Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
File:                     QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft (raw, json)
Hash identifier:          oWYq74P69zFVzvNTh2Lr9s0IJuXgJl4zQn4tLz7XiSk=
Subject key identifier:   19:F8:E5:3F:F3:6F:F7:8F:9C:58:A5:34:A9:C4:A3:C9:03:75:5A:5E
Authority key identifier: 43:32:4F:25:1B:68:FF:54:63:F6:B5:35:07:F6:6A:4B:03:4D:C0:E5
Certificate issuer:       /CN=43324f251b68ff5463f6b53507f66a4b034dc0e5
Certificate serial:       0194BA84940BA64DD4AD272A800734EC88E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
Manifest number:          1425
Signing time:             Fri 31 Jan 2025 04:00:38 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:38 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:38 +0000
Files and hashes:         1: QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl (hash: WXiql5Qerr3xeZgdr+kp9TwZafcu5CbnihPOc4Sn3pY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:94:0b:a6:4d:d4:ad:27:2a:80:07:34:ec:88:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43324f251b68ff5463f6b53507f66a4b034dc0e5
        Validity
            Not Before: Jan 31 04:00:38 2025 GMT
            Not After : Feb  1 04:00:38 2025 GMT
        Subject: CN=19f8e53ff36ff78f9c58a534a9c4a3c903755a5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:94:2c:01:dd:91:a2:a0:2e:17:a2:5d:11:53:
                    d0:42:ef:48:fb:76:c5:69:e1:97:29:2c:4d:a5:dc:
                    8a:35:e2:8d:de:6d:b5:26:77:a6:02:0a:24:af:2a:
                    da:4d:82:24:9e:bb:70:7c:c7:6c:d4:c1:3b:1d:d3:
                    ac:19:ab:db:e6:82:47:ed:60:d3:76:d4:5c:8e:a9:
                    3a:63:5e:1e:b7:51:77:73:22:1b:cb:f8:63:b6:f0:
                    d8:1a:e7:91:6d:66:13:9c:f9:ec:e0:ed:9d:4e:74:
                    e6:92:5a:69:a2:85:87:56:97:dd:a1:01:49:da:38:
                    9e:99:e7:bd:fd:08:41:19:2d:55:02:55:59:16:ac:
                    f5:53:8b:6f:c9:be:1b:3a:7a:a3:9a:cb:b2:81:eb:
                    68:50:e8:87:4e:da:88:6b:30:63:ad:2f:11:fd:d9:
                    86:6e:51:cb:44:28:5a:98:90:19:9d:6b:5f:a7:ff:
                    bb:c5:c0:7c:a0:d3:12:dd:c6:65:7c:1a:2b:4b:83:
                    6d:86:01:40:97:8a:71:e7:2e:0d:f2:2e:10:f7:9c:
                    99:1d:58:77:01:55:f0:40:40:8b:04:fe:ef:43:a7:
                    77:95:d6:2a:13:58:7b:fa:a9:20:cf:2e:94:ce:67:
                    a6:8d:0a:88:24:07:b0:06:a6:d6:36:0b:04:81:9e:
                    9e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F8:E5:3F:F3:6F:F7:8F:9C:58:A5:34:A9:C4:A3:C9:03:75:5A:5E
            X509v3 Authority Key Identifier:
                keyid:43:32:4F:25:1B:68:FF:54:63:F6:B5:35:07:F6:6A:4B:03:4D:C0:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:d4:19:cc:58:e5:43:4b:15:ea:d3:8b:a2:42:47:1b:12:81:
         36:66:a1:ac:37:20:fb:a0:68:01:d6:fd:c4:72:7e:f7:a9:ec:
         01:7c:1e:5c:39:1e:d8:1b:47:d2:ab:f8:9b:1c:f4:aa:7d:54:
         41:5d:d6:92:f5:a3:82:29:94:2a:dd:ea:8d:e3:35:3b:79:a5:
         53:74:b8:26:34:a3:f5:fe:a1:6f:c5:81:47:10:48:c6:93:8c:
         b9:81:a2:09:93:a4:f6:b0:c8:1d:d0:5b:7b:86:03:a3:30:3c:
         c3:89:9c:60:48:12:ab:5d:71:92:13:36:dd:08:81:38:46:68:
         cd:11:12:5b:04:57:eb:e0:be:29:86:76:70:18:00:55:50:5f:
         0a:2d:9a:92:7f:67:f7:86:da:b2:2e:19:ff:22:cb:92:83:c6:
         41:03:1f:fd:c8:f9:50:53:65:63:e7:23:dc:1a:9a:fb:2a:85:
         cd:1b:78:92:5c:db:d4:d0:aa:02:ab:72:06:6e:1a:64:4e:e8:
         80:2d:0a:a2:07:82:11:d8:fa:40:cf:18:58:ca:a6:81:34:c0:
         09:1f:b1:aa:8b:c0:a7:e4:ad:49:e8:4b:ad:01:d6:40:6a:e2:
         10:42:2b:59:46:4a:99:47:6c:17:ce:a2:be:0b:67:46:74:f0:
         25:fa:27:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hJQLpk3UrScqgAc07IjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzI0ZjI1MWI2OGZmNTQ2M2Y2YjUzNTA3ZjY2YTRiMDM0
ZGMwZTUwHhcNMjUwMTMxMDQwMDM4WhcNMjUwMjAxMDQwMDM4WjAzMTEwLwYDVQQD
EygxOWY4ZTUzZmYzNmZmNzhmOWM1OGE1MzRhOWM0YTNjOTAzNzU1YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZQsAd2RoqAuF6JdEVPQQu9I+3bF
aeGXKSxNpdyKNeKN3m21JnemAgokryraTYIknrtwfMds1ME7HdOsGavb5oJH7WDT
dtRcjqk6Y14et1F3cyIby/hjtvDYGueRbWYTnPns4O2dTnTmklppooWHVpfdoQFJ
2jiemee9/QhBGS1VAlVZFqz1U4tvyb4bOnqjmsuygetoUOiHTtqIazBjrS8R/dmG
blHLRChamJAZnWtfp/+7xcB8oNMS3cZlfBorS4NthgFAl4px5y4N8i4Q95yZHVh3
AVXwQECLBP7vQ6d3ldYqE1h7+qkgzy6UzmemjQqIJAewBqbWNgsEgZ6e/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBn45T/zb/ePnFilNKnEo8kDdVpeMB8GA1UdIwQY
MBaAFEMyTyUbaP9UY/a1NQf2aksDTcDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hZmVhZDUtOTM3My00ODVhLWE5M2Et
YmMzM2E1NDg5OGUwLzEvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hZmVhZDUtOTM3My00ODVhLWE5M2EtYmMzM2E1NDg5OGUw
LzEvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtQZzFjl
Q0sV6tOLokJHGxKBNmahrDcg+6BoAdb9xHJ+96nsAXweXDke2BtH0qv4mxz0qn1U
QV3WkvWjgimUKt3qjeM1O3mlU3S4JjSj9f6hb8WBRxBIxpOMuYGiCZOk9rDIHdBb
e4YDozA8w4mcYEgSq11xkhM23QiBOEZozRESWwRX6+C+KYZ2cBgAVVBfCi2akn9n
94basi4Z/yLLkoPGQQMf/cj5UFNlY+cj3Bqa+yqFzRt4klzb1NCqAqtyBm4aZE7o
gC0KogeCEdj6QM8YWMqmgTTACR+xqovAp+StSehLrQHWQGriEEIrWUZKmUdsF86i
vgtnRnTwJfonAQ==
-----END CERTIFICATE-----