Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
File:                     qhC-mR89uJUJcQwgZ233qKS_4bQ.mft (raw, json)
Hash identifier:          xqGn/DMBrHZIqZ9Gy/na65X9UTCAryxSLrBco+wl0Mc=
Subject key identifier:   04:74:2E:23:A1:3E:91:8F:66:64:90:2D:88:90:A9:82:10:DB:62:F3
Authority key identifier: AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4
Certificate issuer:       /CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
Certificate serial:       019749685D218B59C8B1D2767456D837710B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
Manifest number:          0989
Signing time:             Sat 07 Jun 2025 08:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 08:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 08:01:05 +0000
Files and hashes:         1: qhC-mR89uJUJcQwgZ233qKS_4bQ.crl (hash: 3rrlkZIUxmshv7jdP0vwIssaT8jyiRXNZ/EUdxZo2yM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:5d:21:8b:59:c8:b1:d2:76:74:56:d8:37:71:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
        Validity
            Not Before: Jun  7 08:01:05 2025 GMT
            Not After : Jun  8 08:01:05 2025 GMT
        Subject: CN=04742e23a13e918f6664902d8890a98210db62f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:cb:e4:7b:25:ea:25:1e:96:60:bd:49:20:f0:
                    b2:8c:a7:58:9f:f0:b5:4b:66:6b:5e:5f:a9:67:f5:
                    77:1e:17:e9:43:39:94:9b:b6:ff:10:bf:15:1a:e4:
                    ed:86:04:48:c1:bd:53:09:d4:db:b3:23:ce:9d:69:
                    fc:6c:f7:0e:c2:09:9f:28:3c:17:cd:7a:2f:88:c4:
                    5f:0f:b4:c6:81:85:54:cc:c4:e5:fd:f9:a0:27:74:
                    81:67:2d:81:e1:af:77:85:c3:27:48:84:da:5d:75:
                    01:c6:7d:be:d1:9c:bf:cb:a0:79:19:bd:22:b6:58:
                    f8:84:c7:f8:3d:6a:a5:22:28:40:13:a2:14:7a:b4:
                    3a:0b:57:c0:7d:e0:e6:51:d2:01:fe:44:77:98:59:
                    ea:ca:56:c6:48:a2:48:1f:1a:75:6b:b8:d1:b0:be:
                    04:e8:01:77:de:cc:9c:8f:6b:fb:82:60:10:1b:86:
                    e4:35:f3:9d:0d:18:0b:fe:91:f1:6c:4a:a0:ff:af:
                    fe:c8:98:08:69:8d:a7:f7:37:b1:da:57:cc:90:50:
                    9b:25:cc:8b:af:2e:f9:8b:a6:34:44:5f:e7:02:f0:
                    4c:12:b8:a4:bd:ad:fc:cf:3d:65:81:46:aa:47:16:
                    be:ae:4f:04:48:9c:aa:82:82:c0:3c:83:78:87:f7:
                    25:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:74:2E:23:A1:3E:91:8F:66:64:90:2D:88:90:A9:82:10:DB:62:F3
            X509v3 Authority Key Identifier:
                keyid:AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:b9:d2:20:9a:0a:86:37:71:37:cf:18:f0:6c:2a:ac:07:9f:
         d8:94:ba:92:ec:d0:9b:53:95:a5:57:b6:6e:38:e1:c6:60:f9:
         f8:be:93:e8:55:44:8a:55:e4:8f:da:c7:a2:b6:71:b2:d5:e0:
         3b:1c:2f:42:82:bf:5a:8f:ee:0e:c6:74:d2:f1:ff:86:7d:58:
         2d:2e:e3:00:c5:f3:de:28:05:a2:c3:35:a8:d5:34:b1:2f:91:
         17:18:9d:98:64:59:8f:ef:d0:31:31:49:68:7f:bf:1c:57:ff:
         e3:74:3c:9b:3b:85:01:45:1d:07:8a:26:82:3a:96:2a:69:6b:
         de:79:6d:fe:1b:cf:b8:27:3c:a3:63:94:6f:da:21:f6:d2:b2:
         72:7c:11:1a:57:dd:57:a4:b2:58:fe:52:cb:4f:35:0d:21:94:
         10:b8:93:17:79:69:9c:c1:0e:7e:a9:db:20:24:54:03:75:d8:
         66:ae:24:d2:f3:d7:ce:1e:85:60:67:50:20:d9:16:84:9f:66:
         bc:ed:70:af:e3:a1:9c:f9:0e:09:e7:ea:25:54:ed:90:ac:e9:
         8d:df:f6:36:e2:07:37:7b:ad:ff:b5:8e:3c:f9:4d:8f:67:78:
         8e:76:cd:e2:09:e7:63:55:2f:f9:3d:41:d3:05:44:6f:55:75:
         77:93:43:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaF0hi1nIsdJ2dFbYN3ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMTBiZTk5MWYzZGI4OTUwOTcxMGMyMDY3NmRmN2E4YTRi
ZmUxYjQwHhcNMjUwNjA3MDgwMTA1WhcNMjUwNjA4MDgwMTA1WjAzMTEwLwYDVQQD
EygwNDc0MmUyM2ExM2U5MThmNjY2NDkwMmQ4ODkwYTk4MjEwZGI2MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2svkeyXqJR6WYL1JIPCyjKdYn/C1
S2ZrXl+pZ/V3HhfpQzmUm7b/EL8VGuTthgRIwb1TCdTbsyPOnWn8bPcOwgmfKDwX
zXoviMRfD7TGgYVUzMTl/fmgJ3SBZy2B4a93hcMnSITaXXUBxn2+0Zy/y6B5Gb0i
tlj4hMf4PWqlIihAE6IUerQ6C1fAfeDmUdIB/kR3mFnqylbGSKJIHxp1a7jRsL4E
6AF33sycj2v7gmAQG4bkNfOdDRgL/pHxbEqg/6/+yJgIaY2n9zex2lfMkFCbJcyL
ry75i6Y0RF/nAvBMErikva38zz1lgUaqRxa+rk8ESJyqgoLAPIN4h/clEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAR0LiOhPpGPZmSQLYiQqYIQ22LzMB8GA1UdIwQY
MBaAFKoQvpkfPbiVCXEMIGdt96ikv+G0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTct
MTgzZTJlNzIzMDFiLzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTctMTgzZTJlNzIzMDFi
LzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrnSIJoK
hjdxN88Y8GwqrAef2JS6kuzQm1OVpVe2bjjhxmD5+L6T6FVEilXkj9rHorZxstXg
OxwvQoK/Wo/uDsZ00vH/hn1YLS7jAMXz3igFosM1qNU0sS+RFxidmGRZj+/QMTFJ
aH+/HFf/43Q8mzuFAUUdB4omgjqWKmlr3nlt/hvPuCc8o2OUb9oh9tKycnwRGlfd
V6SyWP5Sy081DSGUELiTF3lpnMEOfqnbICRUA3XYZq4k0vPXzh6FYGdQINkWhJ9m
vO1wr+OhnPkOCefqJVTtkKzpjd/2NuIHN3ut/7WOPPlNj2d4jnbN4gnnY1Uv+T1B
0wVEb1V1d5NDPw==
-----END CERTIFICATE-----