Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          IiZib6GOsSvBAQj1f5N/RoI+CWZJE7af9jIqiW1fu9g=
Subject key identifier:   71:7B:56:BF:AD:BD:39:D0:E4:AE:D9:F2:E3:B2:D3:88:73:B6:57:70
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       01988B0F44048031C84F6B27FB30834F5F1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          161F
Signing time:             Fri 08 Aug 2025 19:01:30 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:30 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:30 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: L1ugOWo8pg9y1DojtpVoX4Mim+s2HBTBYgP9E2YtahE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 11:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:44:04:80:31:c8:4f:6b:27:fb:30:83:4f:5f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Aug  8 19:01:30 2025 GMT
            Not After : Aug  9 19:01:30 2025 GMT
        Subject: CN=717b56bfadbd39d0e4aed9f2e3b2d38873b65770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f4:b4:88:6b:f8:fa:ad:35:4d:54:cc:fb:cd:
                    ed:9d:65:91:05:e1:bc:68:c2:eb:b1:18:cc:bb:c7:
                    c3:9c:d7:6d:94:9d:de:bc:06:af:f0:ec:2b:88:9e:
                    9c:2c:4a:ef:c7:24:a6:63:17:7d:98:e7:13:66:a3:
                    c1:e7:f0:e2:84:c6:af:3b:e5:76:21:a4:e9:43:f2:
                    d5:96:ac:da:89:2f:d5:58:d8:aa:c5:4f:cd:e4:95:
                    62:be:4c:cd:6f:ec:02:7e:54:53:11:23:9c:16:bf:
                    64:bf:cf:c9:67:ea:e4:39:8c:ea:8c:8c:f2:fd:60:
                    aa:41:53:58:a9:d0:9f:9d:82:ec:c6:91:a8:51:b3:
                    82:78:b5:c9:95:1f:c7:32:22:78:c0:21:8f:1c:8a:
                    69:a9:9e:36:23:71:4b:eb:61:c8:64:e4:9b:9e:4e:
                    10:69:ba:32:40:68:44:5d:da:b2:c1:c5:5c:85:50:
                    37:23:1b:f5:23:a1:97:58:5a:ae:d0:0f:7c:a7:4e:
                    fc:cd:02:cd:ad:fb:15:83:d7:cb:61:ce:5c:47:76:
                    af:9a:97:df:b4:0c:90:c2:61:c4:12:f0:64:1c:cb:
                    19:b3:c2:1c:4a:67:f2:d9:97:c4:d8:a1:e0:72:54:
                    a1:8b:6e:6b:87:60:6c:75:fe:c3:55:b1:1e:da:ba:
                    7f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:7B:56:BF:AD:BD:39:D0:E4:AE:D9:F2:E3:B2:D3:88:73:B6:57:70
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:8e:9c:41:ce:b9:f1:13:75:c9:0b:c2:18:86:07:71:d3:cd:
         75:2a:d3:1b:ee:76:89:b6:72:53:33:40:92:70:bb:2d:1c:a3:
         15:1c:70:63:f9:58:e4:4f:94:ea:54:0b:0d:88:5f:17:10:07:
         dd:71:a0:7b:8c:a8:70:ca:d9:2d:b7:4c:d5:ee:a0:95:c3:1e:
         67:e9:39:53:00:67:4a:36:f2:65:71:f8:d0:bb:d1:18:fd:51:
         fb:f7:fd:36:82:01:0c:e5:ec:11:3c:ae:17:c2:c0:20:de:04:
         e2:fd:37:f1:3c:7d:f0:60:47:30:ef:4e:61:96:c1:e3:65:0c:
         b4:8e:37:9b:85:1e:0d:14:a6:d3:79:b0:09:0f:8c:e8:ef:ca:
         b2:68:84:00:aa:08:5e:5a:62:07:1c:ec:e3:d8:83:f6:61:da:
         f2:57:b0:dc:65:b2:79:21:5c:d3:44:9e:20:62:fc:8a:4b:7e:
         91:34:25:e0:c7:21:4b:e2:eb:e7:04:9c:cd:8e:65:e7:bb:ae:
         0d:15:70:9c:64:bd:fc:a1:8d:65:62:a3:36:03:a1:d7:75:5d:
         ce:d1:c7:94:67:72:db:2f:b8:5a:c9:f8:dc:bb:df:2d:70:b3:
         83:77:9c:73:79:4e:aa:de:49:11:79:ce:70:ea:f5:04:60:67:
         7e:86:b2:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD0QEgDHIT2sn+zCDT18dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwODA4MTkwMTMwWhcNMjUwODA5MTkwMTMwWjAzMTEwLwYDVQQD
Eyg3MTdiNTZiZmFkYmQzOWQwZTRhZWQ5ZjJlM2IyZDM4ODczYjY1NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPS0iGv4+q01TVTM+83tnWWRBeG8
aMLrsRjMu8fDnNdtlJ3evAav8OwriJ6cLErvxySmYxd9mOcTZqPB5/DihMavO+V2
IaTpQ/LVlqzaiS/VWNiqxU/N5JVivkzNb+wCflRTESOcFr9kv8/JZ+rkOYzqjIzy
/WCqQVNYqdCfnYLsxpGoUbOCeLXJlR/HMiJ4wCGPHIppqZ42I3FL62HIZOSbnk4Q
aboyQGhEXdqywcVchVA3Ixv1I6GXWFqu0A98p078zQLNrfsVg9fLYc5cR3avmpff
tAyQwmHEEvBkHMsZs8IcSmfy2ZfE2KHgclShi25rh2Bsdf7DVbEe2rp/hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHF7Vr+tvTnQ5K7Z8uOy04hztldwMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVY6cQc65
8RN1yQvCGIYHcdPNdSrTG+52ibZyUzNAknC7LRyjFRxwY/lY5E+U6lQLDYhfFxAH
3XGge4yocMrZLbdM1e6glcMeZ+k5UwBnSjbyZXH40LvRGP1R+/f9NoIBDOXsETyu
F8LAIN4E4v038Tx98GBHMO9OYZbB42UMtI43m4UeDRSm03mwCQ+M6O/KsmiEAKoI
XlpiBxzs49iD9mHa8lew3GWyeSFc00SeIGL8ikt+kTQl4MchS+Lr5wSczY5l57uu
DRVwnGS9/KGNZWKjNgOh13VdztHHlGdy2y+4Wsn43LvfLXCzg3ecc3lOqt5JEXnO
cOr1BGBnfoaywQ==
-----END CERTIFICATE-----