SB4
lfwQub7Du3hoGk5bNaeexzbPktuoj0KKrxrtmtRyz8bzaQh3R8GeVvqJednunrUz
vQWTzy9UbSYL5NyOWGmNUTXdrc+414o8eePr8cGGBRd8/6MSSLoJtKhejMWPrcrq
bmw5bABjwSdmSmyo26mTjISE1Vn+FruZ7kNbl3RZfRQF6/OaZxPgKvXk1aoMATC4
4No6jHqoZ5wjw+cay6xXui4F6GkuNx+oFviCvCXQ+J3Oh/DcQ0dagBemBA21NDBn
iNHI0LYBuAmvhA==
-----END CERTIFICATE-----