Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          xq6wBSQLwqG7upqj24OMo9a6lLNeeXk4kGtelu+p30g=
Subject key identifier:   1B:BF:93:81:46:C6:5A:7C:2B:A9:42:B6:85:57:F2:CA:C9:38:0B:49
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       0198D54EC26999B6F06A5B37858E9B61299C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          034D
Signing time:             Sat 23 Aug 2025 05:02:45 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:45 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:45 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: imUwAlKNlTseCfzhYpE/myL1rIWQYkDL5xHXMsLLpQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:c2:69:99:b6:f0:6a:5b:37:85:8e:9b:61:29:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Aug 23 05:02:45 2025 GMT
            Not After : Aug 24 05:02:45 2025 GMT
        Subject: CN=1bbf938146c65a7c2ba942b68557f2cac9380b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:52:63:87:37:e6:53:12:f8:a7:ec:9d:37:f5:
                    49:26:77:d5:bc:87:48:ba:b4:0a:e6:78:9d:25:37:
                    c3:a2:28:d4:50:9e:6c:84:27:52:74:86:c9:9b:46:
                    6a:cb:50:ee:37:c5:f4:f6:86:eb:c2:e0:3e:1c:f7:
                    d7:10:91:3d:11:99:37:aa:98:18:4c:b5:f9:db:2c:
                    f5:8b:ec:08:d5:4e:ea:16:3f:99:f0:43:c2:d8:f6:
                    c1:a4:8a:e8:f7:ae:d2:1b:f5:c8:2f:65:91:21:30:
                    f0:97:85:7e:8f:0f:22:1a:73:c2:fc:37:7f:f4:37:
                    3b:06:d3:2d:48:28:ec:78:e2:7a:24:5e:0b:b7:ba:
                    33:03:00:09:73:12:9f:18:14:f3:37:6f:66:5c:86:
                    8a:03:07:6a:b9:b9:26:e4:e7:97:6c:23:30:be:bf:
                    66:b7:8d:9b:19:3e:22:17:a1:36:da:d6:d2:fc:41:
                    47:3f:8d:6a:1a:bf:96:ec:ac:19:b3:01:14:13:74:
                    e1:e5:31:e7:80:f6:43:a3:b5:f5:99:cc:fb:19:67:
                    39:c5:8b:3a:80:81:ea:5d:5a:77:21:26:d0:0e:28:
                    0d:32:bc:26:4e:e1:24:aa:5f:b7:08:0b:cd:06:ae:
                    b2:8c:13:7f:19:ec:1f:bc:79:8d:3b:45:76:f1:8a:
                    ee:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:BF:93:81:46:C6:5A:7C:2B:A9:42:B6:85:57:F2:CA:C9:38:0B:49
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:cf:a1:35:2e:ee:c7:67:7f:cb:45:3b:6b:87:01:c9:36:72:
         65:9a:07:a4:7c:fa:06:5a:e0:58:92:8c:7d:99:68:6f:0c:07:
         ea:ae:4d:56:1f:7e:1d:aa:59:f8:69:78:b1:c1:5a:49:bf:e0:
         36:5f:38:e8:6b:58:70:f7:71:d9:26:e2:62:40:71:41:51:97:
         8d:8b:17:62:75:7c:18:5c:31:3e:82:6f:4f:c0:b0:55:5d:ed:
         8b:97:98:a0:09:7b:52:33:44:1f:fb:f3:fb:34:ee:89:24:ad:
         a4:06:29:7a:b1:72:df:03:08:7d:52:f0:c6:73:31:ac:65:bc:
         db:9d:0f:7c:86:20:cc:bc:3a:eb:c0:f4:bd:b0:a4:25:29:a7:
         13:82:48:16:4f:67:40:19:85:24:9f:88:74:bf:5d:1a:da:37:
         c6:a4:ba:b0:af:73:66:97:3f:c5:71:82:b7:ce:aa:2e:47:7b:
         a8:4a:33:6d:c3:e5:73:b9:bc:18:75:ba:71:69:81:6a:de:bb:
         b5:08:4b:59:62:30:ad:91:1a:67:e7:ed:36:10:03:b0:83:53:
         ec:99:a4:1a:d7:28:c3:92:8b:3f:00:76:b2:ba:80:9d:f4:01:
         c1:cb:c1:78:01:1c:74:ee:a1:41:ec:e1:06:d8:b2:a9:e0:e2:
         7f:ac:53:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTsJpmbbwals3hY6bYSmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUwODIzMDUwMjQ1WhcNMjUwODI0MDUwMjQ1WjAzMTEwLwYDVQQD
EygxYmJmOTM4MTQ2YzY1YTdjMmJhOTQyYjY4NTU3ZjJjYWM5MzgwYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVJjhzfmUxL4p+ydN/VJJnfVvIdI
urQK5nidJTfDoijUUJ5shCdSdIbJm0Zqy1DuN8X09obrwuA+HPfXEJE9EZk3qpgY
TLX52yz1i+wI1U7qFj+Z8EPC2PbBpIro967SG/XIL2WRITDwl4V+jw8iGnPC/Dd/
9Dc7BtMtSCjseOJ6JF4Lt7ozAwAJcxKfGBTzN29mXIaKAwdqubkm5OeXbCMwvr9m
t42bGT4iF6E22tbS/EFHP41qGr+W7KwZswEUE3Th5THngPZDo7X1mcz7GWc5xYs6
gIHqXVp3ISbQDigNMrwmTuEkql+3CAvNBq6yjBN/GewfvHmNO0V28YruqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBu/k4FGxlp8K6lCtoVX8srJOAtJMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8+hNS7u
x2d/y0U7a4cByTZyZZoHpHz6BlrgWJKMfZlobwwH6q5NVh9+HapZ+Gl4scFaSb/g
Nl846GtYcPdx2SbiYkBxQVGXjYsXYnV8GFwxPoJvT8CwVV3ti5eYoAl7UjNEH/vz
+zTuiSStpAYperFy3wMIfVLwxnMxrGW8250PfIYgzLw668D0vbCkJSmnE4JIFk9n
QBmFJJ+IdL9dGto3xqS6sK9zZpc/xXGCt86qLkd7qEozbcPlc7m8GHW6cWmBat67
tQhLWWIwrZEaZ+ftNhADsINT7JmkGtcow5KLPwB2srqAnfQBwcvBeAEcdO6hQezh
BtiyqeDif6xTVw==
-----END CERTIFICATE-----