Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          O+LWISDBNQKsJspM+97O2s8qCM2ZltKWZnjiaFvZO3s=
Subject key identifier:   5E:91:82:39:F6:46:69:7E:DA:CE:A7:20:85:57:1E:C0:A5:B7:8F:4F
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       01976D3D8319EB1EF396439E8127A4654FEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          128B
Signing time:             Sat 14 Jun 2025 07:00:37 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:37 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:37 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: Da29EHtjcNLp33RhCo/TYG7hmW97sQ8bWlnKrd0Yg9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:83:19:eb:1e:f3:96:43:9e:81:27:a4:65:4f:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Jun 14 07:00:37 2025 GMT
            Not After : Jun 15 07:00:37 2025 GMT
        Subject: CN=5e918239f646697edacea72085571ec0a5b78f4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3d:2f:6f:d4:3f:9e:94:2f:d1:ef:b1:ce:03:
                    33:a8:09:57:a5:09:6a:94:df:59:65:0a:ea:36:68:
                    d1:ac:e8:1f:d8:8b:b0:00:c8:4f:d8:1f:63:f4:d5:
                    20:99:c6:78:2b:e3:bd:c6:95:71:9a:3d:81:ac:aa:
                    98:86:f0:3f:f9:38:70:e1:5a:66:cd:23:5c:5c:1e:
                    23:5f:c2:35:30:6d:45:74:31:8f:b7:4f:18:d8:f8:
                    db:f7:62:2f:f9:80:19:74:9d:be:8f:86:3b:a8:24:
                    21:88:a5:f0:3f:03:2e:1b:e6:4c:8f:f8:cf:5f:c4:
                    af:3f:a4:dd:5b:3e:ab:d6:9b:0d:f4:2c:83:66:6b:
                    f0:ec:b1:42:57:3e:9e:71:c5:86:66:01:82:91:83:
                    d5:50:6f:5c:f0:3d:9d:19:24:ca:b6:e6:51:5d:24:
                    40:2c:0c:69:0b:7a:4f:d4:24:81:76:5f:ab:f1:cd:
                    05:f5:5b:63:a4:fb:05:3f:10:53:e6:62:df:f1:49:
                    35:12:e6:48:40:e9:27:8f:44:26:97:9d:3f:f9:30:
                    51:3e:4d:9a:33:83:ad:56:57:1c:0e:71:6f:e4:8f:
                    a4:20:07:b5:09:1c:8b:9c:85:8f:4a:08:9e:ff:19:
                    8c:7d:7f:db:a0:97:6c:4b:01:97:9c:c5:cd:e5:b1:
                    00:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:91:82:39:F6:46:69:7E:DA:CE:A7:20:85:57:1E:C0:A5:B7:8F:4F
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:29:96:df:c4:47:81:2b:f2:bf:10:66:6e:16:67:2e:01:25:
         b4:95:91:2c:a2:3c:51:da:be:5d:ae:ba:a9:8b:98:b1:5a:a2:
         f0:b9:52:6b:53:7c:6a:ef:e7:16:91:1d:3d:8c:3f:33:9b:67:
         09:44:89:da:81:66:6f:7a:aa:f2:08:4f:5c:dd:5f:bb:d1:df:
         f7:23:8a:14:eb:cd:7f:ba:8f:29:42:39:a6:b0:b7:7e:72:58:
         59:f2:6f:e5:87:d4:49:4e:d3:9e:0f:f2:41:63:e1:6b:3b:e5:
         ef:a6:44:e1:33:a3:48:53:27:02:6f:9c:3d:d8:5b:c0:b7:16:
         2b:49:73:f3:8d:88:25:d8:3f:fd:2f:75:af:99:35:6f:4a:19:
         b9:5a:0d:2d:b6:89:94:2b:12:85:b9:79:20:7c:8e:e4:5d:7d:
         fa:2e:46:33:0d:83:81:83:8f:fe:3f:79:b8:17:c9:13:c6:41:
         c2:e3:96:48:55:8b:40:a1:6c:c4:9a:0c:64:c6:a0:0e:f9:44:
         57:02:0c:6c:f2:ff:01:af:ab:21:db:d2:76:e9:82:18:33:8c:
         27:7b:b6:ae:64:73:d7:09:73:e3:22:fa:62:7b:3e:6c:97:e7:
         6f:ae:e4:98:7e:67:cf:bf:31:c9:ea:0b:16:63:e5:a8:98:b9:
         59:74:22:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPYMZ6x7zlkOegSekZU/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNjE0MDcwMDM3WhcNMjUwNjE1MDcwMDM3WjAzMTEwLwYDVQQD
Eyg1ZTkxODIzOWY2NDY2OTdlZGFjZWE3MjA4NTU3MWVjMGE1Yjc4ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT0vb9Q/npQv0e+xzgMzqAlXpQlq
lN9ZZQrqNmjRrOgf2IuwAMhP2B9j9NUgmcZ4K+O9xpVxmj2BrKqYhvA/+Thw4Vpm
zSNcXB4jX8I1MG1FdDGPt08Y2Pjb92Iv+YAZdJ2+j4Y7qCQhiKXwPwMuG+ZMj/jP
X8SvP6TdWz6r1psN9CyDZmvw7LFCVz6eccWGZgGCkYPVUG9c8D2dGSTKtuZRXSRA
LAxpC3pP1CSBdl+r8c0F9VtjpPsFPxBT5mLf8Uk1EuZIQOknj0Qml50/+TBRPk2a
M4OtVlccDnFv5I+kIAe1CRyLnIWPSgie/xmMfX/boJdsSwGXnMXN5bEAMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6Rgjn2Rml+2s6nIIVXHsClt49PMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCmW38RH
gSvyvxBmbhZnLgEltJWRLKI8Udq+Xa66qYuYsVqi8LlSa1N8au/nFpEdPYw/M5tn
CUSJ2oFmb3qq8ghPXN1fu9Hf9yOKFOvNf7qPKUI5prC3fnJYWfJv5YfUSU7Tng/y
QWPhazvl76ZE4TOjSFMnAm+cPdhbwLcWK0lz842IJdg//S91r5k1b0oZuVoNLbaJ
lCsShbl5IHyO5F19+i5GMw2DgYOP/j95uBfJE8ZBwuOWSFWLQKFsxJoMZMagDvlE
VwIMbPL/Aa+rIdvSdumCGDOMJ3u2rmRz1wlz4yL6Yns+bJfnb67kmH5nz78xyeoL
FmPlqJi5WXQiFg==
-----END CERTIFICATE-----