Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          myjnYDTw8cAiqWJwFZW/You7NaMqggGe3evwSrmThQk=
Subject key identifier:   0A:28:FB:EB:8E:B8:FB:08:05:F6:91:16:F2:A4:4F:EB:25:1C:06:5A
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       0196C34C506C49A1AC87EA56440888A4BD81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          1233
Signing time:             Mon 12 May 2025 07:01:20 +0000
Manifest this update:     Mon 12 May 2025 07:01:20 +0000
Manifest next update:     Tue 13 May 2025 07:01:20 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: oEW3/ykPDXb9v3S0QVl2GSEAnuT/+PPlI+AwOhEQ+DQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:50:6c:49:a1:ac:87:ea:56:44:08:88:a4:bd:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: May 12 07:01:20 2025 GMT
            Not After : May 13 07:01:20 2025 GMT
        Subject: CN=0a28fbeb8eb8fb0805f69116f2a44feb251c065a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d1:e8:f9:5e:08:67:72:d2:76:01:69:bf:c0:
                    bf:fd:86:3e:dd:13:d4:d5:f5:54:12:d9:9e:dc:6e:
                    ca:c9:42:db:69:29:12:78:24:b7:88:c6:b8:f0:1e:
                    f3:b1:5a:c7:48:8e:04:61:26:db:9f:89:86:03:cc:
                    13:64:5c:1f:f8:a4:88:a3:02:2b:9c:55:72:fd:5e:
                    f3:1b:b0:e8:2d:36:84:5a:e9:75:f4:5c:98:e7:51:
                    7a:dd:23:bf:3b:81:f8:cd:00:84:9b:c0:45:3f:97:
                    4d:7a:84:c0:20:5a:63:a0:25:cb:e9:9d:d6:ba:a5:
                    a4:5b:b1:6a:b8:ba:dd:f2:76:13:92:66:9f:d0:3b:
                    a4:56:41:1a:d7:d6:c9:8c:0c:55:0e:a0:da:7f:f8:
                    8c:03:9c:b2:21:d6:ee:c9:91:cd:c6:17:2d:3d:0f:
                    20:9c:bb:03:7f:f3:db:1b:9c:78:4a:3f:66:04:1a:
                    9b:f1:de:74:d8:ca:c7:52:60:ec:a0:dc:83:17:96:
                    5f:5b:42:98:6a:bb:91:01:0b:41:d5:e7:01:52:49:
                    2b:50:0a:3a:f6:14:5d:b1:49:16:ab:30:e5:8a:30:
                    4b:5b:50:95:81:5f:1a:4e:19:bb:46:bd:80:33:e5:
                    ab:3d:28:0c:28:76:c7:9f:f7:b6:6f:7d:78:86:06:
                    5b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:28:FB:EB:8E:B8:FB:08:05:F6:91:16:F2:A4:4F:EB:25:1C:06:5A
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:39:cb:33:cf:f3:e2:75:91:94:64:d2:6c:dd:10:df:68:1f:
         43:2e:f8:bb:65:d3:f7:b7:8f:7d:e7:18:87:6e:c1:74:da:ad:
         d6:8c:c0:87:da:d1:fa:bd:94:43:99:ea:f3:03:37:dc:19:31:
         c0:fd:cc:a0:83:e7:eb:f8:48:20:4c:24:0b:5f:cd:2e:71:4c:
         85:82:53:de:ef:3d:70:85:ae:11:1f:71:af:6c:82:14:d4:43:
         a4:c3:f6:1b:15:d6:66:f3:1f:11:cc:69:f8:9a:e2:1d:04:03:
         de:c9:2c:0d:18:09:62:da:7c:06:d4:0d:5e:1e:97:1e:36:82:
         c2:fc:e7:0b:0e:34:50:7b:19:42:05:bd:71:ab:6b:ef:76:e7:
         90:27:46:a1:83:6f:0e:32:6c:b0:75:4e:0d:c3:41:fd:02:9a:
         1b:b5:58:d6:f7:4d:89:c0:89:d7:c9:bc:ce:3a:f4:fc:98:fb:
         de:3f:52:c7:ef:9c:d4:a6:1a:07:97:83:6a:24:e7:b2:03:35:
         2e:48:1d:e5:9b:40:64:92:b0:18:a1:d3:1d:e8:8a:6f:97:00:
         90:cd:7b:28:4b:43:a6:48:28:9a:4f:be:01:0b:7b:70:ba:63:
         65:99:e3:e8:56:94:7b:19:c3:50:c8:b9:06:04:9c:4e:ef:68:
         7b:72:25:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTFBsSaGsh+pWRAiIpL2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNTEyMDcwMTIwWhcNMjUwNTEzMDcwMTIwWjAzMTEwLwYDVQQD
EygwYTI4ZmJlYjhlYjhmYjA4MDVmNjkxMTZmMmE0NGZlYjI1MWMwNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9Ho+V4IZ3LSdgFpv8C//YY+3RPU
1fVUEtme3G7KyULbaSkSeCS3iMa48B7zsVrHSI4EYSbbn4mGA8wTZFwf+KSIowIr
nFVy/V7zG7DoLTaEWul19FyY51F63SO/O4H4zQCEm8BFP5dNeoTAIFpjoCXL6Z3W
uqWkW7FquLrd8nYTkmaf0DukVkEa19bJjAxVDqDaf/iMA5yyIdbuyZHNxhctPQ8g
nLsDf/PbG5x4Sj9mBBqb8d502MrHUmDsoNyDF5ZfW0KYaruRAQtB1ecBUkkrUAo6
9hRdsUkWqzDlijBLW1CVgV8aThm7Rr2AM+WrPSgMKHbHn/e2b314hgZbxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoo++uOuPsIBfaRFvKkT+slHAZaMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTnLM8/z
4nWRlGTSbN0Q32gfQy74u2XT97ePfecYh27BdNqt1ozAh9rR+r2UQ5nq8wM33Bkx
wP3MoIPn6/hIIEwkC1/NLnFMhYJT3u89cIWuER9xr2yCFNRDpMP2GxXWZvMfEcxp
+JriHQQD3sksDRgJYtp8BtQNXh6XHjaCwvznCw40UHsZQgW9catr73bnkCdGoYNv
DjJssHVODcNB/QKaG7VY1vdNicCJ18m8zjr0/Jj73j9Sx++c1KYaB5eDaiTnsgM1
Lkgd5ZtAZJKwGKHTHeiKb5cAkM17KEtDpkgomk++AQt7cLpjZZnj6FaUexnDUMi5
BgScTu9oe3Ilug==
-----END CERTIFICATE-----