Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          UkoLYhAb+6sCtgfq33PVcpg/S8VsvQBjTl8TtGV8CMY=
Subject key identifier:   D2:FD:4E:13:2C:4E:EA:2D:73:E6:80:A6:FF:8B:D3:38:FB:1E:B8:43
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019A4EF5771018ED5A5CD270454C1CECB4E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          1409
Signing time:             Tue 04 Nov 2025 13:01:40 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:40 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:40 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: EeazpUy6YxREjVjojzXIypr5yZn0ZR2h2l8F4eT1LdY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:77:10:18:ed:5a:5c:d2:70:45:4c:1c:ec:b4:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Nov  4 13:01:40 2025 GMT
            Not After : Nov  5 13:01:40 2025 GMT
        Subject: CN=d2fd4e132c4eea2d73e680a6ff8bd338fb1eb843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b7:f0:f4:06:80:e6:9b:9b:aa:95:4b:64:56:
                    22:51:3b:0b:d6:54:b9:dd:af:91:47:5f:81:b4:13:
                    1e:79:e6:5c:0d:a1:2e:b5:b6:86:0a:a6:d7:99:9c:
                    1e:0f:c0:f0:89:60:e9:cc:33:87:3f:fe:79:0a:34:
                    51:52:8b:91:5b:40:4c:77:d8:75:35:53:b5:38:85:
                    d5:24:4b:6f:e3:0e:8b:73:0b:5f:7d:84:97:d5:f1:
                    17:b6:57:25:01:78:d2:57:3c:fe:c9:0a:e5:1e:4f:
                    42:d5:78:b6:f6:72:1e:bf:30:37:31:53:04:40:e8:
                    8d:77:13:fe:8c:d9:cd:db:68:03:a9:0c:d0:28:52:
                    8a:08:83:51:e3:0d:4c:69:9c:bc:e0:e5:69:5c:83:
                    de:1c:4e:39:f7:fa:b5:1f:d9:ce:32:c9:b9:96:86:
                    d8:75:11:a4:a7:ac:0e:b1:45:94:44:83:b4:be:04:
                    da:25:da:91:b8:f5:5f:05:23:65:46:c6:94:68:29:
                    db:d0:56:5d:f7:aa:ad:58:93:72:85:db:39:ac:98:
                    ea:9f:46:7c:8c:89:da:13:48:30:cd:44:18:12:97:
                    ef:4f:96:25:93:3a:44:bf:d1:9a:ed:f7:22:8d:95:
                    44:88:42:90:43:a6:4b:2f:7b:89:77:53:88:81:b6:
                    34:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:FD:4E:13:2C:4E:EA:2D:73:E6:80:A6:FF:8B:D3:38:FB:1E:B8:43
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:77:d4:3d:48:85:f3:31:97:56:27:a7:f7:45:7c:26:b1:3e:
         cc:7e:9a:0e:94:78:1d:8e:51:22:97:13:f9:cf:69:7d:98:e3:
         76:4e:25:3e:38:8e:71:d5:b6:c1:aa:e8:1b:41:17:d9:20:f9:
         5c:f8:33:a5:c9:2b:30:58:49:9f:62:82:92:57:84:97:d6:6a:
         78:64:fc:af:8f:2c:6d:9e:a5:6a:d3:e3:6d:c9:11:48:19:2b:
         e6:d9:bc:ce:48:ae:f1:64:d2:bd:88:62:94:c6:65:da:96:9d:
         17:be:ea:25:75:ac:34:2a:54:66:9d:8f:30:03:db:90:a8:a8:
         b8:d9:56:71:9a:4b:99:97:94:19:4a:44:29:a8:c8:5d:af:d3:
         15:a2:56:e0:2f:10:e2:cc:6c:e5:1b:0c:d3:ee:d2:b7:0a:73:
         e5:9f:ba:80:10:95:34:fb:4d:cb:e7:fb:47:13:9a:f4:1a:eb:
         06:79:b7:e9:80:e7:73:63:30:34:e3:55:61:29:f8:56:28:b9:
         bc:f1:af:42:e4:03:6a:39:5f:a9:c7:fb:60:e5:ab:4a:37:53:
         f1:0d:47:15:1d:ef:c5:c2:a3:32:11:cc:60:97:f3:06:4e:2b:
         2d:ee:02:66:79:7d:65:c4:43:22:41:b0:a4:f8:53:59:8c:45:
         0f:e8:ed:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9XcQGO1aXNJwRUwc7LTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUxMTA0MTMwMTQwWhcNMjUxMTA1MTMwMTQwWjAzMTEwLwYDVQQD
EyhkMmZkNGUxMzJjNGVlYTJkNzNlNjgwYTZmZjhiZDMzOGZiMWViODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurfw9AaA5pubqpVLZFYiUTsL1lS5
3a+RR1+BtBMeeeZcDaEutbaGCqbXmZweD8DwiWDpzDOHP/55CjRRUouRW0BMd9h1
NVO1OIXVJEtv4w6LcwtffYSX1fEXtlclAXjSVzz+yQrlHk9C1Xi29nIevzA3MVME
QOiNdxP+jNnN22gDqQzQKFKKCINR4w1MaZy84OVpXIPeHE459/q1H9nOMsm5lobY
dRGkp6wOsUWURIO0vgTaJdqRuPVfBSNlRsaUaCnb0FZd96qtWJNyhds5rJjqn0Z8
jInaE0gwzUQYEpfvT5YlkzpEv9Ga7fcijZVEiEKQQ6ZLL3uJd1OIgbY0ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNL9ThMsTuotc+aApv+L0zj7HrhDMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXfUPUiF
8zGXVien90V8JrE+zH6aDpR4HY5RIpcT+c9pfZjjdk4lPjiOcdW2waroG0EX2SD5
XPgzpckrMFhJn2KCkleEl9ZqeGT8r48sbZ6latPjbckRSBkr5tm8zkiu8WTSvYhi
lMZl2padF77qJXWsNCpUZp2PMAPbkKiouNlWcZpLmZeUGUpEKajIXa/TFaJW4C8Q
4sxs5RsM0+7Stwpz5Z+6gBCVNPtNy+f7RxOa9BrrBnm36YDnc2MwNONVYSn4Vii5
vPGvQuQDajlfqcf7YOWrSjdT8Q1HFR3vxcKjMhHMYJfzBk4rLe4CZnl9ZcRDIkGw
pPhTWYxFD+jtUg==
-----END CERTIFICATE-----