Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
File:                     TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft (raw, json)
Hash identifier:          w5oDIVd4tWGcV8weeI7pSOgqfy2EooHdBzOLG/viJgo=
Subject key identifier:   67:F1:AD:9A:BF:53:83:3A:70:C1:A7:F1:29:C4:E1:3C:C8:F0:06:AC
Authority key identifier: 4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D
Certificate issuer:       /CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
Certificate serial:       019749685BD15AF5072FD88C6AFBAE9BFD04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
Manifest number:          016B
Signing time:             Sat 07 Jun 2025 08:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 08:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 08:01:05 +0000
Files and hashes:         1: TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl (hash: Cb/uVnczqvfFIphOqeeHbV7r/lsExXvPexcTP7674+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:5b:d1:5a:f5:07:2f:d8:8c:6a:fb:ae:9b:fd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
        Validity
            Not Before: Jun  7 08:01:05 2025 GMT
            Not After : Jun  8 08:01:05 2025 GMT
        Subject: CN=67f1ad9abf53833a70c1a7f129c4e13cc8f006ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:91:a9:91:92:70:54:cd:4b:6f:08:02:26:e0:
                    81:d6:d4:1a:24:82:03:da:a3:df:c2:a9:21:6b:f2:
                    bf:bd:5f:65:b2:a3:c8:af:59:3a:a1:1b:39:39:94:
                    8d:04:6a:22:6e:a8:7e:de:1a:76:cd:e3:5e:1c:bf:
                    e5:cb:9f:8b:e7:9b:bd:13:c0:55:4a:52:5f:e3:b2:
                    e3:00:4f:7b:c1:12:c4:90:69:4d:02:45:4b:fd:eb:
                    f3:9c:be:54:02:76:82:72:a9:63:87:61:f2:1b:04:
                    42:c0:12:84:d0:dc:04:f9:b9:c1:ed:a3:48:41:f4:
                    c6:58:5e:51:c1:ce:a6:2c:7e:35:2a:f1:ca:a1:f2:
                    c9:09:c4:a8:a1:3f:9f:95:8d:cc:e4:3a:e9:1c:87:
                    3c:94:13:56:05:26:f9:90:e4:3f:d7:9f:4a:a6:c7:
                    0a:3c:23:17:06:b8:b6:79:13:3c:31:de:a2:40:a7:
                    55:fc:7f:a1:0d:95:6d:df:6c:7b:30:d4:00:75:88:
                    4b:1d:e9:87:39:4f:fa:8b:3a:8d:a5:40:da:11:1d:
                    76:f1:9e:ce:45:1f:c3:77:c4:a7:59:41:4c:2a:c8:
                    21:5d:49:98:f0:17:22:01:25:71:af:72:b6:d8:a0:
                    8e:ee:fe:f8:03:bf:74:1d:bc:f0:8b:54:6a:27:49:
                    a0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F1:AD:9A:BF:53:83:3A:70:C1:A7:F1:29:C4:E1:3C:C8:F0:06:AC
            X509v3 Authority Key Identifier:
                keyid:4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:69:3e:d3:f1:eb:99:ca:d2:bc:d8:2d:92:00:06:a1:2a:3e:
         dc:8c:93:c9:77:e1:b9:97:36:a6:46:bb:63:60:a0:11:6b:b5:
         b7:97:00:9f:9a:05:e6:c0:c2:7b:c3:76:6d:20:fc:5e:fa:f1:
         77:11:fb:32:39:c3:56:13:1a:5c:ce:e3:78:78:44:70:e4:73:
         48:6e:b2:93:ee:8c:03:63:14:42:c3:d5:d0:09:90:c5:e4:56:
         66:be:3f:61:98:5f:0b:bb:59:99:d3:c6:42:0e:3d:c7:eb:d8:
         a9:8d:08:6a:f9:42:dd:e8:90:06:e6:56:09:f9:b6:a7:f1:c4:
         83:aa:36:0f:bb:bf:79:58:9b:94:a9:cb:e3:2a:f8:18:bc:7f:
         20:a5:dc:0a:a2:14:db:1f:1c:ae:37:d9:58:83:ed:72:b8:cb:
         4c:d4:e0:3b:54:0f:21:9b:52:42:6f:3a:5b:41:c4:b5:d7:9b:
         2c:ed:99:9f:31:7b:38:fc:6c:a9:cf:7c:6b:7a:03:d6:3f:13:
         1d:55:6c:af:b3:e4:6f:8d:97:3c:7b:49:8c:a0:0e:16:77:18:
         68:be:4d:d4:a3:a9:65:73:2d:35:e2:e2:ab:58:37:b8:a3:de:
         6b:66:c5:9d:e8:cd:38:07:2b:c6:99:37:9f:6e:1c:46:ef:00:
         fa:b4:e1:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaFvRWvUHL9iMavuum/0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTgwNWFlYTg2MDMwYmFjZGQwYmEzZTRlNDI0ZTFiYWVm
MDgyNGQwHhcNMjUwNjA3MDgwMTA1WhcNMjUwNjA4MDgwMTA1WjAzMTEwLwYDVQQD
Eyg2N2YxYWQ5YWJmNTM4MzNhNzBjMWE3ZjEyOWM0ZTEzY2M4ZjAwNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpGpkZJwVM1LbwgCJuCB1tQaJIID
2qPfwqkha/K/vV9lsqPIr1k6oRs5OZSNBGoibqh+3hp2zeNeHL/ly5+L55u9E8BV
SlJf47LjAE97wRLEkGlNAkVL/evznL5UAnaCcqljh2HyGwRCwBKE0NwE+bnB7aNI
QfTGWF5Rwc6mLH41KvHKofLJCcSooT+flY3M5DrpHIc8lBNWBSb5kOQ/159KpscK
PCMXBri2eRM8Md6iQKdV/H+hDZVt32x7MNQAdYhLHemHOU/6izqNpUDaER128Z7O
RR/Dd8SnWUFMKsghXUmY8BciASVxr3K22KCO7v74A790Hbzwi1RqJ0mgdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfxrZq/U4M6cMGn8SnE4TzI8AasMB8GA1UdIwQY
MBaAFE6oBa6oYDC6zdC6Pk5CThuu8IJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzct
Nzc4ODczYTI3MjZjLzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzctNzc4ODczYTI3MjZj
LzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo2k+0/Hr
mcrSvNgtkgAGoSo+3IyTyXfhuZc2pka7Y2CgEWu1t5cAn5oF5sDCe8N2bSD8Xvrx
dxH7MjnDVhMaXM7jeHhEcORzSG6yk+6MA2MUQsPV0AmQxeRWZr4/YZhfC7tZmdPG
Qg49x+vYqY0IavlC3eiQBuZWCfm2p/HEg6o2D7u/eViblKnL4yr4GLx/IKXcCqIU
2x8crjfZWIPtcrjLTNTgO1QPIZtSQm86W0HEtdebLO2ZnzF7OPxsqc98a3oD1j8T
HVVsr7Pkb42XPHtJjKAOFncYaL5N1KOpZXMtNeLiq1g3uKPea2bFnejNOAcrxpk3
n24cRu8A+rThfw==
-----END CERTIFICATE-----