Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          loDFz/fnfhkgeCUnBEpnl1RyeObZQJBIg5A/GahWqYE=
Subject key identifier:   85:FD:61:64:DC:AE:5E:C5:D2:23:F5:B2:7F:A1:15:AB:C4:6F:B3:CE
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       019A02598C0F59E4D968FC4FC744703F0373
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          07F2
Signing time:             Mon 20 Oct 2025 16:00:14 +0000
Manifest this update:     Mon 20 Oct 2025 16:00:14 +0000
Manifest next update:     Tue 21 Oct 2025 16:00:14 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: pE4zlqSnHvC9giJa7zxye1KNGGQF+wC2izw+45qGyXQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:59:8c:0f:59:e4:d9:68:fc:4f:c7:44:70:3f:03:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Oct 20 16:00:14 2025 GMT
            Not After : Oct 21 16:00:14 2025 GMT
        Subject: CN=85fd6164dcae5ec5d223f5b27fa115abc46fb3ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ea:09:45:cf:ee:96:84:b2:11:7e:d6:2a:b4:
                    7e:cf:92:55:2d:75:ca:6b:eb:17:bd:7f:ba:4f:ce:
                    bf:4d:74:bd:41:89:c8:47:2e:26:15:3e:6b:0e:df:
                    71:3a:26:7b:d1:e6:e7:20:9f:0e:b2:d1:9c:cd:62:
                    25:c2:89:be:74:99:ee:3f:5c:91:b8:ec:e1:1c:f6:
                    9f:87:47:f4:69:50:35:68:e2:a9:3e:5a:c7:26:a0:
                    91:b4:2a:f8:fe:38:22:fd:ed:af:50:93:b2:8e:40:
                    40:60:bb:35:ca:b6:6f:06:27:0c:5f:09:88:b0:54:
                    d4:fe:ba:dd:00:b7:ea:e1:3e:58:bf:40:10:71:84:
                    00:d2:3e:b6:6c:28:79:36:ed:20:05:f1:74:1b:7a:
                    88:70:ca:a1:19:6c:1c:11:5e:f4:41:84:b0:49:0b:
                    ad:ac:d1:40:d0:8c:95:0e:bc:8c:6e:b4:e0:83:18:
                    d5:e3:f2:16:42:c7:0b:57:be:ec:36:62:c6:77:b1:
                    35:16:96:31:81:a1:1e:67:b7:a2:a9:24:63:21:2a:
                    f9:a6:e2:68:5e:79:b3:ff:fe:74:84:7e:ff:c4:5a:
                    69:e4:3c:16:1b:b2:69:3e:22:f5:8c:d5:19:2a:41:
                    5c:1a:4b:2f:88:91:35:14:94:78:94:fa:ff:69:58:
                    30:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:FD:61:64:DC:AE:5E:C5:D2:23:F5:B2:7F:A1:15:AB:C4:6F:B3:CE
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:28:e6:32:e7:82:67:9c:8e:a4:00:cd:35:d7:d2:72:2b:cc:
         cb:dc:76:b3:32:dd:89:2b:8e:b0:21:d4:61:f0:c8:cc:33:29:
         81:1e:05:52:1e:6d:94:73:6f:9f:30:28:72:57:85:f2:06:27:
         f7:b8:0c:52:35:06:13:25:5e:a5:1d:41:a7:ed:68:70:f2:0d:
         3e:fd:88:d0:4c:1f:6b:fe:4a:d0:81:21:d8:1e:cc:0e:99:3d:
         e7:13:a4:5b:74:95:8b:7e:bf:e1:f8:f2:44:82:50:61:60:04:
         fe:5e:91:82:a6:cb:14:cd:97:af:58:21:dd:5b:93:a6:b2:9c:
         ff:f6:18:2a:ea:29:87:c3:ba:02:e7:f7:f9:30:ef:a1:a9:23:
         1e:ee:19:e6:8a:16:bc:f5:07:cf:3e:67:90:cf:da:4e:05:d2:
         61:15:a8:00:0f:80:15:f7:5a:91:62:11:bb:12:03:f0:30:7c:
         cc:f0:11:ef:82:c4:1d:69:36:00:36:8f:5d:87:ba:30:ea:2b:
         d0:b0:3e:c5:63:92:e4:d2:a5:59:f4:ae:b3:0a:2a:e4:c6:d3:
         5d:41:e5:3f:b0:76:a9:5c:14:ed:c1:28:82:7f:45:e6:14:53:
         8f:dd:66:59:47:5f:58:0d:6d:c7:d6:bd:20:3d:4f:0c:0a:1d:
         a4:43:3c:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCWYwPWeTZaPxPx0RwPwNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjUxMDIwMTYwMDE0WhcNMjUxMDIxMTYwMDE0WjAzMTEwLwYDVQQD
Eyg4NWZkNjE2NGRjYWU1ZWM1ZDIyM2Y1YjI3ZmExMTVhYmM0NmZiM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuoJRc/uloSyEX7WKrR+z5JVLXXK
a+sXvX+6T86/TXS9QYnIRy4mFT5rDt9xOiZ70ebnIJ8OstGczWIlwom+dJnuP1yR
uOzhHPafh0f0aVA1aOKpPlrHJqCRtCr4/jgi/e2vUJOyjkBAYLs1yrZvBicMXwmI
sFTU/rrdALfq4T5Yv0AQcYQA0j62bCh5Nu0gBfF0G3qIcMqhGWwcEV70QYSwSQut
rNFA0IyVDryMbrTggxjV4/IWQscLV77sNmLGd7E1FpYxgaEeZ7eiqSRjISr5puJo
Xnmz//50hH7/xFpp5DwWG7JpPiL1jNUZKkFcGksviJE1FJR4lPr/aVgwBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIX9YWTcrl7F0iP1sn+hFavEb7POMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaCjmMueC
Z5yOpADNNdfScivMy9x2szLdiSuOsCHUYfDIzDMpgR4FUh5tlHNvnzAocleF8gYn
97gMUjUGEyVepR1Bp+1ocPINPv2I0Ewfa/5K0IEh2B7MDpk95xOkW3SVi36/4fjy
RIJQYWAE/l6RgqbLFM2Xr1gh3VuTprKc//YYKuoph8O6Auf3+TDvoakjHu4Z5ooW
vPUHzz5nkM/aTgXSYRWoAA+AFfdakWIRuxID8DB8zPAR74LEHWk2ADaPXYe6MOor
0LA+xWOS5NKlWfSuswoq5MbTXUHlP7B2qVwU7cEogn9F5hRTj91mWUdfWA1tx9a9
ID1PDAodpEM8xg==
-----END CERTIFICATE-----