Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          Y1DXJ9Zd0EsIDO77IaPV66kqGg5/LtPYkA/QuYQmDeI=
Subject key identifier:   D7:45:38:D8:FE:41:E7:0B:C3:53:56:5E:87:55:09:0C:E7:FB:07:AD
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       0196741E435D51A10395D77D2200412F1208
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          150A
Signing time:             Sat 26 Apr 2025 22:01:02 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:02 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:02 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: ZN6leGSca5yaOkTqCR9t8XUkBIKc/bmJnwnOpsHIOb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:43:5d:51:a1:03:95:d7:7d:22:00:41:2f:12:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Apr 26 22:01:02 2025 GMT
            Not After : Apr 27 22:01:02 2025 GMT
        Subject: CN=d74538d8fe41e70bc353565e8755090ce7fb07ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c0:4e:fb:d4:79:20:c1:fc:5d:6a:0c:d4:e7:
                    4e:35:20:41:30:b5:b0:3c:ae:75:81:d6:c6:f6:6b:
                    ea:b8:e6:07:09:a9:9e:03:98:b4:ca:1d:b3:40:21:
                    76:f5:05:cc:68:27:6b:55:a7:f8:2c:85:48:39:a8:
                    13:92:1c:17:19:16:a8:6f:4d:4f:df:eb:0f:83:e9:
                    b3:49:09:e0:78:61:db:bd:0c:6f:df:9d:11:96:1e:
                    44:7e:7a:b5:51:2e:6a:05:12:d8:a9:5e:1a:38:cc:
                    5e:ce:ac:73:b7:5e:28:c7:af:b3:4c:cf:26:05:66:
                    a2:68:d0:d2:32:18:34:ba:f6:90:a8:89:ce:87:76:
                    23:66:a6:13:b2:0d:8c:ec:45:e8:1e:36:83:24:69:
                    15:b3:67:a9:39:c2:53:32:05:97:45:b2:98:d7:10:
                    0a:ed:62:75:96:2a:f2:81:20:c9:f2:cd:46:22:fe:
                    0a:0e:be:52:b1:dc:fd:78:1c:0a:91:c8:ef:85:66:
                    6f:b0:2f:0e:c6:54:8d:71:56:03:4d:3e:13:dd:b6:
                    2e:95:0f:5d:ea:5c:8e:a5:17:07:67:24:da:95:78:
                    7e:71:3d:bd:5f:63:d1:3a:a1:e7:1a:e8:16:39:62:
                    3f:cb:c5:71:c8:57:f5:5c:75:b5:21:0a:6d:b2:79:
                    3f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:45:38:D8:FE:41:E7:0B:C3:53:56:5E:87:55:09:0C:E7:FB:07:AD
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:fd:f2:d1:05:e8:60:8f:34:a6:e6:ce:59:82:da:a7:25:17:
         5d:9e:56:7f:f1:b6:b6:d0:e2:28:24:14:73:be:c7:c6:02:c4:
         39:87:2c:21:3f:fb:0b:26:91:6e:b6:3a:2c:d6:e7:5e:41:a7:
         0a:d2:a1:5e:2e:f3:8b:4b:db:b0:b4:bb:f4:95:ae:f1:0f:c2:
         61:c1:85:57:bb:89:32:ba:38:6f:e9:68:75:18:7c:ac:f5:f0:
         07:d2:f5:66:62:23:b9:62:00:ea:22:75:e9:e7:0e:be:e7:d8:
         9c:dc:f6:dc:3f:2c:bd:5f:50:96:87:b6:54:6f:0f:b3:08:77:
         83:9f:0e:a1:7a:c2:75:97:d9:0b:84:8a:9a:7e:ae:b9:64:e2:
         7f:97:13:ba:b1:9d:67:ce:f6:3f:51:4e:33:13:26:14:cd:6e:
         5b:55:ed:f0:7c:72:21:1e:2d:d1:e8:34:0b:d9:52:ca:56:1c:
         b9:5c:c0:5a:48:5c:81:c4:fb:bd:e0:ce:9c:58:58:92:18:c8:
         14:ec:27:77:86:f2:ba:da:bd:bc:36:58:7f:1c:a8:26:ba:61:
         52:e9:b4:7c:71:95:98:c6:a6:77:7a:7b:b2:2a:6c:20:a3:cf:
         b8:5e:85:cb:61:93:41:fd:b9:56:06:b5:2b:f2:94:77:25:9b:
         ed:aa:f0:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HkNdUaEDldd9IgBBLxIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwNDI2MjIwMTAyWhcNMjUwNDI3MjIwMTAyWjAzMTEwLwYDVQQD
EyhkNzQ1MzhkOGZlNDFlNzBiYzM1MzU2NWU4NzU1MDkwY2U3ZmIwN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsBO+9R5IMH8XWoM1OdONSBBMLWw
PK51gdbG9mvquOYHCameA5i0yh2zQCF29QXMaCdrVaf4LIVIOagTkhwXGRaob01P
3+sPg+mzSQngeGHbvQxv350Rlh5Efnq1US5qBRLYqV4aOMxezqxzt14ox6+zTM8m
BWaiaNDSMhg0uvaQqInOh3YjZqYTsg2M7EXoHjaDJGkVs2epOcJTMgWXRbKY1xAK
7WJ1lirygSDJ8s1GIv4KDr5Ssdz9eBwKkcjvhWZvsC8OxlSNcVYDTT4T3bYulQ9d
6lyOpRcHZyTalXh+cT29X2PROqHnGugWOWI/y8VxyFf1XHW1IQptsnk/CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdFONj+QecLw1NWXodVCQzn+wetMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOv3y0QXo
YI80pubOWYLapyUXXZ5Wf/G2ttDiKCQUc77HxgLEOYcsIT/7CyaRbrY6LNbnXkGn
CtKhXi7zi0vbsLS79JWu8Q/CYcGFV7uJMro4b+lodRh8rPXwB9L1ZmIjuWIA6iJ1
6ecOvufYnNz23D8svV9Qloe2VG8Pswh3g58OoXrCdZfZC4SKmn6uuWTif5cTurGd
Z872P1FOMxMmFM1uW1Xt8HxyIR4t0eg0C9lSylYcuVzAWkhcgcT7veDOnFhYkhjI
FOwnd4byutq9vDZYfxyoJrphUum0fHGVmMamd3p7sipsIKPPuF6Fy2GTQf25Vga1
K/KUdyWb7arwHg==
-----END CERTIFICATE-----