Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          kO6+SqVb/HqDTb3rx/RkdEuYmdzB/am8XOH8z0owJ3Y=
Subject key identifier:   EE:4F:C4:81:1E:36:B1:D0:2B:94:D3:F5:CD:A9:A3:60:98:70:EF:C6
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       0197488C4F8A640B711765B30F77C549F101
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          1278
Signing time:             Sat 07 Jun 2025 04:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:44 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: mNyMkHtt3HsWN5HeN6pNoZtG4gy7F4SWKrpCzu3eQnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:4f:8a:64:0b:71:17:65:b3:0f:77:c5:49:f1:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Jun  7 04:00:44 2025 GMT
            Not After : Jun  8 04:00:44 2025 GMT
        Subject: CN=ee4fc4811e36b1d02b94d3f5cda9a3609870efc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:41:c5:d0:9f:4c:7c:55:ac:84:fe:4e:09:29:
                    7f:98:d1:25:ae:5b:46:70:8a:c8:00:f1:18:69:13:
                    d2:ce:c6:67:83:55:69:ed:f3:ff:f0:fa:32:a7:51:
                    b1:90:cf:d9:af:13:cf:6a:2b:cf:f5:6d:fe:34:bb:
                    38:fb:3a:39:e9:11:d8:b0:fb:06:3a:67:54:ca:3a:
                    45:71:d2:20:09:2b:28:3a:e4:18:e8:1a:d6:97:7a:
                    67:dd:ac:fb:71:99:c0:a6:3d:e8:6b:72:aa:66:d2:
                    65:93:fa:a5:8f:9c:e0:37:70:2d:14:0b:99:16:52:
                    02:1c:a2:05:74:1a:e4:79:1d:8b:d4:08:7b:7e:15:
                    15:5a:11:2c:b7:41:4b:ee:d1:8d:d3:da:30:6f:e7:
                    61:74:0e:17:c5:f6:5b:94:7f:fa:57:bd:4c:e1:0f:
                    7c:6e:ed:f2:16:9c:88:88:34:46:ed:55:85:b6:5f:
                    b2:c2:27:2e:1a:43:02:02:3a:49:15:5e:af:88:d4:
                    b8:f0:ef:3f:e3:d9:08:63:21:a1:d4:c0:1e:eb:97:
                    24:2c:33:95:f9:e1:f0:08:a8:68:06:8e:37:f2:33:
                    ee:d9:58:a7:36:ee:7c:92:b2:96:e9:f0:8c:82:5b:
                    0b:0d:31:2f:3c:cb:7c:45:d0:04:e8:9f:63:00:23:
                    ed:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:4F:C4:81:1E:36:B1:D0:2B:94:D3:F5:CD:A9:A3:60:98:70:EF:C6
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:8f:0e:fe:05:6f:61:60:5a:c6:40:1b:b0:6f:a5:db:0d:05:
         37:b0:25:ba:70:31:67:e9:55:51:7e:e3:11:59:33:3c:cc:5e:
         80:02:a5:30:52:4f:fb:4b:95:19:94:e1:77:48:d5:fc:28:57:
         25:28:e2:ce:96:67:11:6c:46:a2:05:8e:60:f5:2a:5a:77:3f:
         d3:98:e4:3e:d5:8f:4a:7e:00:a5:e7:d6:6b:1b:a2:5f:1e:24:
         75:83:89:27:a4:6c:2d:3c:14:28:98:30:11:68:47:58:de:eb:
         da:d1:6c:1e:5a:9f:e5:3d:d8:39:86:23:99:c1:18:8a:70:bb:
         f8:16:b1:69:d2:f9:96:9a:22:38:07:7e:0d:1e:f6:72:36:10:
         e7:4b:4e:e3:ce:5f:ec:89:3b:bf:61:5b:c9:20:33:df:e8:55:
         09:8a:19:49:a8:53:6d:ce:a0:dd:de:f3:5d:30:ec:9c:aa:a8:
         64:dd:52:40:c1:ee:ab:e9:f5:a6:47:4a:b3:fd:ef:8b:3d:36:
         da:d1:1e:48:64:b3:03:c7:2b:7c:42:3d:f8:96:70:cc:43:3b:
         6c:6f:31:38:43:23:62:02:f8:75:10:5d:48:9e:94:ef:e5:c1:
         6a:ee:8b:af:89:6c:e6:bd:9f:b5:39:5b:00:22:d5:7c:c9:8a:
         0d:e7:a6:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjE+KZAtxF2WzD3fFSfEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNjA3MDQwMDQ0WhcNMjUwNjA4MDQwMDQ0WjAzMTEwLwYDVQQD
EyhlZTRmYzQ4MTFlMzZiMWQwMmI5NGQzZjVjZGE5YTM2MDk4NzBlZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEHF0J9MfFWshP5OCSl/mNElrltG
cIrIAPEYaRPSzsZng1Vp7fP/8Poyp1GxkM/ZrxPPaivP9W3+NLs4+zo56RHYsPsG
OmdUyjpFcdIgCSsoOuQY6BrWl3pn3az7cZnApj3oa3KqZtJlk/qlj5zgN3AtFAuZ
FlICHKIFdBrkeR2L1Ah7fhUVWhEst0FL7tGN09owb+dhdA4XxfZblH/6V71M4Q98
bu3yFpyIiDRG7VWFtl+ywicuGkMCAjpJFV6viNS48O8/49kIYyGh1MAe65ckLDOV
+eHwCKhoBo438jPu2VinNu58krKW6fCMglsLDTEvPMt8RdAE6J9jACPtDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5PxIEeNrHQK5TT9c2po2CYcO/GMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEY8O/gVv
YWBaxkAbsG+l2w0FN7AlunAxZ+lVUX7jEVkzPMxegAKlMFJP+0uVGZThd0jV/ChX
JSjizpZnEWxGogWOYPUqWnc/05jkPtWPSn4ApefWaxuiXx4kdYOJJ6RsLTwUKJgw
EWhHWN7r2tFsHlqf5T3YOYYjmcEYinC7+BaxadL5lpoiOAd+DR72cjYQ50tO485f
7Ik7v2FbySAz3+hVCYoZSahTbc6g3d7zXTDsnKqoZN1SQMHuq+n1pkdKs/3viz02
2tEeSGSzA8crfEI9+JZwzEM7bG8xOEMjYgL4dRBdSJ6U7+XBau6Lr4ls5r2ftTlb
ACLVfMmKDeem3w==
-----END CERTIFICATE-----