Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
File:                     qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json)
Hash identifier:          gPGUHmrcS6c76dI9EGzH8YrLgWjRnzIMnUx78wG1jEY=
Subject key identifier:   3D:06:34:5B:7B:E1:8B:2B:71:1C:2A:AC:E6:AB:0F:94:CB:04:E3:D1
Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD
Certificate issuer:       /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
Certificate serial:       01974967DA58E9383D7C174FAABE56B00473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
Manifest number:          0822
Signing time:             Sat 07 Jun 2025 08:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:32 +0000
Files and hashes:         1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: QS8JVX72eFS72cCel2Z8LQy95jHoxQzDvk4OkK29Wrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:da:58:e9:38:3d:7c:17:4f:aa:be:56:b0:04:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
        Validity
            Not Before: Jun  7 08:00:32 2025 GMT
            Not After : Jun  8 08:00:32 2025 GMT
        Subject: CN=3d06345b7be18b2b711c2aace6ab0f94cb04e3d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8b:30:8d:3d:c1:7b:20:9d:8c:86:17:9c:2c:
                    90:fc:80:97:b3:40:34:52:0d:69:38:3e:a3:5b:4d:
                    a5:79:ea:5d:9e:50:96:d8:35:31:72:13:20:ee:98:
                    cc:d7:89:cd:b8:dd:c0:3d:5d:1c:84:56:11:d1:11:
                    ab:91:75:36:b0:1b:3a:3f:40:21:55:f1:2a:63:99:
                    c4:73:d2:69:2e:ac:5b:9d:82:40:34:c4:5d:88:c3:
                    aa:c8:90:d7:c9:95:32:69:54:2b:87:19:56:d9:e0:
                    d0:ee:06:62:23:52:e0:76:33:fa:bc:7f:44:be:39:
                    02:11:47:a7:a6:8d:0a:b6:5f:84:ea:40:b0:75:90:
                    15:0b:8d:69:e1:3c:02:01:69:11:6f:eb:5c:2e:e3:
                    e7:d5:00:99:b8:9a:f4:f0:a1:21:42:ae:ac:4a:51:
                    dd:38:2e:ea:61:51:16:9b:af:84:a5:81:4f:03:6d:
                    34:19:6b:d4:7f:fc:7f:e1:4e:98:f6:1b:a7:36:bc:
                    02:58:ed:7e:2d:df:3c:47:1f:2f:5e:16:79:10:a5:
                    02:8f:78:be:27:49:87:35:96:0f:93:da:e4:07:ac:
                    78:31:4d:ab:98:9c:d7:61:4d:6c:0e:08:d7:7d:1a:
                    55:a8:ba:8d:09:09:4f:30:4b:56:f9:f0:44:f4:c2:
                    a2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:06:34:5B:7B:E1:8B:2B:71:1C:2A:AC:E6:AB:0F:94:CB:04:E3:D1
            X509v3 Authority Key Identifier:
                keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:ea:40:82:72:24:79:57:31:c5:bf:49:63:6c:24:42:42:aa:
         9b:46:e8:2d:28:dd:f4:0d:f2:5e:12:fe:ff:b5:5d:52:c9:ba:
         74:42:97:77:8d:b0:e6:63:94:08:8d:44:0e:34:15:2f:83:cf:
         cc:bd:03:ef:2e:83:9b:41:81:74:e1:fe:70:2a:34:23:4f:1a:
         66:fc:f9:2b:03:79:d3:c9:de:9b:4a:c1:ca:7c:dc:87:8a:46:
         60:42:31:e5:da:2e:55:84:c4:ba:43:ef:1a:b8:ca:03:6b:b2:
         e7:9d:a0:b6:2c:79:42:a7:b2:94:8e:b1:c8:08:46:8b:28:f4:
         27:b3:5c:bf:bb:e1:c4:e8:3c:fe:f1:56:35:90:42:16:96:a8:
         13:d6:4e:f9:0c:26:50:b7:07:28:11:53:5a:4d:3c:f1:c8:8c:
         b0:5d:8a:9c:b4:03:04:52:d1:8a:41:4f:a2:f4:7c:b7:81:cd:
         25:65:9e:77:c1:0d:57:ee:c5:b7:b8:0c:b8:ac:95:b0:7f:f9:
         c2:dd:f2:35:e0:7b:82:82:c1:51:7d:42:27:f0:10:64:4b:38:
         88:4c:11:55:26:a4:ed:a4:d2:8a:8f:a5:70:31:27:91:9c:48:
         1d:5a:1e:51:39:92:73:db:77:1b:1d:f0:3a:8c:91:2b:2d:3a:
         cf:bc:b1:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ9pY6Tg9fBdPqr5WsARzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl
NjAzY2QwHhcNMjUwNjA3MDgwMDMyWhcNMjUwNjA4MDgwMDMyWjAzMTEwLwYDVQQD
EygzZDA2MzQ1YjdiZTE4YjJiNzExYzJhYWNlNmFiMGY5NGNiMDRlM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAposwjT3BeyCdjIYXnCyQ/ICXs0A0
Ug1pOD6jW02leepdnlCW2DUxchMg7pjM14nNuN3APV0chFYR0RGrkXU2sBs6P0Ah
VfEqY5nEc9JpLqxbnYJANMRdiMOqyJDXyZUyaVQrhxlW2eDQ7gZiI1LgdjP6vH9E
vjkCEUenpo0Ktl+E6kCwdZAVC41p4TwCAWkRb+tcLuPn1QCZuJr08KEhQq6sSlHd
OC7qYVEWm6+EpYFPA200GWvUf/x/4U6Y9hunNrwCWO1+Ld88Rx8vXhZ5EKUCj3i+
J0mHNZYPk9rkB6x4MU2rmJzXYU1sDgjXfRpVqLqNCQlPMEtW+fBE9MKiFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0GNFt74YsrcRwqrOarD5TLBOPRMB8GA1UdIwQY
MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt
ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl
LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARupAgnIk
eVcxxb9JY2wkQkKqm0boLSjd9A3yXhL+/7VdUsm6dEKXd42w5mOUCI1EDjQVL4PP
zL0D7y6Dm0GBdOH+cCo0I08aZvz5KwN508nem0rBynzch4pGYEIx5douVYTEukPv
GrjKA2uy552gtix5QqeylI6xyAhGiyj0J7Ncv7vhxOg8/vFWNZBCFpaoE9ZO+Qwm
ULcHKBFTWk088ciMsF2KnLQDBFLRikFPovR8t4HNJWWed8ENV+7Ft7gMuKyVsH/5
wt3yNeB7goLBUX1CJ/AQZEs4iEwRVSak7aTSio+lcDEnkZxIHVoeUTmSc9t3Gx3w
OoyRKy06z7yxsQ==
-----END CERTIFICATE-----