Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
File:                     Q9JznRqU2rlXbiF80N-FdyBLIwA.mft (raw, json)
Hash identifier:          dTfbYQB/sMdEYU2EObagKxVBNSfaI4KqN2OUu4mKY8U=
Subject key identifier:   5C:9A:CB:D4:AA:BD:F7:B7:2B:B9:DC:91:3C:81:06:A5:12:C8:55:31
Authority key identifier: 43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00
Certificate issuer:       /CN=43d2739d1a94dab9576e217cd0df8577204b2300
Certificate serial:       01974E207C86BC67A1C0A60E2D1C1CD2EE07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
Manifest number:          02D6
Signing time:             Sun 08 Jun 2025 06:00:41 +0000
Manifest this update:     Sun 08 Jun 2025 06:00:41 +0000
Manifest next update:     Mon 09 Jun 2025 06:00:41 +0000
Files and hashes:         1: Q9JznRqU2rlXbiF80N-FdyBLIwA.crl (hash: C1ESuTjEeBsYfeAiIPVwY3zBJ8nJVB9K/N7tAIlo9BY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 06:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:20:7c:86:bc:67:a1:c0:a6:0e:2d:1c:1c:d2:ee:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d2739d1a94dab9576e217cd0df8577204b2300
        Validity
            Not Before: Jun  8 06:00:41 2025 GMT
            Not After : Jun  9 06:00:41 2025 GMT
        Subject: CN=5c9acbd4aabdf7b72bb9dc913c8106a512c85531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:df:8c:11:69:c4:b7:7c:f6:07:08:58:7e:ec:
                    ce:21:ad:36:78:3d:f7:ec:97:6e:bb:91:ca:b0:07:
                    bf:af:7c:97:1c:1c:bc:a6:d6:b4:08:f3:76:f3:b3:
                    9e:eb:1a:03:8a:24:05:0c:5c:f8:3c:48:0d:22:8a:
                    92:6f:c9:6d:6d:c4:91:46:95:fe:d1:0c:c7:ee:a9:
                    c6:dd:ef:ab:c8:6e:3d:54:09:6b:bc:b8:e9:80:94:
                    6f:3d:53:aa:de:1e:79:c5:31:60:d5:64:fe:87:9b:
                    28:75:a0:f6:47:c8:ab:4e:ae:8c:62:e8:00:c9:c6:
                    9b:60:90:44:1a:a2:c6:20:94:f3:ba:a7:cf:90:aa:
                    c8:11:63:ff:32:e8:f6:78:69:c3:b1:8c:26:60:4b:
                    b4:d6:d3:3a:9d:7b:bc:3c:da:21:06:52:a8:07:c6:
                    86:4d:4d:ff:09:22:27:cf:ec:85:9e:3b:f6:73:57:
                    40:26:54:99:ac:77:ad:28:21:ba:cd:a2:b7:30:3f:
                    15:53:8f:e2:75:eb:a9:ce:2c:a7:37:dd:8c:ad:ec:
                    8d:e5:44:e5:c0:f2:32:2c:f2:15:97:eb:31:82:f0:
                    b9:83:47:a3:f2:0d:54:94:8e:14:a6:58:d0:f4:76:
                    5d:92:ed:a4:5c:42:d8:2a:69:0a:27:7a:f0:73:a6:
                    55:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:9A:CB:D4:AA:BD:F7:B7:2B:B9:DC:91:3C:81:06:A5:12:C8:55:31
            X509v3 Authority Key Identifier:
                keyid:43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:d4:ec:a9:84:07:d1:18:32:ff:fd:48:2a:6f:43:06:de:84:
         92:55:7b:46:f2:fc:80:8a:f4:85:3c:9f:2f:98:7f:95:6b:b7:
         d5:aa:55:c0:ac:0f:35:af:7f:18:40:e5:18:3f:36:16:d7:d5:
         43:18:17:ef:0d:4e:c6:50:6d:30:9f:64:89:a3:52:47:87:ae:
         8d:f7:40:82:b2:bb:24:d3:5f:a9:7f:7e:6c:1c:68:2d:81:7c:
         4b:2d:53:00:dd:e3:4f:07:66:57:8b:07:17:b3:0c:8b:13:3d:
         1f:62:00:b2:b7:d8:7b:48:74:99:03:79:42:01:ca:77:ec:65:
         45:87:4f:55:af:45:e1:de:3b:04:10:16:7a:b2:71:18:45:83:
         00:59:c9:9f:a5:04:74:f2:76:3e:b2:2b:76:36:d6:cb:1c:7d:
         51:62:ed:bf:4c:d0:19:05:af:b4:49:15:7c:76:e3:ad:2c:f9:
         63:8a:59:54:06:5e:f1:20:0d:d4:0d:0a:95:f6:f8:4c:48:db:
         19:4e:5a:b8:da:a9:85:aa:60:d5:4c:4d:15:ff:6b:3e:09:7c:
         c1:d1:41:c8:80:47:d3:52:20:42:ca:c7:5a:3c:fc:79:30:ce:
         b3:51:fe:23:0a:02:5c:de:8b:71:65:b8:be:62:d5:86:39:6b:
         64:cb:70:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIHyGvGehwKYOLRwc0u4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDI3MzlkMWE5NGRhYjk1NzZlMjE3Y2QwZGY4NTc3MjA0
YjIzMDAwHhcNMjUwNjA4MDYwMDQxWhcNMjUwNjA5MDYwMDQxWjAzMTEwLwYDVQQD
Eyg1YzlhY2JkNGFhYmRmN2I3MmJiOWRjOTEzYzgxMDZhNTEyYzg1NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9+MEWnEt3z2BwhYfuzOIa02eD33
7Jduu5HKsAe/r3yXHBy8pta0CPN287Oe6xoDiiQFDFz4PEgNIoqSb8ltbcSRRpX+
0QzH7qnG3e+ryG49VAlrvLjpgJRvPVOq3h55xTFg1WT+h5sodaD2R8irTq6MYugA
ycabYJBEGqLGIJTzuqfPkKrIEWP/Muj2eGnDsYwmYEu01tM6nXu8PNohBlKoB8aG
TU3/CSInz+yFnjv2c1dAJlSZrHetKCG6zaK3MD8VU4/ideupziynN92MreyN5UTl
wPIyLPIVl+sxgvC5g0ej8g1UlI4UpljQ9HZdku2kXELYKmkKJ3rwc6ZVfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyay9Sqvfe3K7nckTyBBqUSyFUxMB8GA1UdIwQY
MBaAFEPSc50alNq5V24hfNDfhXcgSyMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUt
YTQ0MzI2YTM5Zjk3LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUtYTQ0MzI2YTM5Zjk3
LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQNTsqYQH
0Rgy//1IKm9DBt6EklV7RvL8gIr0hTyfL5h/lWu31apVwKwPNa9/GEDlGD82FtfV
QxgX7w1OxlBtMJ9kiaNSR4eujfdAgrK7JNNfqX9+bBxoLYF8Sy1TAN3jTwdmV4sH
F7MMixM9H2IAsrfYe0h0mQN5QgHKd+xlRYdPVa9F4d47BBAWerJxGEWDAFnJn6UE
dPJ2PrIrdjbWyxx9UWLtv0zQGQWvtEkVfHbjrSz5Y4pZVAZe8SAN1A0Klfb4TEjb
GU5auNqphapg1UxNFf9rPgl8wdFByIBH01IgQsrHWjz8eTDOs1H+IwoCXN6LcWW4
vmLVhjlrZMtw8g==
-----END CERTIFICATE-----