Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
File:                     QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft (raw, json)
Hash identifier:          2aosqBXLkKllyZ0ywPA/8Bgyie8Zryq9pADd4fgt6xM=
Subject key identifier:   17:6E:AB:9F:4C:1B:C2:13:B0:48:DF:A1:8C:94:57:D1:AA:E0:C8:34
Authority key identifier: 40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C
Certificate issuer:       /CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
Certificate serial:       01976961323C18183EA9CAD50446471ACC1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:01:06 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:06 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:06 +0000
Files and hashes:         1: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl (hash: 9w92dbfu2p7RO8ihkiPsvvUSOJEDSFkt5o2/u+WS/O0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:32:3c:18:18:3e:a9:ca:d5:04:46:47:1a:cc:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
        Validity
            Not Before: Jun 13 13:01:06 2025 GMT
            Not After : Jun 14 13:01:06 2025 GMT
        Subject: CN=176eab9f4c1bc213b048dfa18c9457d1aae0c834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:92:bd:85:66:6e:a8:1f:12:6e:82:06:db:46:
                    22:ec:19:ea:fd:96:eb:f4:e9:31:d6:99:c7:c8:a4:
                    3d:25:b7:f4:ab:0f:38:79:d2:1e:54:7a:95:d6:a5:
                    9c:87:fd:9d:a7:ba:f9:d6:87:1f:f3:f9:3d:23:9c:
                    2d:29:9a:7d:99:e1:22:4c:5c:2f:dd:dc:a7:42:b8:
                    dd:a4:30:29:72:c6:f6:7c:ed:03:35:2d:1b:99:2d:
                    e2:43:e3:e7:44:24:f2:82:04:59:ea:29:d0:25:13:
                    33:f9:b6:58:cb:dc:f1:e2:43:97:24:21:97:c2:8d:
                    d6:5e:96:ba:04:29:ff:36:f7:df:45:ef:68:0b:64:
                    c2:70:5e:fe:28:fc:99:ad:59:e1:52:b6:b7:d2:26:
                    f1:3c:0c:b6:19:c8:fa:e5:b4:da:e6:d7:9e:65:26:
                    6b:2f:25:56:70:86:b9:16:52:f8:54:70:5e:cf:42:
                    b7:20:7f:b9:2e:16:8a:b2:0a:54:28:05:26:16:95:
                    4c:bc:05:b2:b8:c6:76:49:ec:f4:b0:e2:b0:ca:4d:
                    44:1e:a5:8a:22:a3:ad:f1:a4:b0:7f:5b:7a:d3:f1:
                    52:49:5f:36:09:a4:30:ad:5e:b5:ff:20:96:a4:5d:
                    b4:a4:78:d9:9b:3b:ee:75:11:fb:99:9e:2b:1d:0c:
                    ca:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:6E:AB:9F:4C:1B:C2:13:B0:48:DF:A1:8C:94:57:D1:AA:E0:C8:34
            X509v3 Authority Key Identifier:
                keyid:40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:c9:bc:81:8b:48:62:df:f0:9a:85:10:02:cf:6a:a2:1e:17:
         3c:3a:d4:2d:c3:a2:27:16:a2:32:51:31:97:f6:6c:35:3f:21:
         ce:35:e3:f4:87:e1:2b:ba:d3:92:0c:85:9a:d9:5d:df:e2:b9:
         c8:f9:80:26:1d:66:2c:7b:d7:b0:61:49:81:77:78:44:2f:f5:
         b7:a9:68:cc:3c:24:58:de:d9:c3:a0:fe:5f:a1:08:8c:f1:a6:
         7d:b5:0d:14:0b:4a:e5:0a:9f:2b:a6:55:95:79:b3:9e:48:bd:
         d6:fe:8f:73:ed:75:b5:e0:80:83:25:08:c0:5c:70:6a:3f:19:
         fe:8a:15:f1:8c:5a:ce:5e:7d:90:aa:77:01:c4:fd:0c:27:10:
         48:02:cd:64:bc:df:75:73:f9:82:9a:f4:27:61:45:20:e3:c7:
         8f:66:cc:15:9c:e8:bb:0d:26:79:32:34:28:5c:35:63:cb:c9:
         50:0a:0a:bf:eb:71:96:f3:33:c8:21:17:4b:f6:9c:1c:00:35:
         2c:5a:41:2f:19:62:ec:17:a7:e4:b5:86:95:4a:56:c3:4b:20:
         8b:cf:ab:cc:b8:ff:48:af:6f:73:cb:73:91:2b:23:ae:ba:30:
         99:08:9a:f2:d1:6f:a4:57:b1:3b:da:46:eb:22:e1:ca:80:68:
         a3:c7:e9:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYTI8GBg+qcrVBEZHGswdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE3MTE1N2UyMGQ5ODAzNmJiZDY5M2I4ZWNiYjJiOTlm
MGYwM2MwHhcNMjUwNjEzMTMwMTA2WhcNMjUwNjE0MTMwMTA2WjAzMTEwLwYDVQQD
EygxNzZlYWI5ZjRjMWJjMjEzYjA0OGRmYTE4Yzk0NTdkMWFhZTBjODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JK9hWZuqB8SboIG20Yi7Bnq/Zbr
9Okx1pnHyKQ9Jbf0qw84edIeVHqV1qWch/2dp7r51ocf8/k9I5wtKZp9meEiTFwv
3dynQrjdpDApcsb2fO0DNS0bmS3iQ+PnRCTyggRZ6inQJRMz+bZYy9zx4kOXJCGX
wo3WXpa6BCn/NvffRe9oC2TCcF7+KPyZrVnhUra30ibxPAy2Gcj65bTa5teeZSZr
LyVWcIa5FlL4VHBez0K3IH+5LhaKsgpUKAUmFpVMvAWyuMZ2Sez0sOKwyk1EHqWK
IqOt8aSwf1t60/FSSV82CaQwrV61/yCWpF20pHjZmzvudRH7mZ4rHQzKzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBduq59MG8ITsEjfoYyUV9Gq4Mg0MB8GA1UdIwQY
MBaAFECqcRV+INmANrvWk7jsuyuZ8PA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUt
MjM1YWJhMTlkOWY5LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUtMjM1YWJhMTlkOWY5
LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWsm8gYtI
Yt/wmoUQAs9qoh4XPDrULcOiJxaiMlExl/ZsNT8hzjXj9IfhK7rTkgyFmtld3+K5
yPmAJh1mLHvXsGFJgXd4RC/1t6lozDwkWN7Zw6D+X6EIjPGmfbUNFAtK5QqfK6ZV
lXmznki91v6Pc+11teCAgyUIwFxwaj8Z/ooV8Yxazl59kKp3AcT9DCcQSALNZLzf
dXP5gpr0J2FFIOPHj2bMFZzouw0meTI0KFw1Y8vJUAoKv+txlvMzyCEXS/acHAA1
LFpBLxli7Ben5LWGlUpWw0sgi8+rzLj/SK9vc8tzkSsjrrowmQia8tFvpFexO9pG
6yLhyoBoo8fpNQ==
-----END CERTIFICATE-----