Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          MQ7Cf8/aVtnvN5P8krv2mvmK8IKpi5OwzOH+MxaACcQ=
Subject key identifier:   BD:5B:86:36:DF:3F:A5:AA:14:B1:BE:58:1D:B7:97:30:1A:EA:E5:3B
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       01988B45A378B61785C76068724D2E9A5A44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          048C
Signing time:             Fri 08 Aug 2025 20:00:53 +0000
Manifest this update:     Fri 08 Aug 2025 20:00:53 +0000
Manifest next update:     Sat 09 Aug 2025 20:00:53 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: XQlWhN9BqhhvzZlqP6t0FT8WBLkpEiKdY5Mpp40fYrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:45:a3:78:b6:17:85:c7:60:68:72:4d:2e:9a:5a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Aug  8 20:00:53 2025 GMT
            Not After : Aug  9 20:00:53 2025 GMT
        Subject: CN=bd5b8636df3fa5aa14b1be581db797301aeae53b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c1:39:b7:41:22:d0:3b:53:2f:b2:a2:bf:80:
                    78:f9:0e:c3:08:d2:bd:64:05:2e:31:0a:fd:df:68:
                    db:a6:13:20:b7:27:58:6c:24:20:f5:28:32:29:51:
                    e2:39:ca:78:65:90:54:1e:a2:68:a6:9d:e9:b1:88:
                    d2:f4:aa:cc:57:b2:fb:c4:8c:d9:ff:a2:40:e0:72:
                    86:47:72:4b:5c:94:2e:fe:c8:c4:aa:0d:1b:d6:e3:
                    1d:23:33:ce:00:e3:3f:2a:51:1b:9e:24:80:1b:93:
                    81:fc:59:7b:d8:e5:e5:ea:21:a9:82:c8:18:0f:0c:
                    8a:b2:6e:8f:3d:ac:40:59:5e:d5:50:5e:14:6d:0e:
                    bf:46:5c:89:e8:fe:16:91:56:1a:6e:ba:c0:a6:f5:
                    2a:72:a0:85:4b:1c:98:52:51:90:c9:41:cf:6e:9c:
                    02:d3:09:ee:80:5b:6a:89:27:55:3c:48:37:3b:b9:
                    d2:df:1c:a0:07:84:d1:2d:0f:85:b3:69:9f:b7:7a:
                    27:7e:0f:fe:37:1a:22:f1:fc:91:90:4e:e6:49:98:
                    1a:88:12:48:ee:3c:a1:07:94:34:20:dd:ae:d8:1c:
                    d0:e0:2e:30:f6:c0:6f:f1:c3:56:6c:dd:de:33:de:
                    12:73:a0:24:09:1d:f2:b0:30:72:b5:c1:bb:68:b3:
                    62:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:5B:86:36:DF:3F:A5:AA:14:B1:BE:58:1D:B7:97:30:1A:EA:E5:3B
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:15:95:05:db:e6:f8:0c:e0:77:96:99:1a:cf:1a:42:3e:27:
         5e:d4:c8:20:b0:b1:08:7c:b3:c5:96:50:c5:d4:55:e4:5c:6e:
         e2:c0:84:7c:12:2f:86:a4:b6:4d:a4:d7:4f:1d:b4:da:c4:2d:
         8d:6b:08:57:48:eb:c0:0d:b9:b5:da:7c:19:c4:84:5f:45:8e:
         cb:24:5b:d7:9b:89:15:9b:15:a1:62:3e:01:4f:22:0d:11:81:
         2a:4a:cc:a8:91:6b:48:50:46:38:85:d3:9d:86:88:7c:22:09:
         e1:5f:3d:ce:9b:88:ea:eb:13:01:0f:d7:c9:6d:bb:f6:11:85:
         5e:80:8b:37:84:44:8d:b2:81:2b:e7:67:b6:d0:51:d3:42:b2:
         ed:a7:08:a4:a4:90:bb:97:3c:c2:27:1d:27:72:ee:dc:98:be:
         36:ea:42:6d:da:26:93:61:b9:7c:69:9d:0f:6a:f0:01:14:6d:
         dc:ed:89:62:cf:f1:a9:84:75:df:31:c5:5e:e5:fa:de:5a:e0:
         a9:cf:0a:49:1f:8d:88:98:95:d0:ab:7f:cb:c8:78:d4:c8:a3:
         39:6f:1f:7d:eb:04:34:3e:3f:7c:b9:62:b3:ee:32:61:ae:a6:
         81:4e:4f:9d:e6:6f:1f:95:0b:ed:df:08:be:56:b4:43:0d:e0:
         84:da:f9:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLRaN4theFx2Bock0umlpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwODA4MjAwMDUzWhcNMjUwODA5MjAwMDUzWjAzMTEwLwYDVQQD
EyhiZDViODYzNmRmM2ZhNWFhMTRiMWJlNTgxZGI3OTczMDFhZWFlNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsE5t0Ei0DtTL7Kiv4B4+Q7DCNK9
ZAUuMQr932jbphMgtydYbCQg9SgyKVHiOcp4ZZBUHqJopp3psYjS9KrMV7L7xIzZ
/6JA4HKGR3JLXJQu/sjEqg0b1uMdIzPOAOM/KlEbniSAG5OB/Fl72OXl6iGpgsgY
DwyKsm6PPaxAWV7VUF4UbQ6/RlyJ6P4WkVYabrrApvUqcqCFSxyYUlGQyUHPbpwC
0wnugFtqiSdVPEg3O7nS3xygB4TRLQ+Fs2mft3onfg/+Nxoi8fyRkE7mSZgaiBJI
7jyhB5Q0IN2u2BzQ4C4w9sBv8cNWbN3eM94Sc6AkCR3ysDBytcG7aLNiCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1bhjbfP6WqFLG+WB23lzAa6uU7MB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxWVBdvm
+Azgd5aZGs8aQj4nXtTIILCxCHyzxZZQxdRV5Fxu4sCEfBIvhqS2TaTXTx202sQt
jWsIV0jrwA25tdp8GcSEX0WOyyRb15uJFZsVoWI+AU8iDRGBKkrMqJFrSFBGOIXT
nYaIfCIJ4V89zpuI6usTAQ/XyW279hGFXoCLN4REjbKBK+dnttBR00Ky7acIpKSQ
u5c8wicdJ3Lu3Ji+NupCbdomk2G5fGmdD2rwARRt3O2JYs/xqYR13zHFXuX63lrg
qc8KSR+NiJiV0Kt/y8h41MijOW8ffesEND4/fLlis+4yYa6mgU5PneZvH5UL7d8I
vla0Qw3ghNr5hw==
-----END CERTIFICATE-----