Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
File:                     QFphtYwdUt5SLgQQCcv80fflK3w.mft (raw, json)
Hash identifier:          psCI6SwOLJs9ijht5a8/WTEan/Ble9qIqmsKUVzqMHA=
Subject key identifier:   B7:40:6E:FC:E7:F3:E4:EB:A1:00:38:2A:40:50:06:98:FB:0D:02:B0
Authority key identifier: 40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C
Certificate issuer:       /CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
Certificate serial:       019918088483B8688C52DA4ED35297DA7985
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
Manifest number:          1166
Signing time:             Fri 05 Sep 2025 04:00:35 +0000
Manifest this update:     Fri 05 Sep 2025 04:00:35 +0000
Manifest next update:     Sat 06 Sep 2025 04:00:35 +0000
Files and hashes:         1: QFphtYwdUt5SLgQQCcv80fflK3w.crl (hash: UIhCi2klUCg4qtTV1uiCa1fLp6fWG8CkJvOAUX4jX9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:08:84:83:b8:68:8c:52:da:4e:d3:52:97:da:79:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
        Validity
            Not Before: Sep  5 04:00:35 2025 GMT
            Not After : Sep  6 04:00:35 2025 GMT
        Subject: CN=b7406efce7f3e4eba100382a40500698fb0d02b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:f0:32:74:34:1b:72:62:65:d2:16:f8:d1:5c:
                    03:70:ab:93:26:ff:58:b2:19:9c:d3:bd:76:69:b8:
                    41:24:d1:b0:89:54:41:2e:d8:f9:86:06:31:bc:00:
                    ae:b6:31:ea:fd:7d:f3:64:9f:12:0e:5d:a6:04:76:
                    b7:7a:49:2e:9d:a1:28:40:23:b7:29:f1:09:eb:1c:
                    25:27:bb:94:cf:17:7a:d6:9e:36:0c:6e:85:a2:be:
                    8b:bd:ab:90:50:06:d8:16:b5:88:25:24:80:24:a0:
                    1d:b5:3d:fb:fa:e0:80:33:a7:b3:d0:75:d8:86:44:
                    10:d1:24:d5:c0:c3:9c:ac:33:2e:e0:38:18:35:ef:
                    b7:ad:63:79:d0:41:92:a6:2d:70:5c:01:6f:e5:43:
                    ef:63:c4:85:d3:d7:51:81:a3:ec:97:c0:a4:9a:21:
                    86:b3:59:33:fa:dd:c0:8b:a7:86:af:fc:08:fe:3b:
                    db:4e:eb:2b:29:07:44:2b:80:ad:60:5a:de:2c:22:
                    4c:b1:dc:0b:63:80:1c:51:3e:b5:45:47:cc:42:a7:
                    5a:f4:9f:7c:16:e5:20:01:ab:3d:1a:2d:91:2d:af:
                    44:ac:4a:8e:18:f6:90:1f:a1:11:60:5a:34:a6:8a:
                    ac:3b:55:7f:4d:fd:7b:bb:76:92:b5:a1:b3:f1:9e:
                    0f:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:40:6E:FC:E7:F3:E4:EB:A1:00:38:2A:40:50:06:98:FB:0D:02:B0
            X509v3 Authority Key Identifier:
                keyid:40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:a2:c2:11:bb:cf:c4:82:ef:ab:e4:70:33:63:9b:85:4c:83:
         3b:8d:85:37:ca:f3:f7:24:d1:15:92:62:80:e8:48:e1:35:35:
         ec:02:3a:dd:24:5f:b6:ea:0f:48:f3:eb:77:04:84:54:bc:8e:
         09:e8:65:d5:1e:df:cc:86:2d:31:ab:19:3c:f5:28:89:56:a5:
         ec:7c:a7:96:6a:a2:9f:15:b1:56:ec:aa:81:81:3f:73:9a:91:
         aa:7b:e9:66:37:23:08:3d:fa:d6:d1:cd:69:9f:1d:b7:13:d0:
         ad:43:3f:1c:78:fe:26:b3:d1:64:d9:d8:c8:b2:4d:bd:42:62:
         8c:80:5f:4c:81:0b:c5:ae:78:97:8e:3d:b4:b3:37:d7:f6:9d:
         9a:80:01:af:a6:b0:25:b0:94:de:4c:dd:d2:5b:f9:4e:6f:fe:
         14:3d:65:1d:e8:3f:3a:de:7c:6f:46:2f:07:6e:dc:1c:fc:49:
         28:96:d2:4e:9f:a0:fc:00:75:9e:34:2c:98:60:d4:ff:7b:5f:
         2f:8d:eb:24:b8:4a:b9:78:f0:3c:3f:f2:94:8d:e7:e4:57:f2:
         9c:98:55:5a:86:a2:6f:4f:f4:6c:cc:fe:65:82:d1:47:22:4f:
         37:a5:bc:2d:23:0d:fc:b1:a7:2c:05:36:c4:65:15:7c:53:3e:
         e0:78:b6:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCISDuGiMUtpO01KX2nmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWE2MWI1OGMxZDUyZGU1MjJlMDQxMDA5Y2JmY2QxZjdl
NTJiN2MwHhcNMjUwOTA1MDQwMDM1WhcNMjUwOTA2MDQwMDM1WjAzMTEwLwYDVQQD
EyhiNzQwNmVmY2U3ZjNlNGViYTEwMDM4MmE0MDUwMDY5OGZiMGQwMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PAydDQbcmJl0hb40VwDcKuTJv9Y
shmc0712abhBJNGwiVRBLtj5hgYxvACutjHq/X3zZJ8SDl2mBHa3ekkunaEoQCO3
KfEJ6xwlJ7uUzxd61p42DG6For6LvauQUAbYFrWIJSSAJKAdtT37+uCAM6ez0HXY
hkQQ0STVwMOcrDMu4DgYNe+3rWN50EGSpi1wXAFv5UPvY8SF09dRgaPsl8CkmiGG
s1kz+t3Ai6eGr/wI/jvbTusrKQdEK4CtYFreLCJMsdwLY4AcUT61RUfMQqda9J98
FuUgAas9Gi2RLa9ErEqOGPaQH6ERYFo0poqsO1V/Tf17u3aStaGz8Z4P9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdAbvzn8+TroQA4KkBQBpj7DQKwMB8GA1UdIwQY
MBaAFEBaYbWMHVLeUi4EEAnL/NH35St8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTct
ZmUwMTMzY2RhNTM1LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTctZmUwMTMzY2RhNTM1
LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjKLCEbvP
xILvq+RwM2ObhUyDO42FN8rz9yTRFZJigOhI4TU17AI63SRftuoPSPPrdwSEVLyO
Cehl1R7fzIYtMasZPPUoiVal7HynlmqinxWxVuyqgYE/c5qRqnvpZjcjCD361tHN
aZ8dtxPQrUM/HHj+JrPRZNnYyLJNvUJijIBfTIELxa54l449tLM31/admoABr6aw
JbCU3kzd0lv5Tm/+FD1lHeg/Ot58b0YvB27cHPxJKJbSTp+g/AB1njQsmGDU/3tf
L43rJLhKuXjwPD/ylI3n5FfynJhVWoaib0/0bMz+ZYLRRyJPN6W8LSMN/LGnLAU2
xGUVfFM+4Hi2wQ==
-----END CERTIFICATE-----