Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.mft
File:                     QyExQaqTrYz4wmg3eFx4RUzbgYA.mft (raw, json)
Hash identifier:          qzmo4XuzGs8iTK/pwlbHaXjiSkHlMPVAhEzN3oEVRgY=
Subject key identifier:   FA:70:D6:2C:82:A9:1E:97:F3:5E:BE:21:25:44:9F:CC:93:56:D8:55
Authority key identifier: 43:21:31:41:AA:93:AD:8C:F8:C2:68:37:78:5C:78:45:4C:DB:81:80
Certificate issuer:       /CN=43213141aa93ad8cf8c26837785c78454cdb8180
Certificate serial:       0196857F1C89A08F57212B8CBD9BF1348D03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QyExQaqTrYz4wmg3eFx4RUzbgYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.mft
Manifest number:          04AB
Signing time:             Wed 30 Apr 2025 07:00:22 +0000
Manifest this update:     Wed 30 Apr 2025 07:00:22 +0000
Manifest next update:     Thu 01 May 2025 07:00:22 +0000
Files and hashes:         1: QyExQaqTrYz4wmg3eFx4RUzbgYA.crl (hash: Z98neoUuN9OZXuSazMv0px0DzAz4hWYM7PqObrf1G+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QyExQaqTrYz4wmg3eFx4RUzbgYA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:7f:1c:89:a0:8f:57:21:2b:8c:bd:9b:f1:34:8d:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43213141aa93ad8cf8c26837785c78454cdb8180
        Validity
            Not Before: Apr 30 07:00:22 2025 GMT
            Not After : May  1 07:00:22 2025 GMT
        Subject: CN=fa70d62c82a91e97f35ebe2125449fcc9356d855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d9:52:0d:80:c4:6f:36:27:7e:39:bd:bb:19:
                    6e:35:82:bc:ea:50:c9:73:ba:e1:5b:29:18:57:9d:
                    26:d0:33:5f:0f:bb:2e:d6:8a:21:f5:39:89:de:e9:
                    c1:4c:45:64:e9:57:fa:2e:fb:8f:0c:a9:ae:7b:71:
                    91:ab:6d:27:d3:29:67:69:d6:3e:d9:ae:dc:7d:bc:
                    90:50:4a:d3:b8:df:d7:b6:39:19:47:61:1c:25:0c:
                    72:0b:b6:70:ac:51:d1:58:58:fa:24:c9:49:87:91:
                    94:48:dc:24:d0:05:4a:86:aa:ff:75:ef:88:5a:0e:
                    14:3c:49:50:f4:5e:2f:06:e3:e0:ef:64:a4:40:a0:
                    7b:40:e4:13:47:5f:c5:23:d5:cb:a9:ce:69:39:45:
                    ac:56:2a:8a:19:d7:3c:eb:e3:21:85:a7:25:2e:7b:
                    3d:5c:63:a8:e0:c0:da:80:d0:8f:14:45:1d:20:27:
                    d9:19:ad:8b:ad:78:e3:a6:39:17:02:df:d7:8b:bf:
                    61:a2:70:1a:ee:47:b1:04:af:80:c1:9b:45:e1:73:
                    b9:dd:6b:03:dd:6e:a3:eb:69:3b:79:52:a6:a2:48:
                    4b:c6:75:f4:ef:84:4f:fe:ba:a1:c4:d9:2d:c3:81:
                    5b:1f:7f:85:c4:13:88:24:5c:04:59:44:49:2b:b1:
                    92:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:70:D6:2C:82:A9:1E:97:F3:5E:BE:21:25:44:9F:CC:93:56:D8:55
            X509v3 Authority Key Identifier:
                keyid:43:21:31:41:AA:93:AD:8C:F8:C2:68:37:78:5C:78:45:4C:DB:81:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QyExQaqTrYz4wmg3eFx4RUzbgYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/68d7a4-4e73-495c-a03e-0e2769aa8ab0/1/QyExQaqTrYz4wmg3eFx4RUzbgYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:2f:fe:5b:5a:b4:04:80:5e:3a:00:a0:12:54:89:08:b8:f4:
         b6:c1:fc:b1:f0:51:69:57:df:78:d8:89:5a:d6:93:1e:e9:01:
         b1:04:79:0e:de:1f:6f:e1:49:2a:a4:05:28:1f:b1:85:63:8a:
         c4:36:10:21:b7:01:c5:3c:09:fa:c9:9a:bb:64:77:28:cc:dc:
         9f:d5:54:c9:ee:bb:6b:bf:ea:0a:e7:e6:02:8a:a2:b6:29:37:
         4a:fd:a7:56:79:a3:dd:b7:8e:8a:9c:08:00:77:2c:ab:94:e1:
         f8:c3:6c:2d:90:96:49:26:41:4c:d8:ee:4f:c7:fb:76:12:3f:
         b7:be:9d:03:f7:6d:90:52:dd:fa:75:1e:b2:a3:bf:20:2d:4a:
         11:7f:a6:ac:b2:39:a4:9b:74:78:37:8e:85:9a:65:ad:21:1c:
         14:bd:4f:9c:ad:2c:c5:31:bb:d3:0b:a4:9a:7f:56:b0:07:5c:
         97:5c:bb:d2:db:27:88:6f:41:80:c3:26:bb:a2:3a:37:68:85:
         7b:01:57:7a:a2:a6:cf:8f:8f:2a:62:f0:a9:35:9e:24:74:58:
         f8:ea:29:a7:dc:86:44:ec:8e:a2:02:1b:81:67:71:14:f6:17:
         60:0c:33:51:7f:c4:93:66:1c:1f:92:71:d6:14:c6:ba:37:f2:
         e6:bb:6f:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFfxyJoI9XISuMvZvxNI0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMjEzMTQxYWE5M2FkOGNmOGMyNjgzNzc4NWM3ODQ1NGNk
YjgxODAwHhcNMjUwNDMwMDcwMDIyWhcNMjUwNTAxMDcwMDIyWjAzMTEwLwYDVQQD
EyhmYTcwZDYyYzgyYTkxZTk3ZjM1ZWJlMjEyNTQ0OWZjYzkzNTZkODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutlSDYDEbzYnfjm9uxluNYK86lDJ
c7rhWykYV50m0DNfD7su1ooh9TmJ3unBTEVk6Vf6LvuPDKmue3GRq20n0ylnadY+
2a7cfbyQUErTuN/XtjkZR2EcJQxyC7ZwrFHRWFj6JMlJh5GUSNwk0AVKhqr/de+I
Wg4UPElQ9F4vBuPg72SkQKB7QOQTR1/FI9XLqc5pOUWsViqKGdc86+MhhaclLns9
XGOo4MDagNCPFEUdICfZGa2LrXjjpjkXAt/Xi79honAa7kexBK+AwZtF4XO53WsD
3W6j62k7eVKmokhLxnX074RP/rqhxNktw4FbH3+FxBOIJFwEWURJK7GSMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpw1iyCqR6X816+ISVEn8yTVthVMB8GA1UdIwQY
MBaAFEMhMUGqk62M+MJoN3hceEVM24GAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlFeFFhcVRyWXo0d21nM2VGeDRSVXpiZ1lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82OGQ3YTQtNGU3My00OTVjLWEwM2Ut
MGUyNzY5YWE4YWIwLzEvUXlFeFFhcVRyWXo0d21nM2VGeDRSVXpiZ1lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82OGQ3YTQtNGU3My00OTVjLWEwM2UtMGUyNzY5YWE4YWIw
LzEvUXlFeFFhcVRyWXo0d21nM2VGeDRSVXpiZ1lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAty/+W1q0
BIBeOgCgElSJCLj0tsH8sfBRaVffeNiJWtaTHukBsQR5Dt4fb+FJKqQFKB+xhWOK
xDYQIbcBxTwJ+smau2R3KMzcn9VUye67a7/qCufmAoqitik3Sv2nVnmj3beOipwI
AHcsq5Th+MNsLZCWSSZBTNjuT8f7dhI/t76dA/dtkFLd+nUesqO/IC1KEX+mrLI5
pJt0eDeOhZplrSEcFL1PnK0sxTG70wukmn9WsAdcl1y70tsniG9BgMMmu6I6N2iF
ewFXeqKmz4+PKmLwqTWeJHRY+Oopp9yGROyOogIbgWdxFPYXYAwzUX/Ek2YcH5Jx
1hTGujfy5rtvGg==
-----END CERTIFICATE-----