Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
File:                     QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft (raw, json)
Hash identifier:          ebZcpFIr8jaiQ6fRKgV1u2fyVPlY2B3QGjb4kK/e1mc=
Subject key identifier:   66:1C:10:50:B4:ED:22:79:00:AD:FF:A3:6B:49:0A:19:8D:6A:E4:81
Authority key identifier: 41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C
Certificate issuer:       /CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
Certificate serial:       019923A040BAE640AC5C95814169861FE710
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
Manifest number:          1602
Signing time:             Sun 07 Sep 2025 10:02:08 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:08 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:08 +0000
Files and hashes:         1: QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl (hash: mn+15vVAnuRk3LOqvs11A4d//BhQi+GiB8hTHu37ovU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:40:ba:e6:40:ac:5c:95:81:41:69:86:1f:e7:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
        Validity
            Not Before: Sep  7 10:02:08 2025 GMT
            Not After : Sep  8 10:02:08 2025 GMT
        Subject: CN=661c1050b4ed227900adffa36b490a198d6ae481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:81:62:71:10:fa:36:4d:18:68:12:24:9b:2b:
                    f5:4f:9d:34:14:98:a0:e6:d0:07:74:bb:fe:e1:9b:
                    e6:f3:3c:eb:ad:05:d5:86:60:48:32:0d:1c:72:af:
                    4a:d1:92:1e:8e:83:03:e8:3d:b2:37:63:5c:5b:e0:
                    f9:0f:5e:3b:54:70:ef:6d:21:e5:25:13:5a:91:62:
                    9c:63:dc:2d:5a:f4:1e:c4:51:24:c4:db:bf:3b:30:
                    a9:47:95:de:c7:18:55:72:8e:15:50:c3:11:e1:61:
                    21:a9:0b:7d:aa:1f:3c:72:6e:41:a0:7b:8f:88:4f:
                    df:3f:d8:fc:18:0e:23:6c:fd:8c:c0:51:51:a1:03:
                    21:a2:9f:68:31:47:a8:0f:74:9e:55:b2:c9:50:10:
                    4c:27:94:ba:f3:aa:a3:cf:89:8e:6a:8e:c8:be:cc:
                    60:d9:2c:65:1a:e8:27:e3:8d:0b:d5:95:24:a2:46:
                    b0:7b:bd:58:77:5e:d9:4b:9b:51:79:05:fb:f7:c7:
                    af:b9:14:bc:b9:7c:65:fb:19:1f:cb:ec:1e:74:3f:
                    2f:a3:e9:5a:de:8d:60:94:25:bd:a0:7d:8c:e6:fc:
                    e9:c2:77:30:37:fb:78:3f:f2:4b:6d:3b:e9:8e:2f:
                    32:0e:b0:55:9b:58:7b:14:be:53:db:90:71:5c:8f:
                    6c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:1C:10:50:B4:ED:22:79:00:AD:FF:A3:6B:49:0A:19:8D:6A:E4:81
            X509v3 Authority Key Identifier:
                keyid:41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:7f:e6:55:7e:c9:7b:bf:8c:18:19:96:84:7f:b9:cc:47:3a:
         8b:56:76:08:cf:cb:f9:2b:ec:5d:36:b9:29:a3:23:84:73:a5:
         6a:a8:69:ce:b4:79:d1:c2:44:48:b2:ac:20:67:4b:9c:19:2c:
         17:99:1e:73:2a:67:3d:28:17:71:1e:a5:73:ae:99:1c:af:97:
         9a:ec:73:1d:47:25:35:97:5a:7e:f7:34:8f:34:bd:b3:e0:d2:
         ed:1d:18:a3:0d:76:c3:29:d4:24:4d:6e:0c:64:21:f8:1f:33:
         2c:07:b4:bd:68:1f:e9:4e:ac:9a:40:a2:bf:2f:ed:93:63:ad:
         61:f7:8e:1c:6f:c2:da:33:c3:86:9b:83:c7:bf:ec:24:ed:97:
         ac:68:55:36:91:55:c1:ca:52:1f:b7:d8:ba:f1:17:79:ae:95:
         ea:f2:1b:b3:d6:5c:7b:08:32:c9:2a:b0:f0:97:7f:06:c3:a6:
         fa:25:09:67:d3:5c:c6:68:65:86:55:b6:79:83:33:dd:43:ed:
         dd:42:d8:dd:11:1f:26:55:8e:b6:3a:ab:6a:ea:1b:19:88:6c:
         a0:e5:50:de:32:e4:e5:01:13:37:d5:49:95:9f:8b:9a:7b:c6:
         2e:04:77:32:e9:26:c5:1b:eb:12:19:a0:70:83:41:73:08:c5:
         e7:ef:52:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoEC65kCsXJWBQWmGH+cQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzg1Y2I1ZmM2YjQwZmRmMTRmNzJhNmQyNWY0MTQzYzE3
YzMxN2MwHhcNMjUwOTA3MTAwMjA4WhcNMjUwOTA4MTAwMjA4WjAzMTEwLwYDVQQD
Eyg2NjFjMTA1MGI0ZWQyMjc5MDBhZGZmYTM2YjQ5MGExOThkNmFlNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYFicRD6Nk0YaBIkmyv1T500FJig
5tAHdLv+4Zvm8zzrrQXVhmBIMg0ccq9K0ZIejoMD6D2yN2NcW+D5D147VHDvbSHl
JRNakWKcY9wtWvQexFEkxNu/OzCpR5XexxhVco4VUMMR4WEhqQt9qh88cm5BoHuP
iE/fP9j8GA4jbP2MwFFRoQMhop9oMUeoD3SeVbLJUBBMJ5S686qjz4mOao7Ivsxg
2SxlGugn440L1ZUkokawe71Yd17ZS5tReQX798evuRS8uXxl+xkfy+wedD8vo+la
3o1glCW9oH2M5vzpwncwN/t4P/JLbTvpji8yDrBVm1h7FL5T25BxXI9sVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYcEFC07SJ5AK3/o2tJChmNauSBMB8GA1UdIwQY
MBaAFEF4XLX8a0D98U9yptJfQUPBfDF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUt
ZTQ2ZWM1YjliMDZjLzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUtZTQ2ZWM1YjliMDZj
LzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjn/mVX7J
e7+MGBmWhH+5zEc6i1Z2CM/L+SvsXTa5KaMjhHOlaqhpzrR50cJESLKsIGdLnBks
F5kecypnPSgXcR6lc66ZHK+XmuxzHUclNZdafvc0jzS9s+DS7R0Yow12wynUJE1u
DGQh+B8zLAe0vWgf6U6smkCivy/tk2OtYfeOHG/C2jPDhpuDx7/sJO2XrGhVNpFV
wcpSH7fYuvEXea6V6vIbs9ZcewgyySqw8Jd/BsOm+iUJZ9NcxmhlhlW2eYMz3UPt
3ULY3REfJlWOtjqrauobGYhsoOVQ3jLk5QETN9VJlZ+LmnvGLgR3MukmxRvrEhmg
cINBcwjF5+9Sqg==
-----END CERTIFICATE-----