Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
File:                     qYI63d9sNfBbfByuB5BL_58vass.mft (raw, json)
Hash identifier:          jEE2iF7MMtEN92w8TnuXa/1DpqHaamzoA+XwYVSosJw=
Subject key identifier:   61:23:7B:5C:1C:9F:AD:29:A1:FC:17:D9:BE:2D:8E:90:05:44:E9:14
Authority key identifier: A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB
Certificate issuer:       /CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
Certificate serial:       0198D4E07A9A0BCCC84D706019B84EE1682A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
Manifest number:          0ABF
Signing time:             Sat 23 Aug 2025 03:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:17 +0000
Files and hashes:         1: qYI63d9sNfBbfByuB5BL_58vass.crl (hash: rgSgtpOXZRyGZDZhxvWMJxeQOVXWsWFp0wbjh3qJ1I8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:7a:9a:0b:cc:c8:4d:70:60:19:b8:4e:e1:68:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
        Validity
            Not Before: Aug 23 03:02:17 2025 GMT
            Not After : Aug 24 03:02:17 2025 GMT
        Subject: CN=61237b5c1c9fad29a1fc17d9be2d8e900544e914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f0:19:5d:29:ef:ed:68:96:6d:c6:3c:ae:9b:
                    99:79:99:22:a8:f1:c1:36:62:ed:2a:25:4f:8b:fd:
                    67:fa:09:f2:05:64:bf:34:b1:b6:50:1c:3d:c6:51:
                    54:0b:1f:23:49:20:c4:59:74:5f:7e:71:00:06:f5:
                    19:ec:80:9c:db:fe:27:af:3a:9f:08:a3:b7:4e:24:
                    04:61:55:98:6a:aa:2a:df:e3:b6:84:aa:99:53:e1:
                    e6:9e:7a:e1:6b:b6:59:5a:bb:28:ff:ed:22:02:c8:
                    ef:1a:fd:fc:0c:a4:1d:3b:48:83:e0:4f:35:d0:a4:
                    cf:ad:a9:32:46:01:f8:c4:c6:f4:a5:e5:9b:b1:ad:
                    00:c4:66:ba:22:93:dc:d5:31:24:b2:a7:f6:36:cf:
                    2e:70:f6:4c:3b:55:e9:3e:b5:05:eb:47:84:c8:aa:
                    8b:76:73:11:20:27:8c:95:62:6e:50:02:94:7b:ec:
                    0e:76:19:e4:a8:7d:11:b3:f5:0d:ac:69:63:91:60:
                    23:78:4c:0e:19:f4:44:57:1a:21:fd:f7:76:6d:13:
                    79:7f:50:24:95:07:a9:71:be:8b:7a:00:f4:6f:cc:
                    48:4f:40:39:05:12:6e:45:70:4a:20:ff:ed:22:66:
                    84:14:5d:fd:a0:52:e6:28:2d:09:dd:23:1f:70:6e:
                    e5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:23:7B:5C:1C:9F:AD:29:A1:FC:17:D9:BE:2D:8E:90:05:44:E9:14
            X509v3 Authority Key Identifier:
                keyid:A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:fe:ac:d9:7d:f7:61:a3:9d:ea:c0:cd:9c:72:14:25:95:d3:
         8e:e8:5a:d6:9d:85:6e:48:1f:6c:d3:48:a3:20:af:d0:bd:c8:
         77:44:97:b4:43:a7:67:d3:3c:a3:03:0e:c9:1f:d9:44:88:16:
         75:84:ca:11:df:89:49:60:35:05:e2:ae:73:4d:05:51:f9:64:
         e7:33:92:bb:cb:b3:59:9d:93:9a:aa:ab:3a:f0:c5:1b:b0:4a:
         f9:fa:5e:4d:33:72:e0:b3:d2:b2:03:7f:55:ed:58:59:6e:64:
         5a:3f:07:35:08:98:b5:03:79:e2:47:0f:9b:47:d7:92:6c:de:
         2f:d9:5a:9b:a7:7d:0d:b1:63:e5:7a:bb:23:6b:d7:12:96:15:
         cd:f9:fe:25:83:2a:dc:ac:0d:88:a7:cb:8c:b5:fc:38:5c:ec:
         03:10:c7:59:74:24:1c:02:9c:8a:df:34:eb:8c:00:9b:10:72:
         b6:62:2a:fd:ee:bb:22:dc:82:95:1e:85:5e:3f:82:1e:a5:77:
         82:b5:6b:af:f7:c0:71:35:37:34:77:1b:66:21:55:1c:5f:32:
         e7:63:90:25:0a:6e:f3:e8:6b:36:06:45:0f:52:98:43:ad:23:
         fe:3a:3c:96:89:e1:3d:f4:33:65:4c:b0:5e:2a:7a:fc:43:2b:
         df:74:40:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4HqaC8zITXBgGbhO4WgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODIzYWRkZGY2YzM1ZjA1YjdjMWNhZTA3OTA0YmZmOWYy
ZjZhY2IwHhcNMjUwODIzMDMwMjE3WhcNMjUwODI0MDMwMjE3WjAzMTEwLwYDVQQD
Eyg2MTIzN2I1YzFjOWZhZDI5YTFmYzE3ZDliZTJkOGU5MDA1NDRlOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPAZXSnv7WiWbcY8rpuZeZkiqPHB
NmLtKiVPi/1n+gnyBWS/NLG2UBw9xlFUCx8jSSDEWXRffnEABvUZ7ICc2/4nrzqf
CKO3TiQEYVWYaqoq3+O2hKqZU+Hmnnrha7ZZWrso/+0iAsjvGv38DKQdO0iD4E81
0KTPrakyRgH4xMb0peWbsa0AxGa6IpPc1TEksqf2Ns8ucPZMO1XpPrUF60eEyKqL
dnMRICeMlWJuUAKUe+wOdhnkqH0Rs/UNrGljkWAjeEwOGfREVxoh/fd2bRN5f1Ak
lQepcb6LegD0b8xIT0A5BRJuRXBKIP/tImaEFF39oFLmKC0J3SMfcG7lNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEje1wcn60pofwX2b4tjpAFROkUMB8GA1UdIwQY
MBaAFKmCOt3fbDXwW3wcrgeQS/+fL2rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAt
MzZkNGQ3ZjA3YzhhLzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAtMzZkNGQ3ZjA3Yzhh
LzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhP6s2X33
YaOd6sDNnHIUJZXTjuha1p2FbkgfbNNIoyCv0L3Id0SXtEOnZ9M8owMOyR/ZRIgW
dYTKEd+JSWA1BeKuc00FUflk5zOSu8uzWZ2TmqqrOvDFG7BK+fpeTTNy4LPSsgN/
Ve1YWW5kWj8HNQiYtQN54kcPm0fXkmzeL9lam6d9DbFj5Xq7I2vXEpYVzfn+JYMq
3KwNiKfLjLX8OFzsAxDHWXQkHAKcit8064wAmxBytmIq/e67ItyClR6FXj+CHqV3
grVrr/fAcTU3NHcbZiFVHF8y52OQJQpu8+hrNgZFD1KYQ60j/jo8lonhPfQzZUyw
Xip6/EMr33RArg==
-----END CERTIFICATE-----