Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          KZfcL7StoYi2/OseT+g/sY9HKY1Bg/DsMNoRat+aB68=
Subject key identifier:   F9:15:40:54:66:29:DE:4F:F8:AB:33:5D:51:78:6D:E6:35:F6:2A:CF
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019921B245CBF31021904BD6E2AB81793733
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          136D
Signing time:             Sun 07 Sep 2025 01:02:35 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:35 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:35 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: wJvzPeJardtXxHhzarKOl8C8gBBM9LYdaS5T2tIG/p8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:45:cb:f3:10:21:90:4b:d6:e2:ab:81:79:37:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Sep  7 01:02:35 2025 GMT
            Not After : Sep  8 01:02:35 2025 GMT
        Subject: CN=f91540546629de4ff8ab335d51786de635f62acf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b4:5d:43:da:2f:6e:18:76:0c:01:af:29:46:
                    cf:90:52:99:86:8b:c4:2c:e8:01:fa:48:cb:64:9c:
                    26:d2:80:ef:14:59:02:ce:67:ba:79:78:60:7b:37:
                    45:52:43:6c:d5:f8:af:ad:5d:ed:e6:6b:9e:2f:38:
                    52:e0:98:b1:3b:ba:ef:26:4d:6f:87:7a:67:8b:c8:
                    ce:18:be:60:06:ec:d6:43:9d:30:af:c1:aa:7f:e2:
                    e9:53:4b:44:95:39:5d:66:68:5d:df:3f:63:ab:99:
                    ce:b5:a8:db:fb:e5:7b:ab:53:a2:6c:92:a0:dd:97:
                    19:e9:6f:79:c4:b4:c2:bf:50:06:ce:be:ef:7d:97:
                    f9:f1:47:02:6f:ec:41:ee:1f:9c:7a:a6:a1:50:75:
                    3c:24:21:cb:03:bd:4d:b0:1d:d9:69:43:29:04:79:
                    34:4d:69:d7:90:8e:38:2c:7b:90:0b:31:f0:fb:98:
                    a7:38:a7:bd:56:79:ff:d6:14:a0:ca:68:ff:cf:b3:
                    64:62:f0:18:03:d5:02:ec:2f:22:9c:d5:be:7b:20:
                    ca:d1:40:4a:07:11:a0:5a:f6:f6:b4:32:7f:09:8f:
                    ad:0f:a4:c1:c2:2c:b4:05:02:88:6a:e2:be:a8:b2:
                    9e:db:8d:78:11:60:77:16:7e:f5:bf:03:db:1a:28:
                    9e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:15:40:54:66:29:DE:4F:F8:AB:33:5D:51:78:6D:E6:35:F6:2A:CF
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:aa:96:cd:8d:f4:4d:7d:e4:3a:bf:7d:7f:df:78:2f:1c:d3:
         43:ab:22:8b:f3:f4:53:af:3b:f4:ec:04:60:ab:b9:e8:17:b6:
         39:75:b4:8f:0b:17:7e:73:59:55:c4:6d:23:5d:84:bb:52:0b:
         34:c9:c9:30:65:f0:2a:9a:04:e5:5f:bf:74:d1:20:5f:5e:01:
         dd:1f:81:e7:50:f7:81:5a:7e:a9:71:ee:4b:3f:78:d2:d1:61:
         dd:b3:f8:47:40:7c:fd:a0:1b:7e:ea:22:9c:e3:c3:27:cc:51:
         30:6e:a6:09:f1:d6:1c:14:85:22:c0:60:db:73:48:90:4e:4f:
         15:9e:37:05:fa:6d:c9:14:8d:91:3e:d0:86:3d:39:2c:1d:ee:
         db:c7:d2:19:2e:e6:ef:73:43:73:84:f6:e4:e0:82:c7:44:35:
         c7:36:b5:2d:87:ac:c9:b6:ce:42:53:74:45:9f:87:18:88:bf:
         ad:55:bc:3c:b6:3f:2a:6b:1b:33:f9:03:46:4c:ca:c5:0d:8d:
         05:42:3e:40:9f:4c:f0:21:2a:a4:3b:8e:43:99:5c:6c:a4:42:
         5d:4d:56:b3:d8:17:68:7c:c3:7e:28:82:be:b2:12:c5:dc:56:
         b6:fe:98:58:cd:0f:07:68:11:93:97:af:36:96:79:10:37:74:
         38:31:9f:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhskXL8xAhkEvW4quBeTczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwOTA3MDEwMjM1WhcNMjUwOTA4MDEwMjM1WjAzMTEwLwYDVQQD
EyhmOTE1NDA1NDY2MjlkZTRmZjhhYjMzNWQ1MTc4NmRlNjM1ZjYyYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbRdQ9ovbhh2DAGvKUbPkFKZhovE
LOgB+kjLZJwm0oDvFFkCzme6eXhgezdFUkNs1fivrV3t5mueLzhS4JixO7rvJk1v
h3pni8jOGL5gBuzWQ50wr8Gqf+LpU0tElTldZmhd3z9jq5nOtajb++V7q1OibJKg
3ZcZ6W95xLTCv1AGzr7vfZf58UcCb+xB7h+ceqahUHU8JCHLA71NsB3ZaUMpBHk0
TWnXkI44LHuQCzHw+5inOKe9Vnn/1hSgymj/z7NkYvAYA9UC7C8inNW+eyDK0UBK
BxGgWvb2tDJ/CY+tD6TBwiy0BQKIauK+qLKe2414EWB3Fn71vwPbGiieLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkVQFRmKd5P+KszXVF4beY19irPMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6qWzY30
TX3kOr99f994LxzTQ6sii/P0U6879OwEYKu56Be2OXW0jwsXfnNZVcRtI12Eu1IL
NMnJMGXwKpoE5V+/dNEgX14B3R+B51D3gVp+qXHuSz940tFh3bP4R0B8/aAbfuoi
nOPDJ8xRMG6mCfHWHBSFIsBg23NIkE5PFZ43BfptyRSNkT7Qhj05LB3u28fSGS7m
73NDc4T25OCCx0Q1xza1LYesybbOQlN0RZ+HGIi/rVW8PLY/KmsbM/kDRkzKxQ2N
BUI+QJ9M8CEqpDuOQ5lcbKRCXU1Ws9gXaHzDfiiCvrISxdxWtv6YWM0PB2gRk5ev
NpZ5EDd0ODGfaw==
-----END CERTIFICATE-----