Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          2LbqMuYfZOgN69G5xOmXPh2QEdZKo5ME82pke6UVX9g=
Subject key identifier:   EF:EF:56:0B:D3:8B:94:E2:13:CA:9E:E8:3F:94:24:36:38:84:D6:72
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       01974779BFE8B8D28788A075E286F7F65E86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0C4A
Signing time:             Fri 06 Jun 2025 23:00:50 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:50 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:50 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: E6CQWTHP7unIxy4WYHkkgxTeeHLwEjK36q5st/QcYNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:bf:e8:b8:d2:87:88:a0:75:e2:86:f7:f6:5e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Jun  6 23:00:50 2025 GMT
            Not After : Jun  7 23:00:50 2025 GMT
        Subject: CN=efef560bd38b94e213ca9ee83f9424363884d672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:06:21:20:0d:25:a7:de:4f:08:a6:2c:eb:c8:
                    4d:ed:32:73:c8:26:e7:7e:b9:aa:b3:e3:8a:70:0a:
                    c6:b6:2d:31:4f:a4:12:d1:a0:2e:9c:fe:53:69:43:
                    09:c2:b9:53:bd:ba:69:3f:36:be:a5:a7:8e:e4:b7:
                    c0:64:9b:10:d0:c8:20:72:64:98:d1:82:0f:e9:fd:
                    91:4d:0a:05:6d:da:a1:16:ce:0e:f1:f2:d9:6e:b2:
                    9a:92:e2:76:c3:f3:37:5c:59:0b:ff:f9:bb:9c:31:
                    d6:2f:7e:2b:81:dc:50:90:e0:37:f9:c3:b9:17:b1:
                    0c:a5:6d:a8:c1:48:3f:67:4e:97:a0:ba:6c:ed:c5:
                    57:83:c9:3a:e4:10:9b:74:f8:0f:0a:e6:21:08:4b:
                    38:24:06:fe:18:a6:45:4a:ea:87:6c:e4:92:a0:b2:
                    7b:3a:89:23:17:d6:46:50:44:45:44:1a:05:a0:ad:
                    99:af:2a:8f:d2:40:4c:dd:da:11:51:de:63:98:cf:
                    05:1a:81:20:cf:cc:25:46:4c:75:ed:b3:c0:26:b5:
                    0e:2b:1f:26:ed:94:16:99:93:b7:db:26:e1:12:e8:
                    7b:d9:af:fe:49:b0:37:85:df:84:ce:fd:41:30:c6:
                    77:42:b7:6e:78:8f:6b:3c:d7:14:8b:6c:85:42:2f:
                    45:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:EF:56:0B:D3:8B:94:E2:13:CA:9E:E8:3F:94:24:36:38:84:D6:72
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:93:0d:55:bc:e1:3f:a1:f1:a1:65:67:b2:f7:14:09:95:2c:
         4e:df:76:e5:6d:fc:91:ef:20:a2:a8:eb:60:75:b0:3c:2f:12:
         bb:af:c9:31:78:e4:36:54:75:c4:c8:98:27:dd:78:6e:4d:07:
         7f:46:9b:c4:bf:06:a9:c9:76:dc:b9:ae:e3:b1:e9:94:6c:fc:
         e9:49:67:60:1d:82:dd:35:87:bc:b9:dd:b6:78:26:a5:a7:f2:
         1a:6c:83:a5:78:bb:61:d4:13:48:59:67:95:4c:80:fc:43:35:
         68:9e:84:41:10:12:ea:bc:90:e2:ca:f0:3e:07:74:45:e8:fc:
         99:08:be:6c:21:ea:cc:ea:a0:bf:03:77:a2:a7:f4:1e:e3:ec:
         61:d0:e4:7a:ae:b6:9e:38:40:54:50:4e:ee:d8:16:8b:2c:fc:
         ff:9d:64:6e:9b:c7:a7:58:8f:85:63:18:50:e5:22:ef:1d:5a:
         f8:d0:bc:f3:1b:b4:da:96:c4:55:7e:a1:1d:75:1a:2f:48:fd:
         38:62:21:20:6a:08:93:5a:dc:eb:f2:95:a0:9a:34:ba:1a:8d:
         35:7b:a5:46:9d:89:2c:e7:30:29:99:87:2c:fd:0b:2a:9a:05:
         94:e9:2e:17:3c:73:6d:36:cb:c8:5a:8b:d8:35:49:b0:9f:99:
         c8:c4:81:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeb/ouNKHiKB14ob39l6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwNjA2MjMwMDUwWhcNMjUwNjA3MjMwMDUwWjAzMTEwLwYDVQQD
EyhlZmVmNTYwYmQzOGI5NGUyMTNjYTllZTgzZjk0MjQzNjM4ODRkNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgYhIA0lp95PCKYs68hN7TJzyCbn
frmqs+OKcArGti0xT6QS0aAunP5TaUMJwrlTvbppPza+paeO5LfAZJsQ0MggcmSY
0YIP6f2RTQoFbdqhFs4O8fLZbrKakuJ2w/M3XFkL//m7nDHWL34rgdxQkOA3+cO5
F7EMpW2owUg/Z06XoLps7cVXg8k65BCbdPgPCuYhCEs4JAb+GKZFSuqHbOSSoLJ7
OokjF9ZGUERFRBoFoK2ZryqP0kBM3doRUd5jmM8FGoEgz8wlRkx17bPAJrUOKx8m
7ZQWmZO32ybhEuh72a/+SbA3hd+Ezv1BMMZ3QrdueI9rPNcUi2yFQi9F+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/vVgvTi5TiE8qe6D+UJDY4hNZyMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJMNVbzh
P6HxoWVnsvcUCZUsTt925W38ke8goqjrYHWwPC8Su6/JMXjkNlR1xMiYJ914bk0H
f0abxL8Gqcl23Lmu47HplGz86UlnYB2C3TWHvLndtngmpafyGmyDpXi7YdQTSFln
lUyA/EM1aJ6EQRAS6ryQ4srwPgd0Rej8mQi+bCHqzOqgvwN3oqf0HuPsYdDkeq62
njhAVFBO7tgWiyz8/51kbpvHp1iPhWMYUOUi7x1a+NC88xu02pbEVX6hHXUaL0j9
OGIhIGoIk1rc6/KVoJo0uhqNNXulRp2JLOcwKZmHLP0LKpoFlOkuFzxzbTbLyFqL
2DVJsJ+ZyMSBYQ==
-----END CERTIFICATE-----