Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          XaMHAxcKAeWV6FGvACu2xZi2FoDwGfWo02usWFWWrEY=
Subject key identifier:   9B:87:E2:80:0F:B0:B5:88:B6:5A:70:40:C9:E9:26:53:A7:11:A4:1D
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       0197B96ABE757EAB4BF201959BFA8E0D3DEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          02BA
Signing time:             Sun 29 Jun 2025 02:01:09 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:09 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:09 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: uGA+ky5PSM+skGsXVgHsWiWx8HbVJlhGb4iswQFfmjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:be:75:7e:ab:4b:f2:01:95:9b:fa:8e:0d:3d:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Jun 29 02:01:09 2025 GMT
            Not After : Jun 30 02:01:09 2025 GMT
        Subject: CN=9b87e2800fb0b588b65a7040c9e92653a711a41d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ee:bb:98:29:43:07:d7:b1:9c:60:79:b0:9b:
                    c1:8d:08:3c:de:f2:77:ac:cc:58:0e:a8:a7:78:8c:
                    55:d8:3e:90:41:33:c4:93:3d:b9:1b:d7:9c:46:d4:
                    08:5a:5c:5e:33:73:4d:4e:df:40:26:73:79:2f:e3:
                    d4:dc:a7:51:ff:89:09:59:73:56:7d:c0:b3:c1:9c:
                    32:cf:38:5d:df:ad:9a:29:c2:3b:63:6b:2a:0c:46:
                    c5:23:39:3b:5d:36:bf:e0:9e:fb:fd:1a:71:47:03:
                    20:d3:46:c6:d3:d9:bc:99:c5:9a:5f:67:1f:48:df:
                    86:3c:16:62:ea:f0:63:6d:0c:0a:67:94:22:18:7b:
                    96:00:bd:a1:01:2d:6d:1a:76:06:68:cc:b7:35:a4:
                    d8:7a:8d:ad:38:30:9d:44:1b:8f:82:26:48:93:e9:
                    7e:43:39:da:35:80:13:8f:38:60:57:cd:14:69:3e:
                    4c:63:92:95:13:70:69:41:fa:5e:e0:a2:2a:cf:9a:
                    e4:be:bb:f9:12:de:cc:b6:2f:76:2a:2a:18:51:d7:
                    5a:de:70:53:a5:5c:a4:84:d4:2a:bf:07:c4:1e:c9:
                    04:bc:e3:3b:08:87:b8:e8:f9:0a:56:7e:06:d1:b7:
                    45:cd:1a:cd:84:89:a1:7e:82:5a:1c:b8:b9:48:ac:
                    d3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:87:E2:80:0F:B0:B5:88:B6:5A:70:40:C9:E9:26:53:A7:11:A4:1D
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:59:4c:e7:4e:5a:6b:6a:46:21:3a:62:01:1e:b3:8e:f5:d4:
         a0:fc:ba:85:21:cf:54:f6:fc:79:f6:63:7b:66:4b:0d:c2:cf:
         23:c8:e2:c3:bb:53:80:86:af:9d:11:d2:66:e6:54:82:3c:c2:
         87:14:e8:d4:b5:90:33:1e:2b:c2:6f:db:e7:31:93:10:3d:f0:
         32:ab:e6:97:1f:67:c4:5e:06:f7:de:ba:49:36:01:90:b3:04:
         e9:67:8c:65:21:58:a5:45:7d:97:c3:79:84:50:94:7a:c5:86:
         d2:b0:62:cb:08:29:37:b8:fa:95:0c:fc:cc:02:36:ca:d9:ec:
         35:e7:05:4d:1e:21:ea:e0:7b:79:aa:0c:c7:cc:63:7c:f4:ba:
         b5:b0:da:ce:73:5b:e2:92:82:85:42:98:a9:f8:f1:2b:e0:12:
         98:05:f5:db:d6:7c:dd:45:65:49:e4:18:1c:ca:3f:9d:2e:88:
         12:c4:43:f7:e1:e7:fa:fb:d7:14:4c:35:14:21:12:a0:24:45:
         06:b4:5c:8a:1b:e6:c3:b9:7a:ef:98:6c:fa:75:c0:46:e0:b8:
         bf:e0:e5:d9:46:63:c8:0e:1b:d8:66:10:28:63:bf:2f:d3:fa:
         1d:6d:09:8e:4e:7f:82:91:38:82:a7:cb:45:25:8c:32:cd:8f:
         67:32:20:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5ar51fqtL8gGVm/qODT3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUwNjI5MDIwMTA5WhcNMjUwNjMwMDIwMTA5WjAzMTEwLwYDVQQD
Eyg5Yjg3ZTI4MDBmYjBiNTg4YjY1YTcwNDBjOWU5MjY1M2E3MTFhNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve67mClDB9exnGB5sJvBjQg83vJ3
rMxYDqineIxV2D6QQTPEkz25G9ecRtQIWlxeM3NNTt9AJnN5L+PU3KdR/4kJWXNW
fcCzwZwyzzhd362aKcI7Y2sqDEbFIzk7XTa/4J77/RpxRwMg00bG09m8mcWaX2cf
SN+GPBZi6vBjbQwKZ5QiGHuWAL2hAS1tGnYGaMy3NaTYeo2tODCdRBuPgiZIk+l+
QznaNYATjzhgV80UaT5MY5KVE3BpQfpe4KIqz5rkvrv5Et7Mti92KioYUdda3nBT
pVykhNQqvwfEHskEvOM7CIe46PkKVn4G0bdFzRrNhImhfoJaHLi5SKzT2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuH4oAPsLWItlpwQMnpJlOnEaQdMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFlM505a
a2pGITpiAR6zjvXUoPy6hSHPVPb8efZje2ZLDcLPI8jiw7tTgIavnRHSZuZUgjzC
hxTo1LWQMx4rwm/b5zGTED3wMqvmlx9nxF4G9966STYBkLME6WeMZSFYpUV9l8N5
hFCUesWG0rBiywgpN7j6lQz8zAI2ytnsNecFTR4h6uB7eaoMx8xjfPS6tbDaznNb
4pKChUKYqfjxK+ASmAX129Z83UVlSeQYHMo/nS6IEsRD9+Hn+vvXFEw1FCESoCRF
BrRcihvmw7l675hs+nXARuC4v+Dl2UZjyA4b2GYQKGO/L9P6HW0Jjk5/gpE4gqfL
RSWMMs2PZzIgCQ==
-----END CERTIFICATE-----