Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
File:                     QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft (raw, json)
Hash identifier:          QyZm+nTiA8BEqvt7PjZs9TVAXlbW8TGvrY0tKi7CPug=
Subject key identifier:   4F:24:14:17:2E:C0:BB:99:0B:90:C1:2C:21:B1:2A:56:7D:EE:52:20
Authority key identifier: 43:32:4F:25:1B:68:FF:54:63:F6:B5:35:07:F6:6A:4B:03:4D:C0:E5
Certificate issuer:       /CN=43324f251b68ff5463f6b53507f66a4b034dc0e5
Certificate serial:       01968435A0241A7BA9E7FC6E96414CB73162
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
Manifest number:          1512
Signing time:             Wed 30 Apr 2025 01:00:28 +0000
Manifest this update:     Wed 30 Apr 2025 01:00:28 +0000
Manifest next update:     Thu 01 May 2025 01:00:28 +0000
Files and hashes:         1: QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl (hash: DJxLiy71cmHRE/BMvojKurCBLaj08tLVApjyyancw00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:35:a0:24:1a:7b:a9:e7:fc:6e:96:41:4c:b7:31:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43324f251b68ff5463f6b53507f66a4b034dc0e5
        Validity
            Not Before: Apr 30 01:00:28 2025 GMT
            Not After : May  1 01:00:28 2025 GMT
        Subject: CN=4f2414172ec0bb990b90c12c21b12a567dee5220
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:eb:57:5b:4b:f5:31:d5:40:6c:d1:a6:83:
                    58:06:d7:c7:d1:b6:b9:6a:1f:bc:a6:fb:0b:ba:51:
                    61:27:dc:3c:26:15:ed:ac:84:3c:44:61:49:23:6f:
                    a3:db:37:df:a3:ae:87:e4:e9:bf:0f:ae:eb:72:78:
                    27:0d:3a:2e:9d:39:3d:df:b0:33:1b:75:31:62:44:
                    d7:f9:f6:ad:8f:8c:c4:b2:11:75:f7:b9:33:b2:41:
                    46:84:1a:82:c3:3e:93:ff:d2:b4:67:7d:2c:70:94:
                    9c:6a:42:b8:f5:c7:1c:1a:fd:82:76:0f:89:5f:20:
                    52:ce:b3:56:cd:9d:24:d8:3c:0e:85:0e:20:ba:06:
                    ea:ea:71:81:fe:71:42:b0:7c:f0:f8:61:fe:2c:f7:
                    34:ae:92:09:9f:37:ca:e3:e4:47:29:c9:ef:9a:5b:
                    75:a1:23:43:c5:ec:f4:40:56:08:a1:3e:44:dd:f4:
                    2d:44:c6:7e:56:78:13:ef:b4:1e:83:28:e0:9f:ab:
                    37:c3:9b:28:d2:60:59:72:db:ec:a8:7f:91:2a:89:
                    3a:00:5e:d3:9e:6c:f3:18:ab:d9:a0:a3:74:2a:46:
                    16:3c:35:74:19:08:88:30:dc:4b:5f:86:df:6c:ea:
                    67:23:b9:e3:30:fe:c7:c5:f3:a9:53:79:41:43:63:
                    df:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:24:14:17:2E:C0:BB:99:0B:90:C1:2C:21:B1:2A:56:7D:EE:52:20
            X509v3 Authority Key Identifier:
                keyid:43:32:4F:25:1B:68:FF:54:63:F6:B5:35:07:F6:6A:4B:03:4D:C0:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/afead5-9373-485a-a93a-bc33a54898e0/1/QzJPJRto_1Rj9rU1B_ZqSwNNwOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:64:b7:3d:70:ea:8c:93:aa:4b:5e:bb:75:b1:3a:0a:77:73:
         37:89:68:ae:0f:12:54:ff:07:59:ba:bd:fa:d2:9c:cd:41:3a:
         29:a2:53:f5:51:ff:d5:8a:22:b8:ba:e1:00:cb:06:39:79:1d:
         3d:3d:89:f5:ef:7d:1e:6f:b8:37:f1:3a:f2:5f:c5:25:dc:c7:
         92:ab:17:33:af:33:fb:ad:de:f1:f4:15:69:09:04:ea:09:cc:
         aa:9d:86:b8:ee:91:7d:e1:09:f7:e1:ef:94:c7:7f:45:cc:b1:
         a6:6f:e7:34:c6:5f:80:75:fe:70:ce:ef:61:1f:41:fe:44:23:
         b7:b0:95:94:e3:6c:3a:a0:f6:3a:06:35:a5:bc:fb:9a:c5:6c:
         06:d5:f9:c4:b3:2d:29:58:66:27:3a:c1:23:3d:ef:ce:8a:72:
         8c:8c:cb:f4:c8:78:16:6a:8e:0f:2b:6f:ac:d4:de:4f:31:24:
         31:9c:35:05:d9:52:9f:24:77:76:2b:d7:7e:8a:b9:77:a1:93:
         ba:1b:91:ac:dd:13:cd:27:c8:35:e8:56:83:b4:39:da:20:30:
         6d:cd:4d:99:8a:c2:b2:ae:13:9c:87:6d:f5:06:34:a7:b0:5c:
         df:b0:36:58:8c:a8:10:33:36:e8:61:93:a9:2f:5f:ac:77:44:
         84:07:52:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaENaAkGnup5/xulkFMtzFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzI0ZjI1MWI2OGZmNTQ2M2Y2YjUzNTA3ZjY2YTRiMDM0
ZGMwZTUwHhcNMjUwNDMwMDEwMDI4WhcNMjUwNTAxMDEwMDI4WjAzMTEwLwYDVQQD
Eyg0ZjI0MTQxNzJlYzBiYjk5MGI5MGMxMmMyMWIxMmE1NjdkZWU1MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7frV1tL9THVQGzRpoNYBtfH0ba5
ah+8pvsLulFhJ9w8JhXtrIQ8RGFJI2+j2zffo66H5Om/D67rcngnDTounTk937Az
G3UxYkTX+fatj4zEshF197kzskFGhBqCwz6T/9K0Z30scJScakK49cccGv2Cdg+J
XyBSzrNWzZ0k2DwOhQ4gugbq6nGB/nFCsHzw+GH+LPc0rpIJnzfK4+RHKcnvmlt1
oSNDxez0QFYIoT5E3fQtRMZ+VngT77Qegyjgn6s3w5so0mBZctvsqH+RKok6AF7T
nmzzGKvZoKN0KkYWPDV0GQiIMNxLX4bfbOpnI7njMP7HxfOpU3lBQ2PfCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8kFBcuwLuZC5DBLCGxKlZ97lIgMB8GA1UdIwQY
MBaAFEMyTyUbaP9UY/a1NQf2aksDTcDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hZmVhZDUtOTM3My00ODVhLWE5M2Et
YmMzM2E1NDg5OGUwLzEvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hZmVhZDUtOTM3My00ODVhLWE5M2EtYmMzM2E1NDg5OGUw
LzEvUXpKUEpSdG9fMVJqOXJVMUJfWnFTd05Od09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx2S3PXDq
jJOqS167dbE6CndzN4lorg8SVP8HWbq9+tKczUE6KaJT9VH/1YoiuLrhAMsGOXkd
PT2J9e99Hm+4N/E68l/FJdzHkqsXM68z+63e8fQVaQkE6gnMqp2GuO6RfeEJ9+Hv
lMd/Rcyxpm/nNMZfgHX+cM7vYR9B/kQjt7CVlONsOqD2OgY1pbz7msVsBtX5xLMt
KVhmJzrBIz3vzopyjIzL9Mh4FmqODytvrNTeTzEkMZw1BdlSnyR3divXfoq5d6GT
uhuRrN0TzSfINehWg7Q52iAwbc1NmYrCsq4TnIdt9QY0p7Bc37A2WIyoEDM26GGT
qS9frHdEhAdSCg==
-----END CERTIFICATE-----