Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          2e+Xx6N/1edrmKlzWZBTSiFLnWT5CZodPMT8ToiD2+g=
Subject key identifier:   FF:A0:AB:D9:C0:F2:A3:67:09:E6:AD:E6:A7:71:08:BA:70:20:CB:51
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       0199228D21A7F5AA352E64D83C12F4636278
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          0375
Signing time:             Sun 07 Sep 2025 05:01:38 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:38 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:38 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: oul8HqRxLpIk15IE2Rd55R2506KQw1kgIudJnNQeziE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:21:a7:f5:aa:35:2e:64:d8:3c:12:f4:63:62:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Sep  7 05:01:38 2025 GMT
            Not After : Sep  8 05:01:38 2025 GMT
        Subject: CN=ffa0abd9c0f2a36709e6ade6a77108ba7020cb51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:69:57:20:72:d7:be:09:6e:15:00:3a:ea:57:
                    f2:bf:7d:1b:3e:da:b7:83:74:eb:76:c7:ca:73:9f:
                    32:73:f2:c5:9a:88:59:08:95:16:0a:0e:31:74:e9:
                    b6:23:cd:f9:8e:35:ec:bb:6b:5a:2d:e6:be:f9:64:
                    9b:a7:23:be:aa:2e:1b:5a:b1:de:52:2c:06:b4:57:
                    d7:98:a0:f1:1e:b9:20:26:f6:f4:f7:7d:4a:4f:04:
                    7a:23:7c:64:61:cf:31:11:bf:18:db:a7:79:f1:05:
                    00:d8:81:3d:85:1c:df:2c:99:45:1b:bc:8e:42:04:
                    e1:02:a5:98:3b:b9:b0:c2:f6:92:f6:a5:b2:91:6f:
                    bb:17:22:bf:1f:40:01:fb:f0:67:1c:3f:f9:5b:a9:
                    9a:4b:70:33:8e:e3:f5:e2:3f:d5:7e:0b:07:51:d0:
                    c2:c9:79:dd:fb:25:91:64:97:f0:29:06:5e:ec:60:
                    50:bf:2a:64:d3:d9:fc:68:90:ec:c5:d2:63:98:e7:
                    10:36:f5:a8:5e:9e:29:20:b1:51:02:fe:75:93:3f:
                    34:1e:5c:43:3e:e7:34:00:ff:0e:22:f9:5a:0c:63:
                    64:cb:64:76:47:b0:29:98:eb:64:9c:df:26:d2:1b:
                    56:16:ef:63:54:9e:25:91:72:65:f8:83:44:f4:fe:
                    79:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:A0:AB:D9:C0:F2:A3:67:09:E6:AD:E6:A7:71:08:BA:70:20:CB:51
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:c7:86:0e:21:8d:36:57:c1:9b:df:81:3e:bc:58:0f:82:98:
         5b:86:5a:b4:80:c5:19:22:59:38:88:dd:58:65:51:6f:99:9c:
         1b:ae:1d:f6:9c:10:7f:ab:2a:cd:7c:c3:96:15:0f:93:a4:96:
         45:a0:5b:a4:c8:71:e9:c0:ed:0d:8d:13:78:4b:d6:93:9a:4a:
         58:81:f4:1f:45:7f:d8:9a:3a:f4:3e:da:a5:e1:73:88:74:82:
         29:a1:27:5e:cf:2d:93:0f:57:f1:2d:8f:f4:65:cb:fc:a5:55:
         45:f9:ce:a8:03:b4:ba:00:67:3b:35:03:b5:ac:4d:a3:a9:87:
         c6:d6:73:27:28:8b:5d:d7:39:99:10:e5:bc:9b:f0:b4:64:b0:
         e3:94:51:02:d9:e2:ab:8a:33:98:9e:83:c3:64:ad:85:89:b7:
         4d:eb:e7:9c:ec:3f:5c:95:73:8f:d9:72:ef:d8:ec:1e:be:8d:
         df:c5:62:5d:d0:51:8e:2f:12:c3:d1:da:54:a1:1f:ff:86:ff:
         b8:ca:9e:3f:65:ee:6c:bb:9c:c3:89:19:c3:f4:fb:b3:be:41:
         43:24:2a:3d:ba:3c:d0:ee:4c:c0:76:07:45:5c:c4:00:e9:0d:
         36:ae:d3:b7:5c:c1:73:85:d8:ec:ab:07:23:41:ff:57:5c:37:
         31:b7:32:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijSGn9ao1LmTYPBL0Y2J4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUwOTA3MDUwMTM4WhcNMjUwOTA4MDUwMTM4WjAzMTEwLwYDVQQD
EyhmZmEwYWJkOWMwZjJhMzY3MDllNmFkZTZhNzcxMDhiYTcwMjBjYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWlXIHLXvgluFQA66lfyv30bPtq3
g3TrdsfKc58yc/LFmohZCJUWCg4xdOm2I835jjXsu2taLea++WSbpyO+qi4bWrHe
UiwGtFfXmKDxHrkgJvb0931KTwR6I3xkYc8xEb8Y26d58QUA2IE9hRzfLJlFG7yO
QgThAqWYO7mwwvaS9qWykW+7FyK/H0AB+/BnHD/5W6maS3AzjuP14j/VfgsHUdDC
yXnd+yWRZJfwKQZe7GBQvypk09n8aJDsxdJjmOcQNvWoXp4pILFRAv51kz80HlxD
Puc0AP8OIvlaDGNky2R2R7ApmOtknN8m0htWFu9jVJ4lkXJl+INE9P559wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+gq9nA8qNnCeat5qdxCLpwIMtRMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEceGDiGN
NlfBm9+BPrxYD4KYW4ZatIDFGSJZOIjdWGVRb5mcG64d9pwQf6sqzXzDlhUPk6SW
RaBbpMhx6cDtDY0TeEvWk5pKWIH0H0V/2Jo69D7apeFziHSCKaEnXs8tkw9X8S2P
9GXL/KVVRfnOqAO0ugBnOzUDtaxNo6mHxtZzJyiLXdc5mRDlvJvwtGSw45RRAtni
q4ozmJ6Dw2SthYm3TevnnOw/XJVzj9ly79jsHr6N38ViXdBRji8Sw9HaVKEf/4b/
uMqeP2XubLucw4kZw/T7s75BQyQqPbo80O5MwHYHRVzEAOkNNq7Tt1zBc4XY7KsH
I0H/V1w3MbcydQ==
-----END CERTIFICATE-----