Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          PZ47vZToyXktrWvQzCwwRpQfItVEqOY/CeokyP6T6qA=
Subject key identifier:   9C:65:9A:70:23:A9:64:8E:29:91:56:99:8C:96:40:C4:75:9A:F5:1A
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       0197B6A23EB4ECF523C529D992D40DFE359C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          12B1
Signing time:             Sat 28 Jun 2025 13:02:55 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:55 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:55 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: 2/oVQz0scmgp7ucfLhh5lC1EFH3JJkwbMO7LPh7tBQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:3e:b4:ec:f5:23:c5:29:d9:92:d4:0d:fe:35:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Jun 28 13:02:55 2025 GMT
            Not After : Jun 29 13:02:55 2025 GMT
        Subject: CN=9c659a7023a9648e299156998c9640c4759af51a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a4:96:80:55:72:04:47:33:36:6d:f7:3f:f6:
                    57:3a:10:93:09:9a:28:92:40:f2:ec:58:de:08:ac:
                    cf:be:01:af:7e:9e:5e:62:70:32:b0:04:db:fd:d3:
                    7a:a2:9e:ee:10:32:4d:55:82:aa:5a:2b:fe:51:c6:
                    ff:d0:29:60:60:dc:cb:05:cf:3a:f8:55:2b:5e:0a:
                    1f:2b:b6:b9:6e:fe:f9:52:8a:87:78:cf:13:ca:5b:
                    eb:99:45:4f:72:66:00:4b:79:28:5c:fd:98:30:bb:
                    cf:ac:99:d8:c8:07:ef:78:a1:b2:d6:7b:dd:8d:d2:
                    3f:58:60:26:ab:69:c3:e8:fb:30:79:8f:46:4d:68:
                    a3:78:7d:0f:aa:29:f0:93:b6:b8:2d:7a:57:55:62:
                    b4:f0:5d:89:0b:7c:31:dd:d5:06:3c:be:c3:ef:ff:
                    7e:95:f2:1f:5a:73:4d:bb:29:a3:14:9d:fe:48:ef:
                    1a:b6:e8:48:7c:e0:e1:c0:83:a2:ff:7b:a7:5d:1c:
                    cb:1a:a1:dc:0b:1f:57:c0:a3:66:00:bc:d3:b1:4d:
                    8e:b0:91:37:18:f4:9a:cf:d6:74:42:50:0a:73:73:
                    ce:55:5c:af:9c:63:8a:c9:77:f6:37:e9:26:97:6a:
                    1c:bd:19:c8:70:b1:65:76:6b:54:4f:b2:2c:26:28:
                    57:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:65:9A:70:23:A9:64:8E:29:91:56:99:8C:96:40:C4:75:9A:F5:1A
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:de:48:00:1f:fc:ea:19:27:34:5e:c6:81:81:a5:30:f7:9c:
         a1:67:c5:78:1c:82:51:b2:8e:a1:ca:ac:b5:cd:68:ad:06:6a:
         ec:f9:97:15:a0:ba:7c:70:1e:b5:e3:bb:0a:4d:3e:19:db:b0:
         58:79:51:99:99:11:4c:80:83:44:c1:2d:da:93:ac:7d:d1:32:
         6d:27:a2:09:89:c2:4d:44:36:56:4f:a0:4b:f4:45:b1:fa:c3:
         ad:07:e2:94:dd:cc:4a:11:8d:11:cc:90:68:2a:37:cd:d7:d9:
         0b:6b:88:89:1c:36:fb:54:44:10:6b:ae:ad:2d:8d:9e:c5:04:
         33:4d:ae:cb:29:fe:8d:bd:12:45:25:09:30:c5:6f:e4:3d:6c:
         0b:0e:db:61:33:d6:f7:ac:4d:14:3b:7d:ec:ed:2f:da:91:39:
         f6:09:dd:16:d2:b1:8f:62:cc:db:f6:6f:be:56:dd:85:d2:91:
         5d:05:17:42:7f:3a:fb:97:db:ce:a8:c8:20:33:87:fe:0e:06:
         5c:e1:d2:2e:fa:5c:f2:a0:e7:ad:03:f5:8d:8c:96:d3:27:99:
         8d:59:0d:71:b0:34:e9:e3:31:e6:fd:93:fb:55:13:74:5d:42:
         b1:ae:58:27:01:d3:e8:af:f6:be:75:69:41:17:46:2e:e5:0f:
         28:f1:1f:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oj607PUjxSnZktQN/jWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNjI4MTMwMjU1WhcNMjUwNjI5MTMwMjU1WjAzMTEwLwYDVQQD
Eyg5YzY1OWE3MDIzYTk2NDhlMjk5MTU2OTk4Yzk2NDBjNDc1OWFmNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaSWgFVyBEczNm33P/ZXOhCTCZoo
kkDy7FjeCKzPvgGvfp5eYnAysATb/dN6op7uEDJNVYKqWiv+Ucb/0ClgYNzLBc86
+FUrXgofK7a5bv75UoqHeM8TylvrmUVPcmYAS3koXP2YMLvPrJnYyAfveKGy1nvd
jdI/WGAmq2nD6PsweY9GTWijeH0Pqinwk7a4LXpXVWK08F2JC3wx3dUGPL7D7/9+
lfIfWnNNuymjFJ3+SO8atuhIfODhwIOi/3unXRzLGqHcCx9XwKNmALzTsU2OsJE3
GPSaz9Z0QlAKc3POVVyvnGOKyXf2N+kml2ocvRnIcLFldmtUT7IsJihXcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxlmnAjqWSOKZFWmYyWQMR1mvUaMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB95IAB/8
6hknNF7GgYGlMPecoWfFeByCUbKOocqstc1orQZq7PmXFaC6fHAeteO7Ck0+Gduw
WHlRmZkRTICDRMEt2pOsfdEybSeiCYnCTUQ2Vk+gS/RFsfrDrQfilN3MShGNEcyQ
aCo3zdfZC2uIiRw2+1REEGuurS2NnsUEM02uyyn+jb0SRSUJMMVv5D1sCw7bYTPW
96xNFDt97O0v2pE59gndFtKxj2LM2/ZvvlbdhdKRXQUXQn86+5fbzqjIIDOH/g4G
XOHSLvpc8qDnrQP1jYyW0yeZjVkNcbA06eMx5v2T+1UTdF1Csa5YJwHT6K/2vnVp
QRdGLuUPKPEflg==
-----END CERTIFICATE-----