Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          S+6AWjc+RVKlUnUUSpVeWUbCBj/hxWNSdGWYmLxo4cQ=
Subject key identifier:   0B:D3:1B:1C:CC:21:3D:4D:D5:0A:40:25:A7:CA:6E:F9:67:5A:DE:A7
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       01967E6ABC942D6A4C7F3551A283039E993E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          150F
Signing time:             Mon 28 Apr 2025 22:00:46 +0000
Manifest this update:     Mon 28 Apr 2025 22:00:46 +0000
Manifest next update:     Tue 29 Apr 2025 22:00:46 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: +oAsDqh10KdmkhnfiyVxGjhlqFY5ZjCsIoAiKYVLqzI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:6a:bc:94:2d:6a:4c:7f:35:51:a2:83:03:9e:99:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Apr 28 22:00:46 2025 GMT
            Not After : Apr 29 22:00:46 2025 GMT
        Subject: CN=0bd31b1ccc213d4dd50a4025a7ca6ef9675adea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:41:01:b7:7a:70:82:b0:c1:92:06:2d:d3:94:
                    c7:35:d0:1b:21:6b:b0:5a:5a:07:7a:84:37:2a:fc:
                    a2:2f:8b:56:c2:02:bf:2a:3d:d4:ac:63:05:8a:28:
                    ea:14:35:1d:24:68:a6:6c:02:ac:bf:1a:a6:af:f6:
                    75:9b:ca:61:22:95:bf:81:30:57:a2:9e:86:59:4e:
                    61:02:fb:62:f5:71:b7:7c:1d:fa:5e:66:fb:a6:a7:
                    48:15:3d:76:82:41:0c:26:d3:52:67:40:aa:38:ea:
                    1e:b5:f3:d4:0d:af:2c:03:77:46:67:e1:19:c4:a7:
                    a1:97:8a:2a:8f:70:e7:36:cb:0a:ab:8f:2f:c6:bd:
                    39:ae:79:59:31:ed:e4:ff:9f:97:73:b7:62:fc:80:
                    1e:37:2a:00:36:e9:24:af:32:63:16:a1:f2:7d:ac:
                    3c:4f:fd:e2:b2:75:bf:10:37:51:86:16:82:f7:49:
                    9e:bb:15:10:7d:ee:6a:34:76:98:81:5e:ee:41:00:
                    45:7b:e1:e2:93:0e:f6:80:e9:6f:8a:ce:65:a6:32:
                    2a:c8:30:5d:0c:e9:09:53:17:d5:b2:62:43:31:13:
                    4d:fd:d4:52:21:0a:46:f2:c9:b2:5a:d2:3d:83:52:
                    8c:e3:27:87:5b:36:b7:75:db:85:94:4a:61:b7:ee:
                    db:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:D3:1B:1C:CC:21:3D:4D:D5:0A:40:25:A7:CA:6E:F9:67:5A:DE:A7
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:6e:9e:3f:53:70:35:40:2a:21:f3:11:28:ba:9f:fc:cb:74:
         5a:5c:3f:d7:9b:ba:59:89:35:bf:48:0d:10:76:56:00:cf:0f:
         dd:38:50:96:91:cc:93:1f:9e:b6:bb:3d:9e:ee:f7:fd:f4:18:
         85:ff:37:a3:f3:9a:77:6a:0f:e4:f2:b8:e9:78:31:44:96:40:
         03:b7:4b:5e:10:f9:ff:24:d7:a9:7b:0b:1c:af:d2:79:81:bf:
         45:83:96:7b:ff:fc:c2:56:31:b7:e7:cd:eb:d8:88:a4:0c:e8:
         bb:b7:c3:27:92:ab:75:6e:b0:0a:8f:12:ef:24:66:8a:d7:d7:
         d5:41:45:0a:cc:a4:11:32:98:df:e3:54:b5:21:74:06:66:07:
         ed:68:75:3a:95:a0:b8:17:30:3f:3e:6d:17:f5:7a:ce:50:31:
         7a:6b:d8:d4:4a:a0:05:4e:48:dd:a7:bf:ed:df:a6:1c:53:82:
         95:77:47:19:1f:a6:9d:3a:1d:1f:36:42:7e:4a:c8:4c:f8:ed:
         da:6f:45:c9:2a:cd:5a:f6:39:be:39:99:e8:a1:23:cc:bf:4d:
         4b:d2:27:22:94:09:b5:5f:54:2c:e8:95:61:2a:b6:3c:0c:21:
         c2:5e:59:32:c7:2e:cb:e3:f6:18:e9:0d:23:fa:92:49:81:a2:
         f1:50:d2:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+aryULWpMfzVRooMDnpk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwNDI4MjIwMDQ2WhcNMjUwNDI5MjIwMDQ2WjAzMTEwLwYDVQQD
EygwYmQzMWIxY2NjMjEzZDRkZDUwYTQwMjVhN2NhNmVmOTY3NWFkZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0EBt3pwgrDBkgYt05THNdAbIWuw
WloHeoQ3KvyiL4tWwgK/Kj3UrGMFiijqFDUdJGimbAKsvxqmr/Z1m8phIpW/gTBX
op6GWU5hAvti9XG3fB36Xmb7pqdIFT12gkEMJtNSZ0CqOOoetfPUDa8sA3dGZ+EZ
xKehl4oqj3DnNssKq48vxr05rnlZMe3k/5+Xc7di/IAeNyoANukkrzJjFqHyfaw8
T/3isnW/EDdRhhaC90meuxUQfe5qNHaYgV7uQQBFe+Hikw72gOlvis5lpjIqyDBd
DOkJUxfVsmJDMRNN/dRSIQpG8smyWtI9g1KM4yeHWza3dduFlEpht+7bdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvTGxzMIT1N1QpAJafKbvlnWt6nMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWm6eP1Nw
NUAqIfMRKLqf/Mt0Wlw/15u6WYk1v0gNEHZWAM8P3ThQlpHMkx+etrs9nu73/fQY
hf83o/Oad2oP5PK46XgxRJZAA7dLXhD5/yTXqXsLHK/SeYG/RYOWe//8wlYxt+fN
69iIpAzou7fDJ5KrdW6wCo8S7yRmitfX1UFFCsykETKY3+NUtSF0BmYH7Wh1OpWg
uBcwPz5tF/V6zlAxemvY1EqgBU5I3ae/7d+mHFOClXdHGR+mnTodHzZCfkrITPjt
2m9FySrNWvY5vjmZ6KEjzL9NS9InIpQJtV9ULOiVYSq2PAwhwl5ZMscuy+P2GOkN
I/qSSYGi8VDSwg==
-----END CERTIFICATE-----