Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          3kDc/MLOPK/nSyy1OXtIQu/y1raFLcjh5vQi277/Dd8=
Subject key identifier:   E8:3D:4D:D5:52:88:A5:55:CB:F5:F0:E8:86:30:56:9D:F3:4F:FB:82
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019643D73546781DB4C4B660E9F5DB005639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          11F1
Signing time:             Thu 17 Apr 2025 13:01:39 +0000
Manifest this update:     Thu 17 Apr 2025 13:01:39 +0000
Manifest next update:     Fri 18 Apr 2025 13:01:39 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: 6gj2rxa/xbeNqU+hJzovMRHtNmPSk3Ue5CVmcgQ79Qo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d7:35:46:78:1d:b4:c4:b6:60:e9:f5:db:00:56:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Apr 17 13:01:39 2025 GMT
            Not After : Apr 18 13:01:39 2025 GMT
        Subject: CN=e83d4dd55288a555cbf5f0e88630569df34ffb82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:54:b9:72:24:11:02:13:b5:4f:0a:04:c1:c5:
                    53:b5:ea:ef:a5:ef:97:4d:00:53:6e:4d:0e:45:ad:
                    b7:e1:e6:03:c2:26:cd:e0:fa:d1:30:d2:20:6b:d2:
                    d0:75:8e:0c:34:38:04:52:aa:15:a7:b6:01:2f:0e:
                    c7:0d:1b:bf:39:f6:67:6c:df:96:73:d4:ed:09:0b:
                    2a:78:65:a1:6f:c3:27:b6:71:c8:00:90:81:63:9c:
                    e4:49:66:83:bd:4f:47:f4:cc:b6:a7:32:14:15:da:
                    0c:42:f5:43:c9:76:bc:3d:8e:0d:fd:df:a2:76:8e:
                    3b:ad:6e:a6:9a:2d:ea:ac:57:33:b1:58:e8:be:ca:
                    08:50:ce:1f:3b:62:6d:d3:8d:b4:62:e4:d1:1e:1e:
                    e5:30:ff:1d:32:d2:d4:71:fb:6b:da:d1:0b:44:d9:
                    fe:bf:c4:a4:7a:0d:1c:c2:4c:91:c4:81:a6:64:11:
                    21:c8:d6:60:8c:17:56:df:06:8b:f7:c0:ad:6a:3d:
                    be:16:a5:a3:7d:9a:1d:08:d9:37:fb:bd:81:07:2e:
                    9c:4a:97:a2:23:e2:44:b1:8a:75:91:11:0f:70:a7:
                    13:b0:8a:85:72:13:7c:c0:34:ad:81:26:43:bf:1b:
                    3c:37:07:43:0c:9f:65:25:86:2a:98:4a:76:10:58:
                    6d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:3D:4D:D5:52:88:A5:55:CB:F5:F0:E8:86:30:56:9D:F3:4F:FB:82
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ee:2d:01:89:3b:0e:25:d9:f4:f9:89:3e:7b:ec:0f:56:ab:
         fd:46:15:11:f6:6c:fe:67:41:db:9f:7f:73:75:01:ed:56:92:
         b2:f3:a5:4c:76:d6:34:01:23:c6:ba:a3:a8:6f:5a:04:13:08:
         97:6b:d2:5e:fe:47:31:79:06:dc:41:41:82:25:04:f8:e7:94:
         7f:72:ed:6a:a0:1c:07:4c:5c:41:d1:31:1e:af:3c:4c:c3:c6:
         ef:7d:61:7c:7f:9a:26:d3:c8:d9:e6:a1:a0:f0:28:6c:cc:c5:
         5a:ac:ed:e2:5e:be:1d:b0:48:e7:6a:30:2c:dd:4d:61:23:d2:
         87:97:c2:2d:41:9d:1d:a8:6d:29:08:21:e1:bc:27:8a:a2:92:
         75:c5:cf:27:08:24:29:7a:3d:4a:fc:e2:da:ef:1d:18:aa:db:
         43:fc:be:29:88:af:a0:ab:bd:5f:92:66:18:95:27:39:8f:00:
         84:bc:0c:11:16:5d:7f:07:6b:e2:48:36:e5:a1:86:5d:1e:e2:
         47:63:29:ca:89:cc:e0:8d:eb:92:09:a0:97:94:2f:64:0c:94:
         f9:84:8d:0f:39:7c:9c:52:29:72:77:d3:6d:e1:d5:c4:da:72:
         2b:de:5b:53:ab:fa:fb:44:3f:6e:e5:82:7b:c6:a0:99:03:73:
         cf:fc:c0:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1zVGeB20xLZg6fXbAFY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNDE3MTMwMTM5WhcNMjUwNDE4MTMwMTM5WjAzMTEwLwYDVQQD
EyhlODNkNGRkNTUyODhhNTU1Y2JmNWYwZTg4NjMwNTY5ZGYzNGZmYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFS5ciQRAhO1TwoEwcVTtervpe+X
TQBTbk0ORa234eYDwibN4PrRMNIga9LQdY4MNDgEUqoVp7YBLw7HDRu/OfZnbN+W
c9TtCQsqeGWhb8MntnHIAJCBY5zkSWaDvU9H9My2pzIUFdoMQvVDyXa8PY4N/d+i
do47rW6mmi3qrFczsVjovsoIUM4fO2Jt0420YuTRHh7lMP8dMtLUcftr2tELRNn+
v8Skeg0cwkyRxIGmZBEhyNZgjBdW3waL98Ctaj2+FqWjfZodCNk3+72BBy6cSpei
I+JEsYp1kREPcKcTsIqFchN8wDStgSZDvxs8NwdDDJ9lJYYqmEp2EFhtiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOg9TdVSiKVVy/Xw6IYwVp3zT/uCMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+4tAYk7
DiXZ9PmJPnvsD1ar/UYVEfZs/mdB259/c3UB7VaSsvOlTHbWNAEjxrqjqG9aBBMI
l2vSXv5HMXkG3EFBgiUE+OeUf3LtaqAcB0xcQdExHq88TMPG731hfH+aJtPI2eah
oPAobMzFWqzt4l6+HbBI52owLN1NYSPSh5fCLUGdHahtKQgh4bwniqKSdcXPJwgk
KXo9Svzi2u8dGKrbQ/y+KYivoKu9X5JmGJUnOY8AhLwMERZdfwdr4kg25aGGXR7i
R2MpyonM4I3rkgmgl5QvZAyU+YSNDzl8nFIpcnfTbeHVxNpyK95bU6v6+0Q/buWC
e8agmQNzz/zAXQ==
-----END CERTIFICATE-----