Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          9jpQQY9DOss7qr5nlgTH/beyrinbRJ9nHrIeBsQOXtU=
Subject key identifier:   8A:04:C7:06:FD:3C:51:D0:33:4D:7A:B3:FC:F3:65:6B:EA:CC:2D:7A
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       01976D3E446F5BF35F74E08D47D911529EDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 07:01:26 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:26 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:26 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: zqJKUGuEzj/bZWYagHoI1NKCTOQvhBc0LTvZ+LBZ6ro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:44:6f:5b:f3:5f:74:e0:8d:47:d9:11:52:9e:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Jun 14 07:01:26 2025 GMT
            Not After : Jun 15 07:01:26 2025 GMT
        Subject: CN=8a04c706fd3c51d0334d7ab3fcf3656beacc2d7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:67:0d:f1:55:19:d3:3a:48:8e:b1:01:b2:a2:
                    35:8c:55:51:e6:91:eb:fa:d8:e9:a1:58:e1:d6:98:
                    5f:63:ae:f5:4f:72:02:4b:da:ad:c1:71:86:71:0a:
                    a2:76:53:60:a8:9f:65:67:58:d6:c7:09:b6:44:51:
                    e6:14:01:cb:06:a4:af:fb:5c:62:b0:77:4b:45:e2:
                    00:c2:67:3c:a2:3d:76:ff:dc:90:d0:d4:e6:15:c3:
                    40:1a:7c:48:d4:64:5b:7f:53:a1:a1:3e:4f:70:0a:
                    a6:e0:be:cb:3a:08:11:72:8f:fd:23:e2:cf:47:28:
                    3a:1c:c4:03:04:1a:89:11:f0:b7:1d:c7:09:f0:38:
                    f9:12:5c:ac:4c:3d:ab:52:07:e0:61:13:d3:4a:81:
                    37:8f:9b:b2:9b:84:03:6b:c0:18:a6:83:86:33:50:
                    aa:2d:da:b6:91:01:35:58:a2:00:95:1f:c1:85:7b:
                    14:94:88:7d:cc:e4:10:9b:dc:48:5a:f3:13:32:05:
                    51:8c:fd:15:1b:9f:46:58:fb:22:7a:0d:1a:bf:87:
                    70:60:6a:1c:80:37:56:35:d2:5b:20:4c:21:2f:80:
                    49:0e:d1:2c:fa:a9:d7:c1:0b:e9:3c:af:4d:ae:f6:
                    79:62:f9:9a:aa:82:cc:93:4e:db:9e:43:fc:f1:1e:
                    09:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:04:C7:06:FD:3C:51:D0:33:4D:7A:B3:FC:F3:65:6B:EA:CC:2D:7A
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ed:9c:20:e7:bb:fd:33:62:26:94:e9:99:9c:f4:f7:d8:04:
         03:af:6b:24:ea:1b:40:80:e2:26:61:97:d0:9f:81:60:e8:33:
         a3:e6:d6:b1:89:5c:f3:74:8f:e6:58:72:34:24:e8:66:32:00:
         d1:02:96:ce:14:88:9d:89:b7:c4:1c:bb:c4:5c:af:13:32:d2:
         04:c2:35:11:69:4a:8f:91:1a:dc:16:13:d9:a8:91:a7:80:83:
         26:13:60:c2:a2:6c:3b:8d:29:dd:a0:98:da:9a:79:57:a0:a8:
         6d:0f:05:25:80:a5:02:56:44:6a:f8:ad:2e:62:07:bf:22:55:
         a2:5d:d7:66:62:2a:1a:b9:4b:6c:84:4f:cd:84:6e:dc:42:ee:
         27:36:37:24:44:64:3f:32:7e:aa:fb:5f:4c:a3:28:4c:71:f1:
         90:85:7f:19:c7:8c:13:a1:c3:ba:0d:a3:05:d2:f4:9a:09:d4:
         a4:58:cd:8f:9c:14:e6:54:26:d1:12:6d:a8:98:ab:43:9c:15:
         96:f4:cd:0c:02:49:6c:61:75:7b:6c:41:3a:51:c9:21:5b:59:
         1a:5d:12:96:4e:77:8b:3d:c0:f9:af:d9:25:bd:1c:b3:98:62:
         1d:f6:37:fc:09:43:78:43:90:b8:7f:4d:6c:15:38:23:64:bf:
         ef:83:23:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPkRvW/NfdOCNR9kRUp7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwNjE0MDcwMTI2WhcNMjUwNjE1MDcwMTI2WjAzMTEwLwYDVQQD
Eyg4YTA0YzcwNmZkM2M1MWQwMzM0ZDdhYjNmY2YzNjU2YmVhY2MyZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomcN8VUZ0zpIjrEBsqI1jFVR5pHr
+tjpoVjh1phfY671T3ICS9qtwXGGcQqidlNgqJ9lZ1jWxwm2RFHmFAHLBqSv+1xi
sHdLReIAwmc8oj12/9yQ0NTmFcNAGnxI1GRbf1OhoT5PcAqm4L7LOggRco/9I+LP
Ryg6HMQDBBqJEfC3HccJ8Dj5ElysTD2rUgfgYRPTSoE3j5uym4QDa8AYpoOGM1Cq
Ldq2kQE1WKIAlR/BhXsUlIh9zOQQm9xIWvMTMgVRjP0VG59GWPsieg0av4dwYGoc
gDdWNdJbIEwhL4BJDtEs+qnXwQvpPK9NrvZ5YvmaqoLMk07bnkP88R4JgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoExwb9PFHQM016s/zzZWvqzC16MB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADu2cIOe7
/TNiJpTpmZz099gEA69rJOobQIDiJmGX0J+BYOgzo+bWsYlc83SP5lhyNCToZjIA
0QKWzhSInYm3xBy7xFyvEzLSBMI1EWlKj5Ea3BYT2aiRp4CDJhNgwqJsO40p3aCY
2pp5V6CobQ8FJYClAlZEavitLmIHvyJVol3XZmIqGrlLbIRPzYRu3ELuJzY3JERk
PzJ+qvtfTKMoTHHxkIV/GceME6HDug2jBdL0mgnUpFjNj5wU5lQm0RJtqJirQ5wV
lvTNDAJJbGF1e2xBOlHJIVtZGl0Slk53iz3A+a/ZJb0cs5hiHfY3/AlDeEOQuH9N
bBU4I2S/74MjJw==
-----END CERTIFICATE-----