Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
File:                     QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json)
Hash identifier:          GbJDvEMsbQ3sp6hj1W2EQ69KevKrytXTrI1+gJXXFhc=
Subject key identifier:   BD:56:36:18:62:D1:2B:42:CF:E1:2B:88:E7:36:9A:79:D5:53:C0:CE
Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
Certificate issuer:       /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Certificate serial:       019776E54820268CAB23514070ACCFB48423
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
Manifest number:          0B80
Signing time:             Mon 16 Jun 2025 04:00:27 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:27 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:27 +0000
Files and hashes:         1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: t6ELoUyr7c+dQLtl+94VsozJQTu2W6DCXZAmbAS+Jrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:48:20:26:8c:ab:23:51:40:70:ac:cf:b4:84:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
        Validity
            Not Before: Jun 16 04:00:27 2025 GMT
            Not After : Jun 17 04:00:27 2025 GMT
        Subject: CN=bd56361862d12b42cfe12b88e7369a79d553c0ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3d:e9:3a:46:be:8e:8f:01:9d:3d:b5:b9:6d:
                    62:60:69:7e:c8:bc:51:7a:12:97:42:bf:f4:29:5b:
                    fb:3a:a4:eb:27:3e:94:39:75:01:17:e6:c8:6e:2b:
                    2e:15:05:78:e3:93:ec:cf:90:b6:98:32:5a:9e:c9:
                    e1:66:7e:3a:54:94:b9:f7:be:27:22:dc:88:6d:14:
                    1c:bf:e9:55:77:60:1c:66:71:f9:30:90:7b:a4:ab:
                    cd:1b:a2:c9:5b:d3:45:15:30:62:bf:2a:df:4d:06:
                    e1:59:61:a3:b7:4b:f8:22:8c:d7:44:45:35:8e:86:
                    aa:3a:d2:43:6c:fc:e4:41:06:5b:32:4a:30:8e:29:
                    5d:ee:47:48:4d:43:12:39:ad:e1:62:ed:74:9d:cd:
                    0d:38:b5:ae:3b:ff:f7:37:f6:9b:09:83:08:a1:f2:
                    78:47:23:70:ea:91:95:10:a9:da:e1:83:b5:57:74:
                    0e:a7:7f:10:1e:70:8d:ce:e7:9d:3f:e3:5d:94:25:
                    4e:68:8c:3b:d9:e7:bd:27:b6:74:2c:b7:32:22:86:
                    81:b3:b7:ba:2a:b4:d2:d4:cf:51:85:d4:c3:fa:a6:
                    14:c6:2d:d9:e2:9f:0a:71:4b:9e:3e:1a:88:7a:98:
                    55:8c:e4:da:52:8c:16:f1:94:89:62:84:24:b2:88:
                    87:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:56:36:18:62:D1:2B:42:CF:E1:2B:88:E7:36:9A:79:D5:53:C0:CE
            X509v3 Authority Key Identifier:
                keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:e6:6b:6e:ba:d0:dd:0a:aa:0d:94:e2:a0:2b:05:41:67:84:
         06:38:f8:0a:05:62:f1:55:0b:55:d6:9c:88:ae:b8:43:af:ae:
         e6:45:a1:76:8a:d6:de:27:3b:5e:55:c3:53:66:fa:e7:77:b0:
         a0:0d:45:c1:33:0d:59:80:20:82:d9:9f:99:db:f5:06:a6:da:
         b7:4b:f5:b5:cc:57:9e:49:2d:97:d2:82:e9:36:54:a0:2f:1f:
         c5:36:80:a3:39:e4:56:91:bc:72:2f:83:16:44:67:63:ee:c2:
         e7:8e:ef:6b:be:a9:23:a4:f4:4a:9e:b6:f2:c9:91:4a:ed:a4:
         11:f2:f1:03:f5:b8:a1:5c:b6:a2:a3:47:64:6f:ad:0c:6c:5a:
         d4:00:95:42:0d:8c:19:87:57:29:0c:04:66:87:d0:76:0e:71:
         36:de:1d:91:71:bb:59:73:0c:4f:af:a2:ed:c5:c2:a1:99:f7:
         7f:b5:56:2a:23:dd:19:3d:4b:23:ba:6f:a7:77:7d:03:6d:70:
         1f:f7:75:29:5d:a0:91:dc:e2:ab:eb:c1:6e:6a:33:e8:c1:17:
         89:d8:cd:58:f2:ac:b7:a2:a7:cf:8f:66:a6:80:6d:73:56:75:
         5a:0a:85:46:f1:6e:7e:4d:c4:f0:f6:c8:e3:c3:e3:86:c5:f4:
         7f:25:62:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25UggJoyrI1FAcKzPtIQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw
ZjhjZjUwHhcNMjUwNjE2MDQwMDI3WhcNMjUwNjE3MDQwMDI3WjAzMTEwLwYDVQQD
EyhiZDU2MzYxODYyZDEyYjQyY2ZlMTJiODhlNzM2OWE3OWQ1NTNjMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz3pOka+jo8BnT21uW1iYGl+yLxR
ehKXQr/0KVv7OqTrJz6UOXUBF+bIbisuFQV445Psz5C2mDJansnhZn46VJS5974n
ItyIbRQcv+lVd2AcZnH5MJB7pKvNG6LJW9NFFTBivyrfTQbhWWGjt0v4IozXREU1
joaqOtJDbPzkQQZbMkowjild7kdITUMSOa3hYu10nc0NOLWuO//3N/abCYMIofJ4
RyNw6pGVEKna4YO1V3QOp38QHnCNzuedP+NdlCVOaIw72ee9J7Z0LLcyIoaBs7e6
KrTS1M9RhdTD+qYUxi3Z4p8KcUuePhqIephVjOTaUowW8ZSJYoQksoiHvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1WNhhi0StCz+EriOc2mnnVU8DOMB8GA1UdIwQY
MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt
YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj
LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIOZrbrrQ
3QqqDZTioCsFQWeEBjj4CgVi8VULVdaciK64Q6+u5kWhdorW3ic7XlXDU2b653ew
oA1FwTMNWYAggtmfmdv1Bqbat0v1tcxXnkktl9KC6TZUoC8fxTaAoznkVpG8ci+D
FkRnY+7C547va76pI6T0Sp628smRSu2kEfLxA/W4oVy2oqNHZG+tDGxa1ACVQg2M
GYdXKQwEZofQdg5xNt4dkXG7WXMMT6+i7cXCoZn3f7VWKiPdGT1LI7pvp3d9A21w
H/d1KV2gkdziq+vBbmoz6MEXidjNWPKst6Knz49mpoBtc1Z1WgqFRvFufk3E8PbI
48PjhsX0fyViMw==
-----END CERTIFICATE-----