Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          rYKHClRAGwAZjGkjKfmLtO4UCw3+XQFKwjcs9xik5jc=
Subject key identifier:   54:0C:57:BE:0A:9B:38:2D:BA:5A:0B:DC:A5:A3:82:2C:3C:8F:5B:55
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       01958BBBB187D77F8163EC5199AB14D269FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          0CFA
Signing time:             Wed 12 Mar 2025 19:01:28 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:28 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:28 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: +K8lSUk5kIsydj/2eUhI0/WB1Jq9XRDMDWyfX5nO80c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:b1:87:d7:7f:81:63:ec:51:99:ab:14:d2:69:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: Mar 12 19:01:28 2025 GMT
            Not After : Mar 13 19:01:28 2025 GMT
        Subject: CN=540c57be0a9b382dba5a0bdca5a3822c3c8f5b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:14:e1:d8:b4:28:08:51:7a:61:02:30:63:94:
                    0e:e7:50:4a:4a:db:de:50:bd:8f:40:18:b8:d9:22:
                    65:ff:0e:d0:2d:a4:93:a4:a6:50:02:7d:d5:70:35:
                    69:7a:3e:00:cf:27:2b:f6:9f:07:39:5e:78:e2:cf:
                    54:d9:e1:87:58:16:fa:4d:a0:21:5e:71:20:ca:27:
                    0b:6d:bc:c3:6a:f8:f5:97:e1:1e:35:f0:9f:84:14:
                    65:69:e7:9d:b6:af:58:20:83:f7:dc:24:84:e2:c2:
                    d6:d4:1b:80:5e:a0:7f:b5:af:2e:0e:5d:3f:08:21:
                    3a:08:53:05:1c:39:c4:32:70:38:3c:db:93:31:1d:
                    6d:40:a1:21:b6:4b:4e:66:b2:07:ec:3d:17:b8:6d:
                    d0:ae:8f:5b:b3:76:da:eb:5a:5f:69:9e:1b:b2:66:
                    79:3a:05:89:0d:f3:20:27:f0:30:ab:f3:c4:e9:23:
                    3c:bb:e8:96:c3:fd:af:46:ef:25:5c:19:2c:d3:fc:
                    7a:d5:95:5f:d7:52:49:5c:42:44:1f:c6:38:43:a3:
                    c7:c3:b4:d4:9d:06:15:75:f0:a3:c6:cb:f0:67:a7:
                    69:39:35:81:68:1e:aa:22:f1:cb:c1:77:4b:88:0d:
                    88:68:c0:b5:d9:c5:67:e9:a3:3b:b2:3c:e3:79:40:
                    b8:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:0C:57:BE:0A:9B:38:2D:BA:5A:0B:DC:A5:A3:82:2C:3C:8F:5B:55
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2f:29:14:0a:04:4c:a2:d5:fe:fa:41:22:76:c7:eb:24:c3:
         52:77:8b:ae:6f:25:87:51:00:1c:76:25:5e:87:95:b6:ac:3c:
         41:fd:30:2e:61:a7:a3:0e:54:26:1f:58:98:0a:95:16:9b:25:
         bf:75:6a:03:b6:ff:7e:ef:cf:85:d4:69:fa:3d:f5:0b:83:9f:
         e5:0a:1d:1e:48:91:91:8b:00:7e:32:47:48:78:91:da:7e:4f:
         b1:88:2a:43:ea:f5:75:62:18:69:fc:62:4b:6a:c2:3a:60:9d:
         d6:86:d8:73:22:47:f4:2a:a8:c5:97:c2:10:81:ba:fb:0c:84:
         0e:b3:61:dd:28:3e:ef:07:ba:6a:de:15:93:58:e3:40:82:10:
         87:5c:bb:7b:00:53:67:5c:e9:66:b8:00:87:e6:58:7a:73:cd:
         fa:ea:ab:8e:35:0b:a2:a0:47:95:07:7e:a6:36:32:29:47:73:
         31:fd:18:a3:c3:62:f0:9e:dc:3d:aa:9c:1e:52:fb:bd:17:32:
         8a:af:22:f6:46:1b:52:26:8e:8f:fc:cb:16:65:6f:ff:6f:95:
         02:d4:dd:25:03:5e:65:97:7b:1e:2c:94:8f:f2:b4:eb:8c:60:
         4c:a3:41:24:36:c7:63:0e:4c:b9:94:50:04:01:d7:08:a4:bd:
         18:c1:a8:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu7GH13+BY+xRmasU0mn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjUwMzEyMTkwMTI4WhcNMjUwMzEzMTkwMTI4WjAzMTEwLwYDVQQD
Eyg1NDBjNTdiZTBhOWIzODJkYmE1YTBiZGNhNWEzODIyYzNjOGY1YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hTh2LQoCFF6YQIwY5QO51BKStve
UL2PQBi42SJl/w7QLaSTpKZQAn3VcDVpej4Azycr9p8HOV544s9U2eGHWBb6TaAh
XnEgyicLbbzDavj1l+EeNfCfhBRlaeedtq9YIIP33CSE4sLW1BuAXqB/ta8uDl0/
CCE6CFMFHDnEMnA4PNuTMR1tQKEhtktOZrIH7D0XuG3Qro9bs3ba61pfaZ4bsmZ5
OgWJDfMgJ/Awq/PE6SM8u+iWw/2vRu8lXBks0/x61ZVf11JJXEJEH8Y4Q6PHw7TU
nQYVdfCjxsvwZ6dpOTWBaB6qIvHLwXdLiA2IaMC12cVn6aM7sjzjeUC4hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQMV74KmzgtuloL3KWjgiw8j1tVMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANC8pFAoE
TKLV/vpBInbH6yTDUneLrm8lh1EAHHYlXoeVtqw8Qf0wLmGnow5UJh9YmAqVFpsl
v3VqA7b/fu/PhdRp+j31C4Of5QodHkiRkYsAfjJHSHiR2n5PsYgqQ+r1dWIYafxi
S2rCOmCd1obYcyJH9CqoxZfCEIG6+wyEDrNh3Sg+7we6at4Vk1jjQIIQh1y7ewBT
Z1zpZrgAh+ZYenPN+uqrjjULoqBHlQd+pjYyKUdzMf0Yo8Ni8J7cPaqcHlL7vRcy
iq8i9kYbUiaOj/zLFmVv/2+VAtTdJQNeZZd7HiyUj/K064xgTKNBJDbHYw5MuZRQ
BAHXCKS9GMGowA==
-----END CERTIFICATE-----