Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          CUcFrVlgxORZTPVseCkUtP2HyEPy3AVDtyIYHIz9aFo=
Subject key identifier:   37:7B:0A:9B:7F:54:4B:52:CF:63:29:A8:45:79:55:10:81:42:7A:EE
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019A71B91755713DB958A17DDD2AECC5929B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          141B
Signing time:             Tue 11 Nov 2025 07:02:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:26 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: H3+I7I1nZ/3AQovkHF9P0UgdKyu6f/I9866afZZb6I4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:17:55:71:3d:b9:58:a1:7d:dd:2a:ec:c5:92:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Nov 11 07:02:26 2025 GMT
            Not After : Nov 12 07:02:26 2025 GMT
        Subject: CN=377b0a9b7f544b52cf6329a84579551081427aee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:38:e1:0f:57:fe:b2:cf:e2:43:d4:59:69:df:
                    d8:6a:ba:62:08:7f:17:09:dc:0b:f9:76:13:f3:10:
                    7a:c3:db:ab:8c:8d:18:ee:03:60:0f:b6:58:ae:ca:
                    1c:58:7e:6e:37:83:fc:5a:60:40:48:a4:4d:a4:f0:
                    4a:06:fd:54:01:88:fd:cc:15:d6:31:04:ee:22:4e:
                    d2:fd:c7:47:c1:e8:15:01:54:63:e1:85:35:01:0f:
                    56:88:22:84:fe:cf:2f:80:3c:21:c4:08:50:9f:72:
                    25:a3:34:f6:1e:11:8c:f3:c4:d1:d5:6f:ae:f0:b4:
                    ad:19:2a:c4:2b:73:2b:d6:d9:82:71:ea:91:d8:ab:
                    9c:54:ac:be:b0:73:ff:12:95:cd:7d:e7:d1:c4:86:
                    02:e3:bb:6d:37:d1:2c:13:06:c8:eb:5c:2d:88:36:
                    28:05:99:36:d1:f7:52:c8:10:44:18:1d:9a:48:24:
                    93:c0:0a:5b:21:3a:62:4c:d6:f0:8f:fe:98:28:6b:
                    cf:f5:b1:1d:0e:0a:cd:f3:b5:ca:bc:e3:45:5b:7d:
                    0d:0e:92:42:09:16:e1:9d:8d:9f:f4:2c:7e:fc:ce:
                    7c:2a:3f:d0:81:5b:b9:9a:1d:ce:7f:99:28:32:c3:
                    0e:c6:16:dd:f1:3e:ff:1d:aa:75:55:77:86:6f:a3:
                    d5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:7B:0A:9B:7F:54:4B:52:CF:63:29:A8:45:79:55:10:81:42:7A:EE
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:77:ab:9d:0e:50:51:fc:22:8a:e9:aa:fb:ae:bd:56:6e:06:
         67:42:ed:fa:9d:61:1e:8a:7c:49:7c:a3:a8:f6:76:e9:1f:97:
         2c:9d:39:7e:fc:64:80:be:34:2f:f0:41:d3:d4:9a:b9:fd:91:
         ce:0a:f7:5e:a6:13:d3:f0:cb:13:75:47:70:e9:c1:bf:26:90:
         05:ff:72:c0:6f:97:44:f2:b8:f1:2e:9a:29:59:d6:80:40:82:
         48:75:09:ae:16:53:e5:3c:c3:79:dd:44:12:c8:ed:1e:d1:93:
         f7:4f:18:1d:02:64:40:f6:7a:76:78:b4:fe:09:99:fe:cd:24:
         ea:98:ff:5e:86:5d:9d:97:1d:ce:c7:83:5a:56:4b:68:b8:8b:
         24:ed:45:af:e8:c8:c2:fe:fa:b1:e7:ad:4b:6f:1e:54:d3:ad:
         56:38:f8:2e:57:c9:60:04:62:06:42:71:9c:c0:12:48:0f:cf:
         a9:5c:f3:36:38:0a:44:81:ac:5e:9c:2c:9a:93:a3:95:2b:c9:
         7e:58:b1:7c:09:9f:30:92:3f:eb:06:db:b3:98:d3:72:78:e4:
         2a:24:8c:a2:9e:5c:d6:86:61:50:42:d8:44:28:3b:d5:29:cf:
         ca:b6:fc:65:84:5b:17:56:b6:4b:22:bf:22:6d:05:e2:da:64:
         77:2a:2f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRdVcT25WKF93SrsxZKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUxMTExMDcwMjI2WhcNMjUxMTEyMDcwMjI2WjAzMTEwLwYDVQQD
EygzNzdiMGE5YjdmNTQ0YjUyY2Y2MzI5YTg0NTc5NTUxMDgxNDI3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDjhD1f+ss/iQ9RZad/YarpiCH8X
CdwL+XYT8xB6w9urjI0Y7gNgD7ZYrsocWH5uN4P8WmBASKRNpPBKBv1UAYj9zBXW
MQTuIk7S/cdHwegVAVRj4YU1AQ9WiCKE/s8vgDwhxAhQn3IlozT2HhGM88TR1W+u
8LStGSrEK3Mr1tmCceqR2KucVKy+sHP/EpXNfefRxIYC47ttN9EsEwbI61wtiDYo
BZk20fdSyBBEGB2aSCSTwApbITpiTNbwj/6YKGvP9bEdDgrN87XKvONFW30NDpJC
CRbhnY2f9Cx+/M58Kj/QgVu5mh3Of5koMsMOxhbd8T7/Hap1VXeGb6PVZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDd7Cpt/VEtSz2MpqEV5VRCBQnruMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHernQ5Q
Ufwiiumq+669Vm4GZ0Lt+p1hHop8SXyjqPZ26R+XLJ05fvxkgL40L/BB09Sauf2R
zgr3XqYT0/DLE3VHcOnBvyaQBf9ywG+XRPK48S6aKVnWgECCSHUJrhZT5TzDed1E
EsjtHtGT908YHQJkQPZ6dni0/gmZ/s0k6pj/XoZdnZcdzseDWlZLaLiLJO1Fr+jI
wv76seetS28eVNOtVjj4LlfJYARiBkJxnMASSA/PqVzzNjgKRIGsXpwsmpOjlSvJ
flixfAmfMJI/6wbbs5jTcnjkKiSMop5c1oZhUELYRCg71SnPyrb8ZYRbF1a2SyK/
Im0F4tpkdyovIw==
-----END CERTIFICATE-----