Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
File:                     QpBWwzjRbJLN_aHlXQk2givFDNI.mft (raw, json)
Hash identifier:          5jMhqfuHCDq+ORWwcHxxfHbKxkm9cvoELC8KUCZVuw0=
Subject key identifier:   22:F8:2C:A7:D6:CF:40:0B:F5:37:3A:C7:B2:F8:1A:28:8E:4D:99:96
Authority key identifier: 42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2
Certificate issuer:       /CN=429056c338d16c92cdfda1e55d0936822bc50cd2
Certificate serial:       019872987BE99AECD47D712556F173BD3BC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
Manifest number:          04AB
Signing time:             Mon 04 Aug 2025 01:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 01:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 01:00:52 +0000
Files and hashes:         1: QpBWwzjRbJLN_aHlXQk2givFDNI.crl (hash: LJlSQbY9u67086M1PuXkW+8h1O5d4850nbAQVJfsr9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 01:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:98:7b:e9:9a:ec:d4:7d:71:25:56:f1:73:bd:3b:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429056c338d16c92cdfda1e55d0936822bc50cd2
        Validity
            Not Before: Aug  4 01:00:52 2025 GMT
            Not After : Aug  5 01:00:52 2025 GMT
        Subject: CN=22f82ca7d6cf400bf5373ac7b2f81a288e4d9996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7c:c7:3a:52:bb:45:b6:a7:24:d1:c5:c2:cd:
                    37:dd:30:68:aa:d1:f0:47:1b:b3:fb:df:df:9c:69:
                    be:44:d5:fa:11:6a:db:f6:d6:f6:dc:69:4b:21:a5:
                    ef:8c:e6:f5:18:ba:bf:c9:58:fd:a3:2b:ba:e9:d8:
                    de:bf:d6:21:f2:ec:57:24:b9:29:c0:cc:ad:75:fe:
                    05:76:49:1d:9e:fa:e1:18:99:92:ef:bc:0f:f9:10:
                    08:4d:03:63:39:8c:7c:54:85:d0:7e:fd:3e:bd:bc:
                    2d:1b:1d:43:34:e2:23:d1:1a:98:1e:07:a6:60:20:
                    2e:0c:b5:c4:bc:fe:c6:a2:ce:00:bb:5e:6c:6f:55:
                    41:3f:04:bf:fc:c9:86:d5:89:cb:79:c2:3e:8b:4c:
                    d6:da:0a:80:0d:b5:cd:81:c0:cc:f1:b6:21:5f:1b:
                    1c:94:80:cb:bc:46:06:83:c5:47:0d:4d:ed:68:30:
                    f3:32:58:e9:46:5c:e0:ec:e8:03:e8:d2:78:fe:eb:
                    ab:78:98:35:58:cc:c1:58:25:82:94:b0:09:72:59:
                    bc:08:8d:26:f8:d0:ed:c4:5b:64:2c:7f:a0:f6:11:
                    6c:99:5e:ee:66:44:ea:b4:02:56:e8:86:5f:6c:78:
                    f1:07:1c:38:76:ec:52:02:cd:d4:e4:f6:a1:fd:72:
                    82:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:F8:2C:A7:D6:CF:40:0B:F5:37:3A:C7:B2:F8:1A:28:8E:4D:99:96
            X509v3 Authority Key Identifier:
                keyid:42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:45:13:15:16:e1:d2:eb:33:8f:13:70:81:ee:2f:d1:36:34:
         c1:d3:18:12:78:94:7e:d4:d8:0b:ee:66:32:c7:e0:54:ce:49:
         af:fc:80:aa:4c:5f:02:a2:1d:5a:7e:5e:ce:57:ff:7a:07:20:
         70:57:e5:5b:03:74:82:da:b3:e1:e0:00:c6:7c:46:6e:a0:94:
         ae:5f:89:c7:df:c3:37:14:f6:75:2e:d1:6b:eb:eb:e1:90:e3:
         8e:54:30:32:bb:f3:25:f1:88:76:c0:a7:3c:19:8e:4b:31:7f:
         2d:94:7b:3f:c6:be:9c:22:f8:1d:49:08:40:02:94:bc:aa:ab:
         98:3d:7a:a4:ed:5a:eb:bf:25:c8:d6:3b:54:39:74:a1:da:e9:
         42:b7:80:16:ce:79:c5:3d:02:73:d9:6d:2c:c7:60:76:57:6f:
         5f:eb:5a:2e:43:66:b5:95:18:6e:f4:d6:ea:ce:a9:20:5b:8c:
         d3:47:58:82:60:12:fa:dd:8e:27:11:b7:b7:7e:ed:d5:f2:8c:
         98:99:33:b6:81:0e:a3:80:cd:95:a6:2a:51:28:af:bb:62:c5:
         67:a2:7b:88:86:d5:82:d3:cc:f5:c7:d2:b6:3a:d8:27:9e:94:
         9b:64:ee:1a:10:c3:cb:49:5c:b8:c0:a3:83:8d:1b:fa:65:dd:
         e5:ea:37:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymHvpmuzUfXElVvFzvTvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTA1NmMzMzhkMTZjOTJjZGZkYTFlNTVkMDkzNjgyMmJj
NTBjZDIwHhcNMjUwODA0MDEwMDUyWhcNMjUwODA1MDEwMDUyWjAzMTEwLwYDVQQD
EygyMmY4MmNhN2Q2Y2Y0MDBiZjUzNzNhYzdiMmY4MWEyODhlNGQ5OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunzHOlK7RbanJNHFws033TBoqtHw
Rxuz+9/fnGm+RNX6EWrb9tb23GlLIaXvjOb1GLq/yVj9oyu66djev9Yh8uxXJLkp
wMytdf4FdkkdnvrhGJmS77wP+RAITQNjOYx8VIXQfv0+vbwtGx1DNOIj0RqYHgem
YCAuDLXEvP7Gos4Au15sb1VBPwS//MmG1YnLecI+i0zW2gqADbXNgcDM8bYhXxsc
lIDLvEYGg8VHDU3taDDzMljpRlzg7OgD6NJ4/uureJg1WMzBWCWClLAJclm8CI0m
+NDtxFtkLH+g9hFsmV7uZkTqtAJW6IZfbHjxBxw4duxSAs3U5Pah/XKCoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCL4LKfWz0AL9Tc6x7L4GiiOTZmWMB8GA1UdIwQY
MBaAFEKQVsM40WySzf2h5V0JNoIrxQzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUt
N2YyMWQ5YmVmYzJjLzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUtN2YyMWQ5YmVmYzJj
LzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0UTFRbh
0uszjxNwge4v0TY0wdMYEniUftTYC+5mMsfgVM5Jr/yAqkxfAqIdWn5ezlf/egcg
cFflWwN0gtqz4eAAxnxGbqCUrl+Jx9/DNxT2dS7Ra+vr4ZDjjlQwMrvzJfGIdsCn
PBmOSzF/LZR7P8a+nCL4HUkIQAKUvKqrmD16pO1a678lyNY7VDl0odrpQreAFs55
xT0Cc9ltLMdgdldvX+taLkNmtZUYbvTW6s6pIFuM00dYgmAS+t2OJxG3t37t1fKM
mJkztoEOo4DNlaYqUSivu2LFZ6J7iIbVgtPM9cfStjrYJ56Um2TuGhDDy0lcuMCj
g40b+mXd5eo3vg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:14 2025 by rpki-client