Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          X/vuerHSxAzMazysZr25PpKsJIgqJ3pLOnFZf+WbgfQ=
Subject key identifier:   58:95:46:F4:CF:EB:7F:CA:6F:1C:27:EB:47:81:A6:F2:65:62:4C:7F
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       019873E42BAA6DEFBF4CA360E19F7E0E53B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          1615
Signing time:             Mon 04 Aug 2025 07:03:09 +0000
Manifest this update:     Mon 04 Aug 2025 07:03:09 +0000
Manifest next update:     Tue 05 Aug 2025 07:03:09 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: exEFWXjpD0DxNUAF1kecvyQe5iMU9CkixnUYN0qYCvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e4:2b:aa:6d:ef:bf:4c:a3:60:e1:9f:7e:0e:53:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Aug  4 07:03:09 2025 GMT
            Not After : Aug  5 07:03:09 2025 GMT
        Subject: CN=589546f4cfeb7fca6f1c27eb4781a6f265624c7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:05:f2:f7:1f:9d:58:2d:df:a2:9f:20:8c:37:
                    8c:cb:18:3d:db:08:28:2c:24:96:91:c7:e5:b1:32:
                    df:16:8b:80:1e:45:5d:61:0b:98:11:47:0f:a7:a3:
                    b9:c3:80:a0:ec:c8:b0:7c:36:84:f3:43:2a:31:5b:
                    68:5b:d7:75:88:ce:3d:66:5c:3d:99:1c:dc:4c:e9:
                    9c:c0:0b:3a:71:ea:aa:79:b8:11:fb:05:72:01:ba:
                    0a:48:c6:d8:d8:5f:89:09:be:07:50:3e:04:57:fe:
                    53:06:41:16:4e:b8:a9:4c:2e:7e:99:2e:1d:a5:99:
                    7f:15:21:74:66:59:f5:2f:ed:31:60:c2:db:1d:b0:
                    ce:b7:e5:87:96:cf:27:fc:4e:20:0f:88:51:d3:79:
                    27:79:55:ef:8b:e0:8c:81:1e:cb:8f:04:0e:13:dc:
                    8a:33:d4:aa:df:05:3c:75:75:28:e1:d6:6d:3b:e8:
                    d3:f7:5b:67:1e:35:6c:db:bb:77:00:7f:56:2c:2e:
                    cc:f9:c8:54:d4:26:ec:08:50:26:61:fb:15:16:bb:
                    78:39:c5:fc:b7:c7:33:c7:f0:ad:ce:f2:10:e0:f0:
                    63:0a:71:bf:99:b9:c0:ce:86:46:a3:ee:1a:2b:c1:
                    6e:dd:54:c8:13:42:ea:d8:0a:f5:5c:e1:2f:64:4e:
                    21:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:95:46:F4:CF:EB:7F:CA:6F:1C:27:EB:47:81:A6:F2:65:62:4C:7F
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:5e:fd:fa:bf:a8:92:0c:04:24:14:9a:c1:02:45:9c:30:19:
         ad:8e:f0:60:22:7f:7b:94:1e:1c:6e:5a:fa:e6:5e:ee:9c:cc:
         48:72:61:b7:84:c0:e0:fc:be:8c:99:e3:48:39:31:b0:aa:c3:
         75:75:a6:d5:3c:76:e0:44:04:a5:a8:8f:8e:42:e9:26:b5:68:
         00:0d:c0:f4:ce:62:9b:ee:1c:c1:07:6a:ea:c7:52:45:93:9e:
         98:83:89:cc:45:04:29:73:1b:33:97:60:bd:43:91:5c:f9:c9:
         9d:ed:86:08:93:2d:fb:02:0f:e5:7e:46:7a:0f:6a:a4:e5:b1:
         ee:b2:7a:a4:8b:f8:01:aa:ac:b4:9b:20:81:ea:92:88:dd:7a:
         67:69:e3:93:f9:70:23:25:33:17:c2:28:b8:e0:ac:7d:37:e6:
         28:61:8a:9b:4b:4b:51:ea:9c:55:34:06:08:1a:8d:0a:4e:02:
         e1:f2:c7:a8:c3:41:9f:55:02:6c:f8:36:a9:60:a1:85:9d:3f:
         aa:9e:c7:fd:fc:fc:69:36:63:89:70:62:c1:ef:b4:27:5e:4d:
         08:14:a7:e8:6f:dd:0c:a6:75:84:63:cb:b4:43:19:76:10:55:
         0e:62:22:d2:0d:87:01:99:3f:d3:37:55:cb:dd:29:fb:9b:c5:
         b8:55:49:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz5Cuqbe+/TKNg4Z9+DlOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwODA0MDcwMzA5WhcNMjUwODA1MDcwMzA5WjAzMTEwLwYDVQQD
Eyg1ODk1NDZmNGNmZWI3ZmNhNmYxYzI3ZWI0NzgxYTZmMjY1NjI0YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAXy9x+dWC3fop8gjDeMyxg92wgo
LCSWkcflsTLfFouAHkVdYQuYEUcPp6O5w4Cg7MiwfDaE80MqMVtoW9d1iM49Zlw9
mRzcTOmcwAs6ceqqebgR+wVyAboKSMbY2F+JCb4HUD4EV/5TBkEWTripTC5+mS4d
pZl/FSF0Zln1L+0xYMLbHbDOt+WHls8n/E4gD4hR03kneVXvi+CMgR7LjwQOE9yK
M9Sq3wU8dXUo4dZtO+jT91tnHjVs27t3AH9WLC7M+chU1CbsCFAmYfsVFrt4OcX8
t8czx/CtzvIQ4PBjCnG/mbnAzoZGo+4aK8Fu3VTIE0Lq2Ar1XOEvZE4hjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiVRvTP63/Kbxwn60eBpvJlYkx/MB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhF79+r+o
kgwEJBSawQJFnDAZrY7wYCJ/e5QeHG5a+uZe7pzMSHJht4TA4Py+jJnjSDkxsKrD
dXWm1Tx24EQEpaiPjkLpJrVoAA3A9M5im+4cwQdq6sdSRZOemIOJzEUEKXMbM5dg
vUORXPnJne2GCJMt+wIP5X5Geg9qpOWx7rJ6pIv4AaqstJsggeqSiN16Z2njk/lw
IyUzF8IouOCsfTfmKGGKm0tLUeqcVTQGCBqNCk4C4fLHqMNBn1UCbPg2qWChhZ0/
qp7H/fz8aTZjiXBiwe+0J15NCBSn6G/dDKZ1hGPLtEMZdhBVDmIi0g2HAZk/0zdV
y90p+5vFuFVJBQ==
-----END CERTIFICATE-----