Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          umEuI8E0n3hgy6UfX9e+vkELWVx4JHMc2xDsozS7Kpg=
Subject key identifier:   9E:2E:C3:7C:CE:5B:6E:8E:9E:90:93:93:DB:6D:D7:44:F3:73:75:04
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       01976FD0C15F3FD5BA5387C2B05EE9341A62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 19:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:41 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: RKKlggCwBUm7y80Hgi7NzJ7PIb+LVJ7XZ7PNsBRXRMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:c1:5f:3f:d5:ba:53:87:c2:b0:5e:e9:34:1a:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Jun 14 19:00:41 2025 GMT
            Not After : Jun 15 19:00:41 2025 GMT
        Subject: CN=9e2ec37cce5b6e8e9e909393db6dd744f3737504
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:09:6e:4a:5e:9c:28:bb:f3:1e:ce:b7:de:be:
                    9b:1f:b7:a4:5b:f7:f0:4f:73:45:b5:0b:ff:95:2f:
                    7f:71:f1:7c:f6:2e:7e:4c:19:5d:4b:36:7f:5b:21:
                    da:b4:c2:73:03:92:da:b9:d4:17:5f:74:4c:86:56:
                    3c:eb:55:98:ca:cf:1e:8d:e2:d7:d2:00:70:65:c5:
                    6f:27:65:8b:e6:b9:ab:cf:64:78:05:78:ec:c4:c0:
                    21:24:f6:3d:84:bd:4e:82:d7:c9:b9:ab:53:7d:46:
                    ee:c0:3a:39:bd:c1:43:68:fa:68:f4:db:b1:0e:e1:
                    21:0a:f2:72:48:aa:97:56:54:e6:09:9a:43:ad:e1:
                    b8:d7:37:44:01:f7:e0:d1:0b:40:ce:84:4e:b6:8f:
                    fe:98:89:1c:15:af:f6:16:c6:e5:18:97:64:75:42:
                    26:62:e3:b8:65:4b:c2:a4:16:67:d1:7d:6c:99:45:
                    f7:91:76:b3:cb:8b:fc:e6:30:07:df:ea:7d:d0:68:
                    9e:0f:5c:2f:5e:04:89:7c:13:c8:43:36:a5:d0:f5:
                    89:8d:04:68:a9:ef:d3:c1:4f:b3:44:5a:69:b1:44:
                    56:3f:c6:c5:81:cb:04:b8:1a:63:fd:d9:7f:18:2e:
                    10:4c:9e:16:ec:43:52:f3:c8:cb:99:2f:f1:51:ea:
                    11:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:2E:C3:7C:CE:5B:6E:8E:9E:90:93:93:DB:6D:D7:44:F3:73:75:04
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:c0:51:88:6b:c7:a1:a3:a8:4e:43:e2:01:ec:d3:e4:2c:11:
         79:71:6c:de:49:7f:f9:21:e8:0c:ff:94:6d:09:6f:42:66:ee:
         08:c3:ca:cc:a4:65:10:2b:d4:47:98:55:a5:98:3b:74:08:cf:
         e3:da:7f:5a:ee:6f:f3:37:52:4b:06:b0:93:f4:1e:62:32:0a:
         6c:3f:1f:76:c1:bb:a4:3a:b3:e6:64:86:05:07:21:58:23:6d:
         5f:b1:89:de:7e:d6:43:ca:90:25:30:5c:1a:81:ce:71:65:67:
         74:c3:a3:1c:43:74:1c:eb:97:87:5f:40:a2:17:24:18:ca:87:
         af:ce:2c:5a:db:60:d8:9e:93:fd:4e:35:9e:ad:ad:fc:d5:05:
         06:8f:fd:fc:0b:02:40:a5:2f:7d:81:b8:b9:2d:4a:b1:03:76:
         51:63:42:ab:d2:dc:f0:00:c3:e2:fe:02:cf:21:d2:ca:35:fb:
         31:09:d8:c7:58:da:6b:93:c5:eb:73:8a:18:07:a2:93:f6:85:
         4f:a1:29:61:02:8e:c9:5c:f1:05:95:61:68:27:00:6d:a5:04:
         22:61:9e:d5:30:3b:3e:b8:bc:cb:ac:36:de:41:d8:92:e1:eb:
         e2:2f:3c:c8:f2:83:62:39:8a:7d:ad:85:a3:73:8e:1f:0e:d1:
         f4:77:b7:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0MFfP9W6U4fCsF7pNBpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwNjE0MTkwMDQxWhcNMjUwNjE1MTkwMDQxWjAzMTEwLwYDVQQD
Eyg5ZTJlYzM3Y2NlNWI2ZThlOWU5MDkzOTNkYjZkZDc0NGYzNzM3NTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAluSl6cKLvzHs633r6bH7ekW/fw
T3NFtQv/lS9/cfF89i5+TBldSzZ/WyHatMJzA5LaudQXX3RMhlY861WYys8ejeLX
0gBwZcVvJ2WL5rmrz2R4BXjsxMAhJPY9hL1OgtfJuatTfUbuwDo5vcFDaPpo9Nux
DuEhCvJySKqXVlTmCZpDreG41zdEAffg0QtAzoROto/+mIkcFa/2FsblGJdkdUIm
YuO4ZUvCpBZn0X1smUX3kXazy4v85jAH3+p90GieD1wvXgSJfBPIQzal0PWJjQRo
qe/TwU+zRFppsURWP8bFgcsEuBpj/dl/GC4QTJ4W7ENS88jLmS/xUeoRvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4uw3zOW26OnpCTk9tt10Tzc3UEMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMBRiGvH
oaOoTkPiAezT5CwReXFs3kl/+SHoDP+UbQlvQmbuCMPKzKRlECvUR5hVpZg7dAjP
49p/Wu5v8zdSSwawk/QeYjIKbD8fdsG7pDqz5mSGBQchWCNtX7GJ3n7WQ8qQJTBc
GoHOcWVndMOjHEN0HOuXh19AohckGMqHr84sWttg2J6T/U41nq2t/NUFBo/9/AsC
QKUvfYG4uS1KsQN2UWNCq9Lc8ADD4v4CzyHSyjX7MQnYx1jaa5PF63OKGAeik/aF
T6EpYQKOyVzxBZVhaCcAbaUEImGe1TA7Pri8y6w23kHYkuHr4i88yPKDYjmKfa2F
o3OOHw7R9He3hA==
-----END CERTIFICATE-----