Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File:                     qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier:          AduJqJ6A+7bczNoVRE5LpzvtFNnuHFT58vicnqfRZqY=
Subject key identifier:   91:31:D7:D1:94:61:3E:48:12:7B:8B:2A:7F:E1:A0:88:C9:67:1E:F3
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer:       /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial:       01974A7AE30BF1683BB951B14F97FA8DAE79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 13:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:56 +0000
Files and hashes:         1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: lfbFlaCUDMvmgHScWYhDtB8fM9b1vlrRx8Xt4f+LEOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:e3:0b:f1:68:3b:b9:51:b1:4f:97:fa:8d:ae:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
        Validity
            Not Before: Jun  7 13:00:56 2025 GMT
            Not After : Jun  8 13:00:56 2025 GMT
        Subject: CN=9131d7d194613e48127b8b2a7fe1a088c9671ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5e:a7:a1:07:97:25:e9:cb:dc:0f:33:f8:4d:
                    2a:f4:20:57:de:fd:98:ab:8c:46:50:98:0b:10:0c:
                    33:cd:71:bb:cf:27:2b:f1:6a:14:b3:2f:b6:51:3f:
                    02:52:89:ab:d3:bf:ad:29:5f:bb:b3:70:9d:03:24:
                    d1:30:09:54:e9:3c:11:ae:9a:e1:e5:c9:5e:88:66:
                    60:f7:0d:8a:9b:ef:84:e3:2c:fa:1d:b3:4b:0d:cf:
                    b4:bd:fc:f3:85:96:f2:5c:36:fd:4d:42:2b:b8:29:
                    34:97:58:33:3e:9e:7c:da:f7:31:5e:45:86:3c:83:
                    0e:b6:a6:43:a3:18:d8:22:28:c0:9f:bc:80:bc:81:
                    61:95:e1:f6:d7:d9:2e:06:96:05:ca:2b:e0:7f:53:
                    22:37:6f:fc:18:8d:a0:24:8a:79:19:a9:bb:45:6b:
                    05:c6:8e:67:02:76:fa:6a:bf:ad:90:02:5b:39:c5:
                    97:32:59:b1:57:97:7f:9d:4e:7b:d2:fb:23:0c:18:
                    16:83:f2:7d:30:00:eb:27:4a:dd:75:8d:cc:df:df:
                    28:cb:55:c5:16:7e:40:d4:90:27:0c:b1:2c:ea:5b:
                    81:ff:2d:9c:c6:08:67:dc:bb:e9:7b:e4:cb:6b:76:
                    db:9f:83:55:9a:29:04:55:59:be:7a:6d:ac:0a:14:
                    43:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:31:D7:D1:94:61:3E:48:12:7B:8B:2A:7F:E1:A0:88:C9:67:1E:F3
            X509v3 Authority Key Identifier:
                keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:b5:7f:2b:23:1d:d8:a3:90:8f:32:10:ae:c3:cb:f0:c9:4c:
         a7:5d:ae:30:7d:ba:81:94:9d:cf:f4:2b:60:5d:50:c6:ce:4a:
         e4:9c:17:80:e6:0a:87:36:32:f8:4a:98:b7:bf:fc:13:a1:25:
         05:9c:1d:cb:95:2a:2a:99:a0:a4:5d:ed:5a:6c:2e:02:2b:58:
         42:21:ea:72:bf:2c:28:c6:0c:a7:c9:b7:a7:e0:c5:75:88:88:
         e5:47:62:88:97:06:54:16:49:05:b5:53:eb:94:7a:6c:eb:73:
         bb:c9:82:20:c2:c7:06:36:e7:26:f3:2a:32:ae:1e:61:a7:f6:
         34:6d:b1:c7:cd:22:e6:c9:98:a6:ac:a5:c3:b4:51:29:07:d4:
         56:27:dd:af:bd:74:1d:e2:bd:52:5f:ce:5f:95:c9:e6:17:aa:
         e7:e3:07:f6:16:4f:99:5c:95:7a:1e:3d:18:f4:1c:49:8e:3c:
         e8:fb:41:66:22:d4:69:55:eb:1c:e0:c3:d6:1b:4b:98:83:c6:
         8b:02:ff:f4:1d:f4:b4:01:90:98:51:8e:75:cf:26:c8:20:c9:
         1c:83:d1:df:d6:40:34:55:e5:0b:39:b6:72:f3:7b:e4:f2:b6:
         cf:5b:03:90:23:88:22:17:b2:15:1c:bd:1a:e8:6f:38:63:4c:
         6a:8c:0e:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeuML8Wg7uVGxT5f6ja55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjUwNjA3MTMwMDU2WhcNMjUwNjA4MTMwMDU2WjAzMTEwLwYDVQQD
Eyg5MTMxZDdkMTk0NjEzZTQ4MTI3YjhiMmE3ZmUxYTA4OGM5NjcxZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl6noQeXJenL3A8z+E0q9CBX3v2Y
q4xGUJgLEAwzzXG7zycr8WoUsy+2UT8CUomr07+tKV+7s3CdAyTRMAlU6TwRrprh
5cleiGZg9w2Km++E4yz6HbNLDc+0vfzzhZbyXDb9TUIruCk0l1gzPp582vcxXkWG
PIMOtqZDoxjYIijAn7yAvIFhleH219kuBpYFyivgf1MiN2/8GI2gJIp5Gam7RWsF
xo5nAnb6ar+tkAJbOcWXMlmxV5d/nU570vsjDBgWg/J9MADrJ0rddY3M398oy1XF
Fn5A1JAnDLEs6luB/y2cxghn3Lvpe+TLa3bbn4NVmikEVVm+em2sChRDTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEx19GUYT5IEnuLKn/hoIjJZx7zMB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7V/KyMd
2KOQjzIQrsPL8MlMp12uMH26gZSdz/QrYF1Qxs5K5JwXgOYKhzYy+EqYt7/8E6El
BZwdy5UqKpmgpF3tWmwuAitYQiHqcr8sKMYMp8m3p+DFdYiI5UdiiJcGVBZJBbVT
65R6bOtzu8mCIMLHBjbnJvMqMq4eYaf2NG2xx80i5smYpqylw7RRKQfUVifdr710
HeK9Ul/OX5XJ5heq5+MH9hZPmVyVeh49GPQcSY486PtBZiLUaVXrHODD1htLmIPG
iwL/9B30tAGQmFGOdc8myCDJHIPR39ZANFXlCzm2cvN75PK2z1sDkCOIIheyFRy9
GuhvOGNMaowOMg==
-----END CERTIFICATE-----