Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          mYHLjd2/v6HR+F7Wcxpvgfkn4Rt6VighfxaWaBSGluk=
Subject key identifier:   70:CA:FC:0A:72:C1:50:2D:C2:AC:E8:2F:D7:C7:E1:D7:74:25:B9:96
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019779AF46EE34E30FB9F6F30674953741CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          04F2
Signing time:             Mon 16 Jun 2025 17:00:19 +0000
Manifest this update:     Mon 16 Jun 2025 17:00:19 +0000
Manifest next update:     Tue 17 Jun 2025 17:00:19 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: 7DhaSsOTnkm0B6EXoAjR/zzxtK2p0nTTisj3qLlLGc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:af:46:ee:34:e3:0f:b9:f6:f3:06:74:95:37:41:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Jun 16 17:00:19 2025 GMT
            Not After : Jun 17 17:00:19 2025 GMT
        Subject: CN=70cafc0a72c1502dc2ace82fd7c7e1d77425b996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bc:3f:20:31:d2:f0:3f:6b:65:d8:af:ee:00:
                    6d:8a:10:5c:08:c9:a4:4f:8e:6f:51:a4:4f:a8:97:
                    d1:e9:4f:89:2b:08:49:9f:5f:e9:25:df:39:16:4a:
                    c8:38:dd:ec:ac:72:5e:24:18:63:ed:a2:de:0f:da:
                    bb:8b:fd:59:67:2e:31:f2:c0:58:0f:68:74:0a:b6:
                    7c:c2:0f:d7:9a:2f:f0:69:09:f1:e3:ed:bb:84:59:
                    20:bc:9f:c6:02:74:05:c5:49:dd:7e:2b:5e:86:f4:
                    c3:6e:33:aa:74:74:7f:13:81:ef:30:c7:35:b6:a1:
                    c6:36:11:7c:ff:a9:1d:43:4a:20:ee:71:ad:7d:50:
                    0b:7e:8a:47:f8:88:54:62:65:91:83:bc:f7:20:14:
                    c4:b5:c8:2c:00:95:aa:8d:b1:77:40:c9:17:8a:71:
                    1a:cc:f1:79:04:9e:3a:8c:44:58:d0:a8:f1:d7:ec:
                    58:45:56:21:5e:37:25:ae:c9:b0:c3:f8:8d:2a:bf:
                    7b:e3:8a:fc:8a:03:8a:0f:06:71:21:96:62:59:e4:
                    b5:36:dc:ab:e6:81:ef:ab:82:1c:1a:5c:2f:4b:f2:
                    bb:e6:7e:99:48:87:28:61:e8:1d:fb:f6:3c:84:6a:
                    1b:46:db:20:bc:e6:77:d0:2f:4c:23:af:ad:91:78:
                    2f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CA:FC:0A:72:C1:50:2D:C2:AC:E8:2F:D7:C7:E1:D7:74:25:B9:96
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:2e:85:02:4a:4a:69:e5:ff:77:27:07:28:f8:e3:68:99:ca:
         79:bc:df:72:5d:38:67:4b:4c:32:16:ec:9b:df:fc:eb:f8:ea:
         0f:bf:d4:76:ff:26:0d:c6:42:77:e2:19:94:ad:de:82:c5:f2:
         17:90:98:d0:97:18:0c:04:97:e4:54:5c:51:4d:56:73:35:46:
         74:eb:2c:1e:32:0f:f7:cb:24:cd:dd:53:f3:24:34:0b:75:10:
         66:80:5f:5f:79:56:c2:a9:b7:33:47:e9:ac:cc:7d:f7:d5:52:
         a8:57:10:44:da:cd:eb:14:24:f5:df:53:9a:9f:cd:85:e2:21:
         b2:bf:02:2c:62:72:8b:8b:32:55:a3:d0:1e:f2:29:2c:62:f7:
         a4:24:08:e0:89:50:92:37:ea:f6:f4:43:53:36:db:5f:2a:05:
         9c:2e:99:d1:ed:b5:9d:89:09:67:12:7d:87:dd:25:ee:f6:dd:
         e1:f6:ca:78:49:76:20:6b:be:24:09:89:5a:8c:bf:4f:c2:f1:
         ec:9c:a4:4f:40:06:8c:a0:5a:2f:9e:a3:9b:13:5c:73:7f:7d:
         19:ed:c4:ba:67:c4:73:ba:e6:5b:16:7f:32:c8:2d:83:6f:81:
         d2:16:5a:fd:d3:9b:1a:7f:95:63:9d:0e:45:13:99:ff:1b:21:
         58:3f:c6:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5r0buNOMPufbzBnSVN0HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUwNjE2MTcwMDE5WhcNMjUwNjE3MTcwMDE5WjAzMTEwLwYDVQQD
Eyg3MGNhZmMwYTcyYzE1MDJkYzJhY2U4MmZkN2M3ZTFkNzc0MjViOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7w/IDHS8D9rZdiv7gBtihBcCMmk
T45vUaRPqJfR6U+JKwhJn1/pJd85FkrION3srHJeJBhj7aLeD9q7i/1ZZy4x8sBY
D2h0CrZ8wg/Xmi/waQnx4+27hFkgvJ/GAnQFxUndfitehvTDbjOqdHR/E4HvMMc1
tqHGNhF8/6kdQ0og7nGtfVALfopH+IhUYmWRg7z3IBTEtcgsAJWqjbF3QMkXinEa
zPF5BJ46jERY0Kjx1+xYRVYhXjclrsmww/iNKr9744r8igOKDwZxIZZiWeS1Ntyr
5oHvq4IcGlwvS/K75n6ZSIcoYegd+/Y8hGobRtsgvOZ30C9MI6+tkXgvewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDK/ApywVAtwqzoL9fH4dd0JbmWMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgy6FAkpK
aeX/dycHKPjjaJnKebzfcl04Z0tMMhbsm9/86/jqD7/Udv8mDcZCd+IZlK3egsXy
F5CY0JcYDASX5FRcUU1WczVGdOssHjIP98skzd1T8yQ0C3UQZoBfX3lWwqm3M0fp
rMx999VSqFcQRNrN6xQk9d9Tmp/NheIhsr8CLGJyi4syVaPQHvIpLGL3pCQI4IlQ
kjfq9vRDUzbbXyoFnC6Z0e21nYkJZxJ9h90l7vbd4fbKeEl2IGu+JAmJWoy/T8Lx
7JykT0AGjKBaL56jmxNcc399Ge3EumfEc7rmWxZ/Msgtg2+B0hZa/dObGn+VY50O
RROZ/xshWD/GbA==
-----END CERTIFICATE-----