Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          +8UDxnspu+5buFMH7XhyGj4sBVc4ISGN1TTFFa9tRL0=
Subject key identifier:   59:39:2D:9C:4A:46:67:A0:A9:7F:26:04:24:D1:62:D8:34:14:CC:81
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       0199176477B6C4EDEA5E5D62628A347F3C5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          0ED0
Signing time:             Fri 05 Sep 2025 01:01:24 +0000
Manifest this update:     Fri 05 Sep 2025 01:01:24 +0000
Manifest next update:     Sat 06 Sep 2025 01:01:24 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: l5yj363tzyrnT14RwDLQ4sTEpZVDn+VLH/APEyZ7RD8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:64:77:b6:c4:ed:ea:5e:5d:62:62:8a:34:7f:3c:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: Sep  5 01:01:24 2025 GMT
            Not After : Sep  6 01:01:24 2025 GMT
        Subject: CN=59392d9c4a4667a0a97f260424d162d83414cc81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4e:6d:f4:50:69:ca:ba:cf:c9:cd:8e:46:f7:
                    1f:b1:bd:b4:0c:dd:3a:40:27:42:04:ed:ee:87:c3:
                    68:fc:92:58:4f:78:c0:62:d7:ed:37:2c:d5:8b:60:
                    bb:63:d9:06:72:e8:c9:8c:1b:e5:09:60:19:30:98:
                    6a:f6:9d:69:6e:28:02:0a:6b:0d:ff:b2:71:31:13:
                    e2:7f:e7:85:07:58:55:59:d6:0e:a6:1a:83:ae:3a:
                    7e:52:e2:10:44:06:fd:34:9c:c7:1a:c9:95:15:85:
                    37:27:e2:b8:44:6c:b6:47:9f:39:be:f8:cd:2b:e7:
                    c6:28:2b:4b:f8:5b:74:f4:d6:34:52:a6:63:54:71:
                    56:9f:db:5e:07:5d:18:36:ad:bd:cc:35:3c:19:37:
                    fe:c2:be:1b:fc:79:7f:39:50:f6:7d:37:9e:9b:12:
                    07:68:a4:a8:85:af:c9:ef:af:08:f9:b7:a1:bd:23:
                    7b:c7:6d:28:1a:6f:7d:c9:75:5e:a8:a0:97:c5:73:
                    8f:3f:a8:79:b0:a1:2e:ab:90:21:99:93:7b:d4:b2:
                    eb:10:80:24:43:a4:05:66:84:46:9b:d1:bf:94:6b:
                    8b:6c:9b:33:8d:04:92:bf:3e:b7:ee:ab:be:cd:56:
                    0c:99:09:ce:55:8c:72:88:2c:fa:66:6d:5f:88:34:
                    81:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:39:2D:9C:4A:46:67:A0:A9:7F:26:04:24:D1:62:D8:34:14:CC:81
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:68:04:bc:9b:24:9e:8a:38:50:36:88:7f:c4:e8:55:47:d6:
         50:96:1f:39:0e:ca:53:f7:aa:73:83:33:b4:60:f7:80:86:69:
         d7:fa:c4:40:79:d8:b8:a9:c8:d4:a7:02:ed:51:74:4d:d9:6a:
         ba:cd:f7:c0:6b:6e:cd:d3:f4:e8:b0:15:9b:f5:ea:42:c2:ca:
         d6:55:a9:13:b8:3a:df:46:b3:fb:96:7c:45:01:38:cb:95:db:
         43:19:01:77:b8:08:ad:cd:78:ee:d5:9b:2c:34:ef:91:50:8d:
         d6:11:65:40:a4:bc:c5:e2:09:50:ae:71:a1:d4:53:24:79:d0:
         e7:59:81:b7:63:e6:3a:6d:ef:77:25:99:f8:91:1d:a4:6d:c9:
         a0:d9:38:62:c0:1b:56:38:ce:d4:16:08:fe:89:93:a4:51:e2:
         71:37:47:de:27:78:6e:75:6f:b4:b1:82:dd:7b:e2:d0:3b:1d:
         be:54:eb:45:56:5e:ac:ff:8c:11:39:b6:0d:6d:f2:49:dd:ac:
         1e:73:cb:06:cd:67:d4:65:1d:5c:40:f0:50:22:f8:ee:da:75:
         86:34:c3:54:0f:29:ad:4b:62:51:9a:a6:2b:b8:65:3d:52:28:
         cf:de:81:d8:fc:16:58:65:4b:3f:82:2b:c4:60:0e:49:68:55:
         37:fc:ae:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXZHe2xO3qXl1iYoo0fzxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjUwOTA1MDEwMTI0WhcNMjUwOTA2MDEwMTI0WjAzMTEwLwYDVQQD
Eyg1OTM5MmQ5YzRhNDY2N2EwYTk3ZjI2MDQyNGQxNjJkODM0MTRjYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt05t9FBpyrrPyc2ORvcfsb20DN06
QCdCBO3uh8No/JJYT3jAYtftNyzVi2C7Y9kGcujJjBvlCWAZMJhq9p1pbigCCmsN
/7JxMRPif+eFB1hVWdYOphqDrjp+UuIQRAb9NJzHGsmVFYU3J+K4RGy2R585vvjN
K+fGKCtL+Ft09NY0UqZjVHFWn9teB10YNq29zDU8GTf+wr4b/Hl/OVD2fTeemxIH
aKSoha/J768I+behvSN7x20oGm99yXVeqKCXxXOPP6h5sKEuq5AhmZN71LLrEIAk
Q6QFZoRGm9G/lGuLbJszjQSSvz637qu+zVYMmQnOVYxyiCz6Zm1fiDSBmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFk5LZxKRmegqX8mBCTRYtg0FMyBMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL2gEvJsk
noo4UDaIf8ToVUfWUJYfOQ7KU/eqc4MztGD3gIZp1/rEQHnYuKnI1KcC7VF0Tdlq
us33wGtuzdP06LAVm/XqQsLK1lWpE7g630az+5Z8RQE4y5XbQxkBd7gIrc147tWb
LDTvkVCN1hFlQKS8xeIJUK5xodRTJHnQ51mBt2PmOm3vdyWZ+JEdpG3JoNk4YsAb
VjjO1BYI/omTpFHicTdH3id4bnVvtLGC3Xvi0DsdvlTrRVZerP+METm2DW3ySd2s
HnPLBs1n1GUdXEDwUCL47tp1hjTDVA8prUtiUZqmK7hlPVIoz96B2PwWWGVLP4Ir
xGAOSWhVN/yufQ==
-----END CERTIFICATE-----