Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
File:                     sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft (raw, json)
Hash identifier:          BO1zfztOoAYXFsIgLZ5nFHnp8RPdqcz9wHZPGksViz8=
Subject key identifier:   11:2D:94:1B:BC:9E:86:0E:2F:7F:C7:98:5F:CD:7F:B5:D7:89:B9:B4
Authority key identifier: B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B
Certificate issuer:       /CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
Certificate serial:       019847ADCA4D792C0045E572D27D8A91E9DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
Manifest number:          029E
Signing time:             Sat 26 Jul 2025 17:00:28 +0000
Manifest this update:     Sat 26 Jul 2025 17:00:28 +0000
Manifest next update:     Sun 27 Jul 2025 17:00:28 +0000
Files and hashes:         1: sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl (hash: l3DriEHI4Pt8moVBgagVbuOsKmNQ+anz4kACevnAwrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:ad:ca:4d:79:2c:00:45:e5:72:d2:7d:8a:91:e9:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
        Validity
            Not Before: Jul 26 17:00:28 2025 GMT
            Not After : Jul 27 17:00:28 2025 GMT
        Subject: CN=112d941bbc9e860e2f7fc7985fcd7fb5d789b9b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:24:0a:4d:f3:64:bb:82:b7:d0:56:ec:22:c5:
                    70:f1:55:39:e5:a5:91:49:4b:a7:1f:9a:75:40:93:
                    4e:64:23:df:22:ef:56:9e:34:ca:bf:43:3d:ee:cd:
                    05:55:c9:ee:3d:cf:3a:4e:98:73:31:c0:7c:f0:6f:
                    9a:c9:02:11:5d:0b:86:f2:58:58:be:69:2e:3e:53:
                    49:2d:40:67:86:eb:8e:ff:40:3c:e7:af:52:b8:18:
                    da:2e:16:58:90:6c:82:bc:bb:fa:f6:d0:3c:f6:e3:
                    13:db:dd:f9:74:45:4f:16:3f:af:d5:34:01:28:13:
                    cf:8a:cc:1c:76:63:a0:57:b1:aa:10:fd:c0:32:56:
                    11:42:65:59:00:5b:c0:40:f4:2f:38:40:fc:39:b4:
                    e7:36:4e:47:a7:ae:66:2f:1c:29:13:4f:4a:c0:10:
                    95:ab:87:07:94:d4:c3:60:89:7c:0d:b9:0d:0c:7a:
                    59:b4:95:96:cf:8d:4a:0c:2c:bb:91:03:80:13:0a:
                    34:70:85:18:e9:b9:16:92:60:fd:5a:ad:8d:d0:98:
                    af:f7:27:65:2b:1c:15:da:d6:de:90:33:e1:a5:f4:
                    23:ba:64:cb:26:cc:82:16:d4:ec:3a:96:d7:8d:22:
                    74:9b:2c:4d:54:9a:78:b7:b8:4a:a2:8e:38:bf:71:
                    d5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2D:94:1B:BC:9E:86:0E:2F:7F:C7:98:5F:CD:7F:B5:D7:89:B9:B4
            X509v3 Authority Key Identifier:
                keyid:B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:52:48:e2:0c:23:6c:99:2e:a6:75:fa:5d:de:90:ea:86:c7:
         c8:30:55:43:15:4f:87:79:6d:b8:95:63:2f:91:fe:24:06:40:
         dc:90:f4:9b:71:a1:70:b9:d7:6f:fc:a8:32:ff:43:27:e1:67:
         6a:57:14:63:27:b3:bb:41:75:a0:3d:d3:78:ba:7d:00:10:d3:
         fd:73:03:5e:14:e0:ba:be:7e:b9:54:6c:4b:8f:39:3b:75:34:
         67:47:2b:a7:1d:e8:9c:50:96:e9:be:64:51:67:a4:ae:08:35:
         e8:97:5e:cf:43:91:33:a4:b3:14:43:84:d1:84:0b:e5:45:22:
         b5:a9:94:73:60:51:79:d7:47:c9:30:da:ef:f1:37:53:a2:83:
         b6:86:b1:ec:5c:e7:cb:eb:95:cd:10:e9:a6:01:3f:3a:32:95:
         5a:92:16:6a:e7:18:01:02:9b:a6:a7:06:12:b5:53:da:24:5d:
         81:d7:46:14:52:fb:3b:a6:9a:bc:79:c2:f6:0e:4d:92:96:d9:
         1f:4b:b6:1e:fa:18:13:75:78:6e:38:a0:29:5a:3e:83:8b:b7:
         1e:a3:aa:ad:7d:75:58:2e:1a:03:13:41:5a:f5:03:ec:68:8e:
         fb:9e:65:29:4a:3c:eb:6c:b7:b8:0b:79:60:5b:af:a1:65:8e:
         72:86:9e:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHrcpNeSwAReVy0n2KkendMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTg1MzcxZTkyZjM5YTJiZTQyNDc2MGIwNGU0N2FkOWRh
M2VkM2IwHhcNMjUwNzI2MTcwMDI4WhcNMjUwNzI3MTcwMDI4WjAzMTEwLwYDVQQD
EygxMTJkOTQxYmJjOWU4NjBlMmY3ZmM3OTg1ZmNkN2ZiNWQ3ODliOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyQKTfNku4K30FbsIsVw8VU55aWR
SUunH5p1QJNOZCPfIu9WnjTKv0M97s0FVcnuPc86TphzMcB88G+ayQIRXQuG8lhY
vmkuPlNJLUBnhuuO/0A8569SuBjaLhZYkGyCvLv69tA89uMT2935dEVPFj+v1TQB
KBPPiswcdmOgV7GqEP3AMlYRQmVZAFvAQPQvOED8ObTnNk5Hp65mLxwpE09KwBCV
q4cHlNTDYIl8DbkNDHpZtJWWz41KDCy7kQOAEwo0cIUY6bkWkmD9Wq2N0Jiv9ydl
KxwV2tbekDPhpfQjumTLJsyCFtTsOpbXjSJ0myxNVJp4t7hKoo44v3HVVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEtlBu8noYOL3/HmF/Nf7XXibm0MB8GA1UdIwQY
MBaAFLKoU3HpLzmivkJHYLBOR62do+07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMt
OWFiZTRlNmMyYmUxLzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMtOWFiZTRlNmMyYmUx
LzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYFJI4gwj
bJkupnX6Xd6Q6obHyDBVQxVPh3ltuJVjL5H+JAZA3JD0m3GhcLnXb/yoMv9DJ+Fn
alcUYyezu0F1oD3TeLp9ABDT/XMDXhTgur5+uVRsS485O3U0Z0crpx3onFCW6b5k
UWekrgg16Jdez0ORM6SzFEOE0YQL5UUitamUc2BReddHyTDa7/E3U6KDtoax7Fzn
y+uVzRDppgE/OjKVWpIWaucYAQKbpqcGErVT2iRdgddGFFL7O6aavHnC9g5NkpbZ
H0u2HvoYE3V4bjigKVo+g4u3HqOqrX11WC4aAxNBWvUD7GiO+55lKUo862y3uAt5
YFuvoWWOcoaefg==
-----END CERTIFICATE-----