Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          M9s8rP5d3A76r9I8rt+afXvW86wTv/1PBqfUr6DytvE=
Subject key identifier:   1B:32:A6:60:33:55:76:F3:1C:3B:85:F0:42:23:8A:2B:97:E7:F1:1D
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       0198D515792A0C288892FD3F3B734267DD19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          0756
Signing time:             Sat 23 Aug 2025 04:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:10 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: 4hsCiQW+QfIERlBgm3sl4vifPtz9S0EZUboWxQ6/wVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:79:2a:0c:28:88:92:fd:3f:3b:73:42:67:dd:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Aug 23 04:00:10 2025 GMT
            Not After : Aug 24 04:00:10 2025 GMT
        Subject: CN=1b32a660335576f31c3b85f042238a2b97e7f11d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:22:fd:91:59:20:f9:65:cc:7d:2f:e5:8a:fc:
                    45:fa:3d:a3:0b:f6:c1:99:1e:9f:68:5d:50:29:7c:
                    53:d9:12:d4:27:35:6b:88:66:01:87:52:19:39:b2:
                    73:63:62:17:8d:73:05:2b:ff:ca:17:c2:6b:c3:c1:
                    f9:0b:6a:2e:e9:01:85:1a:56:2c:e3:45:f4:a7:61:
                    f9:07:a0:12:d9:cd:6e:97:98:78:25:1c:dd:64:cf:
                    84:65:aa:49:f6:a8:41:ab:fe:37:ce:d2:11:e6:0b:
                    e1:26:82:e7:fc:f1:86:40:05:a5:f2:46:08:b8:b5:
                    70:d3:8f:b9:62:d5:23:c0:78:bd:24:b5:3b:8a:25:
                    3a:29:3a:95:5a:93:65:fb:0c:b5:f2:3c:26:b8:68:
                    27:30:11:ac:ac:21:3e:bd:bb:c0:fe:44:eb:c8:ec:
                    5c:30:e4:2a:57:88:71:3b:bf:2d:a5:cf:eb:35:e3:
                    8a:90:a2:24:3f:e2:32:b9:19:52:19:27:f0:4c:af:
                    6e:fa:de:33:cb:bd:9b:ff:15:3a:03:10:a5:5e:ef:
                    1b:53:9d:3e:9a:93:28:81:23:f8:fa:00:1a:31:2d:
                    3f:82:3a:97:bf:02:45:e6:3d:e3:43:96:01:1f:52:
                    10:9e:57:91:22:ad:cb:55:58:92:2e:29:76:b8:ab:
                    d6:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:32:A6:60:33:55:76:F3:1C:3B:85:F0:42:23:8A:2B:97:E7:F1:1D
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:d1:cd:32:cc:3b:47:fd:40:c8:32:28:25:76:7c:6b:ac:47:
         82:6f:5d:98:ec:fe:aa:d8:7e:f7:e2:0a:a2:94:69:65:dd:fe:
         01:e4:68:af:cb:cb:1f:0a:fc:59:05:dd:9d:5b:01:45:cc:cb:
         51:da:9e:b1:55:91:a4:f0:88:05:e6:03:f3:40:1b:54:3b:f1:
         2d:db:47:6d:a2:30:f7:ac:4b:b5:a2:77:20:14:2a:2f:51:12:
         1c:a2:bc:69:39:09:99:1f:e8:4b:12:3a:3d:b3:26:ec:4e:1b:
         5c:22:07:99:39:f8:0a:84:3b:2a:38:d1:d9:58:54:5f:f8:97:
         dd:14:0c:32:3b:5a:9c:9b:30:e6:49:c4:86:3d:69:0b:dd:79:
         b2:8c:87:10:fd:af:1a:a6:c9:6a:d4:99:57:85:6e:88:38:8a:
         15:35:a7:22:f2:22:c1:f7:d6:18:d9:cb:46:0c:d7:aa:fd:15:
         72:d7:62:ee:b5:77:12:99:c2:c0:f1:6f:9a:cd:01:1b:14:75:
         74:1c:ea:94:bc:99:b1:93:36:49:15:a3:41:69:36:a3:6a:67:
         9b:4c:7a:44:70:69:b1:1c:88:1a:6d:69:d6:df:ff:65:4d:12:
         40:db:d0:83:03:a9:e0:f2:0d:1b:70:3f:75:7b:24:b9:22:24:
         77:bc:a1:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFXkqDCiIkv0/O3NCZ90ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjUwODIzMDQwMDEwWhcNMjUwODI0MDQwMDEwWjAzMTEwLwYDVQQD
EygxYjMyYTY2MDMzNTU3NmYzMWMzYjg1ZjA0MjIzOGEyYjk3ZTdmMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySL9kVkg+WXMfS/livxF+j2jC/bB
mR6faF1QKXxT2RLUJzVriGYBh1IZObJzY2IXjXMFK//KF8Jrw8H5C2ou6QGFGlYs
40X0p2H5B6AS2c1ul5h4JRzdZM+EZapJ9qhBq/43ztIR5gvhJoLn/PGGQAWl8kYI
uLVw04+5YtUjwHi9JLU7iiU6KTqVWpNl+wy18jwmuGgnMBGsrCE+vbvA/kTryOxc
MOQqV4hxO78tpc/rNeOKkKIkP+IyuRlSGSfwTK9u+t4zy72b/xU6AxClXu8bU50+
mpMogSP4+gAaMS0/gjqXvwJF5j3jQ5YBH1IQnleRIq3LVViSLil2uKvWLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsypmAzVXbzHDuF8EIjiiuX5/EdMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9HNMsw7
R/1AyDIoJXZ8a6xHgm9dmOz+qth+9+IKopRpZd3+AeRor8vLHwr8WQXdnVsBRczL
UdqesVWRpPCIBeYD80AbVDvxLdtHbaIw96xLtaJ3IBQqL1ESHKK8aTkJmR/oSxI6
PbMm7E4bXCIHmTn4CoQ7KjjR2VhUX/iX3RQMMjtanJsw5knEhj1pC915soyHEP2v
GqbJatSZV4VuiDiKFTWnIvIiwffWGNnLRgzXqv0Vctdi7rV3EpnCwPFvms0BGxR1
dBzqlLyZsZM2SRWjQWk2o2pnm0x6RHBpsRyIGm1p1t//ZU0SQNvQgwOp4PING3A/
dXskuSIkd7yh7g==
-----END CERTIFICATE-----