Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.mft
File:                     Q4-O0SG6MIHPshX6q1CuFFtZDdI.mft (raw, json)
Hash identifier:          JYeEnr+Kvbv8T0cpmQ/97k1LQLaw2DZ9rVzscY/0moo=
Subject key identifier:   36:0B:B2:5D:AA:CD:CC:67:3F:B8:2D:35:3F:F6:87:69:55:A7:96:27
Authority key identifier: 43:8F:8E:D1:21:BA:30:81:CF:B2:15:FA:AB:50:AE:14:5B:59:0D:D2
Certificate issuer:       /CN=438f8ed121ba3081cfb215faab50ae145b590dd2
Certificate serial:       01989E5FC7F0CA6F82622D581915DBD5C22C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q4-O0SG6MIHPshX6q1CuFFtZDdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.mft
Manifest number:          0F14
Signing time:             Tue 12 Aug 2025 13:02:13 +0000
Manifest this update:     Tue 12 Aug 2025 13:02:13 +0000
Manifest next update:     Wed 13 Aug 2025 13:02:13 +0000
Files and hashes:         1: Q4-O0SG6MIHPshX6q1CuFFtZDdI.crl (hash: CpgFF6R0NCXPgjUIWcSy4/48mOE6JdDeESZRLFJu4+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q4-O0SG6MIHPshX6q1CuFFtZDdI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:5f:c7:f0:ca:6f:82:62:2d:58:19:15:db:d5:c2:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=438f8ed121ba3081cfb215faab50ae145b590dd2
        Validity
            Not Before: Aug 12 13:02:13 2025 GMT
            Not After : Aug 13 13:02:13 2025 GMT
        Subject: CN=360bb25daacdcc673fb82d353ff6876955a79627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:27:8c:5d:31:35:35:f9:22:db:8a:12:3c:de:
                    7b:8f:66:46:88:85:9f:69:45:71:9f:ba:09:47:38:
                    80:17:8f:72:e8:eb:9a:54:ba:b7:90:f9:3e:46:ce:
                    46:7b:ba:e5:9e:57:11:b5:3b:5f:e0:2c:ae:80:0c:
                    67:17:33:72:79:01:49:7f:1f:13:2d:ef:ce:42:d5:
                    6c:3b:9c:4a:9e:ab:79:4a:e7:45:a9:b1:94:a2:9e:
                    68:e8:b6:90:7f:97:0f:34:ca:1e:b6:d5:ac:58:2b:
                    7b:6b:e2:43:22:47:2a:db:ff:61:71:22:d2:f3:ae:
                    32:57:c0:0d:80:a6:7c:4a:c3:2b:b9:8e:af:23:25:
                    29:7f:e8:1b:33:f4:0a:05:19:6f:f3:a6:73:43:17:
                    2d:b5:b1:f4:7c:f1:ce:48:97:89:0a:c3:b9:6f:35:
                    94:44:d7:6d:1b:79:ee:5b:a6:e2:21:3b:00:83:66:
                    95:eb:b2:29:dd:5b:0b:42:d5:9f:9f:8d:0a:8e:7e:
                    da:20:d8:57:99:9b:98:c0:0a:5e:5d:57:e0:f8:80:
                    03:71:2b:35:55:24:43:fc:b3:b4:ea:4d:1c:a6:45:
                    80:1a:1f:e1:dc:a4:45:44:af:5a:3c:15:a7:85:19:
                    ad:aa:75:67:1f:27:6a:52:77:3a:af:fa:93:73:40:
                    db:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0B:B2:5D:AA:CD:CC:67:3F:B8:2D:35:3F:F6:87:69:55:A7:96:27
            X509v3 Authority Key Identifier:
                keyid:43:8F:8E:D1:21:BA:30:81:CF:B2:15:FA:AB:50:AE:14:5B:59:0D:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4-O0SG6MIHPshX6q1CuFFtZDdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/935044-1af5-45d0-aceb-d0406767e6cc/1/Q4-O0SG6MIHPshX6q1CuFFtZDdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f8:55:95:a3:b2:53:37:b4:ee:db:fe:84:c5:15:1b:3b:70:
         8b:69:27:6c:cc:dd:51:fc:a7:92:63:8c:53:b7:1a:2c:37:40:
         63:ac:72:64:63:2f:98:03:c7:2d:8b:8b:ef:87:09:a1:70:f6:
         bc:e5:c0:dc:06:f6:48:61:2f:c4:e3:92:fd:c8:b4:8e:cf:58:
         3f:d8:8b:5d:19:a8:15:e2:3d:9f:3a:11:37:9d:01:5f:dd:20:
         ec:aa:7c:70:a3:09:18:3c:52:44:16:0d:f6:fc:85:62:4e:e5:
         90:57:f2:ed:a2:55:5d:36:2d:cf:fb:55:38:5e:68:12:40:77:
         85:71:dd:18:7b:e6:3a:0f:71:05:b3:51:85:db:50:4c:55:78:
         36:5a:a8:9e:48:f1:77:c7:ca:f7:9b:20:7f:b3:0b:93:3b:b4:
         68:63:03:e2:8e:b8:e1:90:d7:3c:b3:a6:dd:ad:85:f8:d8:51:
         12:4a:a0:bc:2f:05:7e:34:82:ec:73:f9:07:02:ae:bf:dc:17:
         49:a3:8d:97:46:7a:02:de:58:4c:33:6b:c9:db:71:8b:e2:c4:
         ee:08:4b:98:73:2c:c4:0c:39:b9:6c:a6:f6:58:6f:56:17:dd:
         f5:c8:04:48:4a:69:04:b8:33:c2:ed:f8:40:f5:ac:0b:b6:af:
         85:85:6f:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZieX8fwym+CYi1YGRXb1cIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOGY4ZWQxMjFiYTMwODFjZmIyMTVmYWFiNTBhZTE0NWI1
OTBkZDIwHhcNMjUwODEyMTMwMjEzWhcNMjUwODEzMTMwMjEzWjAzMTEwLwYDVQQD
EygzNjBiYjI1ZGFhY2RjYzY3M2ZiODJkMzUzZmY2ODc2OTU1YTc5NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCeMXTE1Nfki24oSPN57j2ZGiIWf
aUVxn7oJRziAF49y6OuaVLq3kPk+Rs5Ge7rlnlcRtTtf4CyugAxnFzNyeQFJfx8T
Le/OQtVsO5xKnqt5SudFqbGUop5o6LaQf5cPNMoettWsWCt7a+JDIkcq2/9hcSLS
864yV8ANgKZ8SsMruY6vIyUpf+gbM/QKBRlv86ZzQxcttbH0fPHOSJeJCsO5bzWU
RNdtG3nuW6biITsAg2aV67Ip3VsLQtWfn40Kjn7aINhXmZuYwApeXVfg+IADcSs1
VSRD/LO06k0cpkWAGh/h3KRFRK9aPBWnhRmtqnVnHydqUnc6r/qTc0DbqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYLsl2qzcxnP7gtNT/2h2lVp5YnMB8GA1UdIwQY
MBaAFEOPjtEhujCBz7IV+qtQrhRbWQ3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTQtTzBTRzZNSUhQc2hYNnExQ3VGRnRaRGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85MzUwNDQtMWFmNS00NWQwLWFjZWIt
ZDA0MDY3NjdlNmNjLzEvUTQtTzBTRzZNSUhQc2hYNnExQ3VGRnRaRGRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85MzUwNDQtMWFmNS00NWQwLWFjZWItZDA0MDY3NjdlNmNj
LzEvUTQtTzBTRzZNSUhQc2hYNnExQ3VGRnRaRGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPhVlaOy
Uze07tv+hMUVGztwi2knbMzdUfynkmOMU7caLDdAY6xyZGMvmAPHLYuL74cJoXD2
vOXA3Ab2SGEvxOOS/ci0js9YP9iLXRmoFeI9nzoRN50BX90g7Kp8cKMJGDxSRBYN
9vyFYk7lkFfy7aJVXTYtz/tVOF5oEkB3hXHdGHvmOg9xBbNRhdtQTFV4Nlqonkjx
d8fK95sgf7MLkzu0aGMD4o644ZDXPLOm3a2F+NhREkqgvC8FfjSC7HP5BwKuv9wX
SaONl0Z6At5YTDNrydtxi+LE7ghLmHMsxAw5uWym9lhvVhfd9cgESEppBLgzwu34
QPWsC7avhYVvAg==
-----END CERTIFICATE-----