Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          eTxdPfEklndyxZ9/pB6bVkzA9HRxV1epshDK9j9mhSQ=
Subject key identifier:   24:B7:2A:58:54:41:DB:3D:A0:4C:61:F1:52:03:36:E2:F9:6D:E5:53
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019896A698B079F6B9BFDDC83FE9D980ABC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0DCA
Signing time:             Mon 11 Aug 2025 01:02:37 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:37 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:37 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: KhC/+GBLBU6jKwgTWU2HljxrGwjrzhxVdwqA22NeXb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:98:b0:79:f6:b9:bf:dd:c8:3f:e9:d9:80:ab:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Aug 11 01:02:37 2025 GMT
            Not After : Aug 12 01:02:37 2025 GMT
        Subject: CN=24b72a585441db3da04c61f1520336e2f96de553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:67:c3:31:3a:b2:06:9e:43:67:01:97:3a:d4:
                    c3:57:41:fe:f6:a6:5a:52:ed:ea:06:c4:28:23:5e:
                    2f:9b:a6:53:5d:43:f3:b0:2c:28:ce:f3:2c:79:45:
                    4a:2c:1c:51:be:28:08:65:b8:69:6a:cc:3b:87:37:
                    94:fc:30:ec:41:d5:30:8b:0b:f9:1a:97:b8:2c:59:
                    12:7e:65:68:7e:ed:fd:70:65:8d:5c:cc:01:fc:32:
                    cb:d9:77:93:1c:fc:4a:3d:dd:4c:a1:4b:7e:8c:6a:
                    e1:c2:8f:7f:b7:21:a5:ff:f5:3d:05:14:dc:26:b9:
                    92:03:ad:d8:0f:51:cf:24:4f:5b:45:67:6d:47:b8:
                    55:5b:62:8a:41:bc:6f:c8:84:29:6f:94:93:72:66:
                    85:8d:c7:ab:67:fa:fd:91:38:a4:fb:20:03:79:00:
                    7d:bc:67:45:91:fb:33:34:4a:d8:ee:fc:32:18:f9:
                    6e:b7:d4:70:b5:82:a5:95:2b:b0:b3:d5:91:09:3b:
                    02:b1:17:80:f1:61:9a:1a:ba:b4:60:4d:21:52:66:
                    84:0c:98:93:60:c4:a6:35:df:2a:2c:ba:d8:e7:81:
                    9a:1f:08:58:49:26:8d:89:df:5c:3a:e8:05:f1:76:
                    2f:e1:0f:75:23:52:85:d0:b4:27:f4:49:3c:a9:4b:
                    48:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B7:2A:58:54:41:DB:3D:A0:4C:61:F1:52:03:36:E2:F9:6D:E5:53
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:ea:26:b5:c7:0c:90:16:de:35:36:ab:f9:6c:0b:c8:3a:ba:
         69:a2:28:6c:46:8b:4f:43:f7:7e:52:3f:71:0f:e5:6a:e4:ef:
         23:9f:0e:41:d2:02:4b:90:64:ff:de:b5:aa:b5:c0:a7:fb:9b:
         96:b4:bd:89:2e:fd:3d:f8:42:cf:73:5d:0e:fd:c0:85:2f:6c:
         64:49:39:04:d1:37:53:34:73:a8:70:91:7e:bf:cd:3c:f6:51:
         bd:bd:f8:7f:20:02:9b:de:f1:d2:ef:aa:db:24:17:44:85:e7:
         2b:af:c1:e5:09:bb:07:40:98:97:26:d5:1c:2e:ed:c8:d2:90:
         70:74:b5:4e:b0:b4:3f:26:44:8b:78:a8:e8:da:73:e7:02:92:
         67:70:93:9b:ea:11:92:7b:63:3d:e5:09:12:1a:b9:b0:6d:e7:
         86:82:68:70:98:8c:c2:4b:85:45:15:fe:8e:a6:70:a5:06:1b:
         93:9e:e6:91:95:2f:ec:f3:61:21:28:15:b0:9e:16:2d:2d:d5:
         3f:60:18:96:fd:b8:23:2e:13:3d:e9:66:df:01:a7:01:11:a2:
         20:c5:2e:8d:45:af:f1:4d:e4:c1:ad:6e:73:46:ef:21:ea:aa:
         a6:14:8b:b6:35:67:37:f7:28:83:28:1d:55:bb:6a:cd:2e:28:
         9b:0e:51:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWppiwefa5v93IP+nZgKvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUwODExMDEwMjM3WhcNMjUwODEyMDEwMjM3WjAzMTEwLwYDVQQD
EygyNGI3MmE1ODU0NDFkYjNkYTA0YzYxZjE1MjAzMzZlMmY5NmRlNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2fDMTqyBp5DZwGXOtTDV0H+9qZa
Uu3qBsQoI14vm6ZTXUPzsCwozvMseUVKLBxRvigIZbhpasw7hzeU/DDsQdUwiwv5
Gpe4LFkSfmVofu39cGWNXMwB/DLL2XeTHPxKPd1MoUt+jGrhwo9/tyGl//U9BRTc
JrmSA63YD1HPJE9bRWdtR7hVW2KKQbxvyIQpb5STcmaFjcerZ/r9kTik+yADeQB9
vGdFkfszNErY7vwyGPlut9RwtYKllSuws9WRCTsCsReA8WGaGrq0YE0hUmaEDJiT
YMSmNd8qLLrY54GaHwhYSSaNid9cOugF8XYv4Q91I1KF0LQn9Ek8qUtIfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCS3KlhUQds9oExh8VIDNuL5beVTMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOomtccM
kBbeNTar+WwLyDq6aaIobEaLT0P3flI/cQ/lauTvI58OQdICS5Bk/961qrXAp/ub
lrS9iS79PfhCz3NdDv3AhS9sZEk5BNE3UzRzqHCRfr/NPPZRvb34fyACm97x0u+q
2yQXRIXnK6/B5Qm7B0CYlybVHC7tyNKQcHS1TrC0PyZEi3io6Npz5wKSZ3CTm+oR
kntjPeUJEhq5sG3nhoJocJiMwkuFRRX+jqZwpQYbk57mkZUv7PNhISgVsJ4WLS3V
P2AYlv24Iy4TPelm3wGnARGiIMUujUWv8U3kwa1uc0bvIeqqphSLtjVnN/cogygd
VbtqzS4omw5Rbw==
-----END CERTIFICATE-----