Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          je6vF/CaSbicHxwORKBC1eQiVJgVwp5N+axsO7Gt88o=
Subject key identifier:   48:8D:07:AA:8F:79:C1:5A:34:4C:D5:69:25:30:F3:F8:D5:72:37:B2
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       01968B4A2AE13C6137B76A9552CD164AC6DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          05B6
Signing time:             Thu 01 May 2025 10:00:15 +0000
Manifest this update:     Thu 01 May 2025 10:00:15 +0000
Manifest next update:     Fri 02 May 2025 10:00:15 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: uZ62Qulx6oNTKIsn1UY5KtXvnHeWQVLRcfTIhe8Ce4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:4a:2a:e1:3c:61:37:b7:6a:95:52:cd:16:4a:c6:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: May  1 10:00:15 2025 GMT
            Not After : May  2 10:00:15 2025 GMT
        Subject: CN=488d07aa8f79c15a344cd5692530f3f8d57237b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9c:d1:52:1d:13:aa:f0:6f:15:86:0e:cf:e7:
                    77:f1:77:93:eb:cb:0f:39:fb:32:4a:6a:34:36:71:
                    46:99:30:62:5a:41:c5:ee:ea:9e:f4:b1:50:d9:fd:
                    d6:20:f9:c7:7d:9a:eb:76:48:6c:fc:dd:62:fe:68:
                    55:b4:7b:27:df:76:4c:39:8d:db:48:85:48:b0:ce:
                    b7:61:85:8c:4b:16:0d:57:cf:d8:e5:6d:f8:3c:da:
                    cd:61:80:59:13:e5:25:37:57:44:b9:87:5d:65:91:
                    cc:2f:a2:87:df:df:e2:20:ac:41:b9:eb:2b:c9:81:
                    c7:54:89:ec:4c:90:53:6e:db:31:0f:fd:71:50:e8:
                    b0:c6:90:8a:9a:f2:e0:4b:2a:07:4a:65:5b:5a:4a:
                    08:87:f7:4d:2e:a4:44:37:bb:39:0f:9f:f1:3b:3c:
                    3d:be:7a:07:f5:e9:c0:ed:d8:17:66:d0:da:d1:4a:
                    ad:7c:e5:bd:af:11:d5:97:53:80:3c:11:f4:9a:e1:
                    84:5f:46:4f:6b:6d:82:45:90:c2:2f:2b:56:df:1f:
                    c7:1a:3f:b0:04:9d:e4:9d:c7:44:1e:ab:6c:f4:15:
                    58:c7:11:fd:d5:6c:fd:b9:fc:a4:0c:be:c4:3d:ca:
                    43:a5:c0:6f:05:77:81:de:1d:f0:ea:bd:e6:29:80:
                    86:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:8D:07:AA:8F:79:C1:5A:34:4C:D5:69:25:30:F3:F8:D5:72:37:B2
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:6a:54:f0:f1:86:b5:ad:c6:73:04:ad:14:09:13:b4:25:bc:
         8d:33:a5:10:ca:0e:96:6f:3d:30:20:47:75:2b:bc:61:30:48:
         ff:e8:14:59:2c:b1:34:2a:8b:68:d3:ec:88:58:3e:21:e9:2a:
         f7:70:f0:23:ec:ff:5a:3f:c7:e0:83:97:b1:97:6a:a7:c9:68:
         cc:09:a1:4e:5a:0b:71:f1:01:46:d6:73:aa:a0:93:29:d2:d5:
         16:9f:a4:83:21:ac:e3:8c:80:c9:3e:b7:43:ea:ae:f7:71:b2:
         ba:62:4a:9c:90:75:46:9a:9b:f0:64:c2:ed:3e:d2:bf:fe:64:
         67:c9:4e:e4:4a:93:05:b9:6a:68:11:b8:42:db:6c:c8:84:8a:
         f7:21:a8:6b:35:73:54:0a:f2:a4:77:a9:69:e2:a4:42:db:9e:
         3f:7c:19:a7:dc:6c:ea:4b:1b:39:6a:d3:30:4d:fc:33:7e:37:
         1f:59:2e:91:68:a8:bb:5a:9d:5b:43:be:e2:f9:d4:98:af:74:
         b4:91:c7:ad:ab:a2:41:d4:e4:d0:83:c2:53:02:76:0c:be:5d:
         b2:c1:66:e0:4a:cb:89:f1:da:e1:39:32:1f:ea:94:fd:05:10:
         04:97:b9:27:89:33:2f:4c:c7:36:d1:10:db:7c:c3:12:0f:64:
         46:86:93:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLSirhPGE3t2qVUs0WSsbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUwNTAxMTAwMDE1WhcNMjUwNTAyMTAwMDE1WjAzMTEwLwYDVQQD
Eyg0ODhkMDdhYThmNzljMTVhMzQ0Y2Q1NjkyNTMwZjNmOGQ1NzIzN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJzRUh0TqvBvFYYOz+d38XeT68sP
OfsySmo0NnFGmTBiWkHF7uqe9LFQ2f3WIPnHfZrrdkhs/N1i/mhVtHsn33ZMOY3b
SIVIsM63YYWMSxYNV8/Y5W34PNrNYYBZE+UlN1dEuYddZZHML6KH39/iIKxBuesr
yYHHVInsTJBTbtsxD/1xUOiwxpCKmvLgSyoHSmVbWkoIh/dNLqREN7s5D5/xOzw9
vnoH9enA7dgXZtDa0UqtfOW9rxHVl1OAPBH0muGEX0ZPa22CRZDCLytW3x/HGj+w
BJ3kncdEHqts9BVYxxH91Wz9ufykDL7EPcpDpcBvBXeB3h3w6r3mKYCGcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiNB6qPecFaNEzVaSUw8/jVcjeyMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp2pU8PGG
ta3GcwStFAkTtCW8jTOlEMoOlm89MCBHdSu8YTBI/+gUWSyxNCqLaNPsiFg+Iekq
93DwI+z/Wj/H4IOXsZdqp8lozAmhTloLcfEBRtZzqqCTKdLVFp+kgyGs44yAyT63
Q+qu93GyumJKnJB1Rpqb8GTC7T7Sv/5kZ8lO5EqTBblqaBG4QttsyISK9yGoazVz
VArypHepaeKkQtueP3wZp9xs6ksbOWrTME38M343H1kukWiou1qdW0O+4vnUmK90
tJHHrauiQdTk0IPCUwJ2DL5dssFm4ErLifHa4TkyH+qU/QUQBJe5J4kzL0zHNtEQ
23zDEg9kRoaT+Q==
-----END CERTIFICATE-----