Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
File:                     qOeaWm0FfybaCYxi-R31ExEa7a0.mft (raw, json)
Hash identifier:          wahZ8JhzI12uy2nftfslh+jfexADBze1fzA8huUez4Y=
Subject key identifier:   AA:10:88:E0:17:BF:05:1B:45:EA:48:29:38:9A:A5:21:3E:86:61:00
Authority key identifier: A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD
Certificate issuer:       /CN=a8e79a5a6d057f26da098c62f91df513111aedad
Certificate serial:       0198D6612504600A44961498AB7099940817
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:27 +0000
Files and hashes:         1: qOeaWm0FfybaCYxi-R31ExEa7a0.crl (hash: vjn2VoiJdtfgDigwlB2RoZHBXDjiskceBbCw/d6+gyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:25:04:60:0a:44:96:14:98:ab:70:99:94:08:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8e79a5a6d057f26da098c62f91df513111aedad
        Validity
            Not Before: Aug 23 10:02:27 2025 GMT
            Not After : Aug 24 10:02:27 2025 GMT
        Subject: CN=aa1088e017bf051b45ea4829389aa5213e866100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:33:bc:51:99:98:eb:88:3f:a3:7e:c4:5f:4b:
                    a3:48:ca:7f:c4:40:12:aa:99:34:7e:2c:7f:d2:fa:
                    dd:1f:11:f7:89:cf:4e:8c:15:b3:1d:06:c4:88:47:
                    ee:28:ae:d0:13:d8:88:53:0a:ba:ba:7d:06:ba:0f:
                    f1:87:32:73:31:ae:14:2f:84:c2:7f:be:58:a5:8c:
                    68:84:27:86:37:a8:5c:13:09:e0:71:80:01:fe:d7:
                    5c:ee:7e:f6:b0:d7:98:35:85:2e:de:f3:ee:aa:5c:
                    93:e3:8d:b7:ab:e1:d3:8e:24:34:e4:dc:1a:8d:24:
                    3e:8d:9d:24:3d:fd:a7:97:0c:65:df:e2:d5:31:68:
                    18:e6:ed:56:33:38:2c:10:40:2b:e2:a5:d7:69:87:
                    fd:14:60:dd:f3:40:52:bf:77:98:81:a2:d4:fc:94:
                    cb:7c:41:c7:e9:9c:cd:51:f4:db:bd:3b:a3:51:00:
                    3d:c9:ce:20:03:9a:fe:0d:5b:a4:db:52:2d:f1:69:
                    b7:8e:9b:d1:87:18:20:32:fa:19:1e:7a:78:69:f4:
                    36:6a:5b:fa:57:f0:09:77:ff:28:b6:af:69:6c:62:
                    25:2b:84:84:60:9b:cb:6a:42:37:a1:e0:e5:a2:67:
                    c3:3a:c3:8f:6f:a5:8d:e2:82:b6:08:81:db:7e:0a:
                    c5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:10:88:E0:17:BF:05:1B:45:EA:48:29:38:9A:A5:21:3E:86:61:00
            X509v3 Authority Key Identifier:
                keyid:A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:5f:70:a9:aa:96:56:f5:34:d6:ec:97:75:5c:12:31:76:04:
         b2:8c:69:c9:72:aa:be:b4:af:82:b8:3f:80:1b:cf:0d:e8:7b:
         4b:bd:59:c5:8f:b5:3c:83:b0:47:df:0b:63:98:80:3e:10:57:
         37:41:32:57:ca:97:d2:10:d4:c0:a2:a1:88:86:9f:a6:12:01:
         40:30:f1:7f:cc:1b:89:5c:90:a1:d5:22:19:eb:f5:1c:e0:27:
         9e:5a:27:45:87:a3:de:7a:0f:c7:c5:17:ac:ce:19:ec:ed:f0:
         e7:fb:27:8a:c6:3d:ea:50:0d:88:4a:77:bd:e6:b1:7d:a3:3b:
         21:03:83:7e:4e:d5:6b:d0:fd:2e:fb:d1:c6:ab:e7:7a:e0:c8:
         90:c0:77:ef:72:83:c7:13:dd:1d:f6:ab:43:e0:05:c5:33:06:
         8c:35:5c:e5:1d:1d:b5:aa:35:28:db:cb:e6:8e:11:af:49:70:
         87:3f:b3:57:3f:93:b2:73:e5:41:dd:17:04:83:2d:63:a2:4d:
         d2:cb:3f:59:d4:64:1d:4a:43:6c:8c:51:c0:a1:d5:58:d4:64:
         a8:9b:36:db:0e:9b:79:25:50:ff:f6:c2:81:1c:53:53:db:7d:
         3b:9c:38:ce:e3:ef:67:0e:61:78:cf:69:0c:a9:61:63:85:25:
         04:6e:01:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYSUEYApElhSYq3CZlAgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTc5YTVhNmQwNTdmMjZkYTA5OGM2MmY5MWRmNTEzMTEx
YWVkYWQwHhcNMjUwODIzMTAwMjI3WhcNMjUwODI0MTAwMjI3WjAzMTEwLwYDVQQD
EyhhYTEwODhlMDE3YmYwNTFiNDVlYTQ4MjkzODlhYTUyMTNlODY2MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTO8UZmY64g/o37EX0ujSMp/xEAS
qpk0fix/0vrdHxH3ic9OjBWzHQbEiEfuKK7QE9iIUwq6un0Gug/xhzJzMa4UL4TC
f75YpYxohCeGN6hcEwngcYAB/tdc7n72sNeYNYUu3vPuqlyT4423q+HTjiQ05Nwa
jSQ+jZ0kPf2nlwxl3+LVMWgY5u1WMzgsEEAr4qXXaYf9FGDd80BSv3eYgaLU/JTL
fEHH6ZzNUfTbvTujUQA9yc4gA5r+DVuk21It8Wm3jpvRhxggMvoZHnp4afQ2alv6
V/AJd/8otq9pbGIlK4SEYJvLakI3oeDlomfDOsOPb6WN4oK2CIHbfgrFxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoQiOAXvwUbRepIKTiapSE+hmEAMB8GA1UdIwQY
MBaAFKjnmlptBX8m2gmMYvkd9RMRGu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAt
ZWNjZGFjOGI2YTk4LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAtZWNjZGFjOGI2YTk4
LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgl9wqaqW
VvU01uyXdVwSMXYEsoxpyXKqvrSvgrg/gBvPDeh7S71ZxY+1PIOwR98LY5iAPhBX
N0EyV8qX0hDUwKKhiIafphIBQDDxf8wbiVyQodUiGev1HOAnnlonRYej3noPx8UX
rM4Z7O3w5/snisY96lANiEp3veaxfaM7IQODfk7Va9D9LvvRxqvneuDIkMB373KD
xxPdHfarQ+AFxTMGjDVc5R0dtao1KNvL5o4Rr0lwhz+zVz+TsnPlQd0XBIMtY6JN
0ss/WdRkHUpDbIxRwKHVWNRkqJs22w6beSVQ//bCgRxTU9t9O5w4zuPvZw5heM9p
DKlhY4UlBG4B7g==
-----END CERTIFICATE-----