Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          ayklE4xyr24mg5Uw4d8JPiXVmRT38R2LxFI7Wve0xdg=
Subject key identifier:   3E:A4:AA:78:95:FB:96:8B:1F:97:79:AF:7D:25:9D:3C:DC:E0:54:15
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       0198D4A7A4CA9A34A2DFB10078C4D0DCDF9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          04B2
Signing time:             Sat 23 Aug 2025 02:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:13 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: +uWXO1WrOCKcbAHOmiefEUcZuZejXK5375aburRqW5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:a4:ca:9a:34:a2:df:b1:00:78:c4:d0:dc:df:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Aug 23 02:00:13 2025 GMT
            Not After : Aug 24 02:00:13 2025 GMT
        Subject: CN=3ea4aa7895fb968b1f9779af7d259d3cdce05415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:97:dc:e6:9d:75:a2:67:b9:fa:69:b7:90:99:
                    0b:f2:15:01:ae:2a:a2:e4:cf:0b:05:6e:be:ce:9f:
                    2a:42:60:11:a8:61:60:27:4c:c5:f2:2b:d4:5a:c2:
                    fd:91:c3:87:75:5c:54:dd:f6:aa:b7:75:a2:43:fd:
                    7d:db:bc:5d:dc:e3:58:d2:75:aa:c3:4b:d0:32:de:
                    cc:1e:c0:0a:e1:22:3c:e2:da:25:c7:ac:cf:95:e0:
                    fd:05:b3:f2:13:8e:a5:b8:ec:8a:7d:22:24:ad:04:
                    5a:6c:52:99:10:e7:cc:c0:19:ca:8f:51:fc:b0:b3:
                    c6:7c:7d:ac:a1:c6:d9:83:3f:2f:7d:5f:93:72:25:
                    1b:c2:43:cb:de:db:67:50:41:3e:1c:3d:6e:b4:47:
                    13:b0:63:a6:4d:7d:32:2e:7e:e8:4a:2e:5d:ed:c1:
                    d7:a2:4b:9d:e5:84:66:e8:fb:eb:de:db:05:b2:b0:
                    11:a0:8b:63:1f:c3:d9:2f:e7:97:8f:aa:27:70:28:
                    0d:4d:26:58:49:d4:34:63:54:9b:ec:04:4c:18:9d:
                    85:47:d3:40:bc:c8:2e:4f:83:cf:f1:cd:9b:4c:99:
                    d5:99:dc:33:3d:6c:61:a4:07:79:93:c4:db:a9:8b:
                    19:33:2f:21:35:12:e8:fe:b6:04:8c:66:c1:d6:de:
                    a5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:A4:AA:78:95:FB:96:8B:1F:97:79:AF:7D:25:9D:3C:DC:E0:54:15
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d5:33:e0:9e:4c:5f:89:00:c6:86:ab:83:25:2c:98:ab:6f:
         ba:76:f2:ff:7c:d0:df:21:d9:5f:89:d1:df:f9:ea:4c:de:87:
         13:58:a8:61:f7:60:80:c1:05:b4:7c:90:89:48:66:c8:75:8d:
         61:71:82:ec:06:e4:72:f2:96:00:49:48:9c:f5:10:b4:f8:a4:
         d0:81:ce:ba:6e:90:df:7b:be:5e:bb:7d:d9:0f:03:f3:d0:90:
         f6:79:c6:f3:e9:dd:62:2f:61:f9:9c:cd:25:1a:31:bb:b2:15:
         89:2d:48:b4:e6:f1:fc:ca:f4:0b:dc:0d:4c:eb:c3:21:32:8a:
         6f:83:8d:54:82:e8:cd:70:95:11:a7:2b:a6:f6:cd:b1:cb:a2:
         2f:e1:44:4a:40:0a:39:6e:7d:9a:12:21:0d:60:7e:9e:2e:ed:
         7d:f8:1a:a6:67:70:a0:75:67:5b:53:21:31:76:8d:92:78:19:
         05:e4:42:5f:bc:8f:c8:45:3e:2b:bc:58:fa:d7:c3:50:8c:c3:
         78:87:96:4f:d6:bd:25:37:26:09:b9:bd:0a:65:73:70:7d:0a:
         8b:6c:e3:29:e9:1a:30:87:19:6d:1e:35:23:e4:59:42:e6:1f:
         2d:17:8f:18:4b:db:48:34:b4:80:05:cb:73:67:76:05:71:72:
         32:8a:90:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp6TKmjSi37EAeMTQ3N+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUwODIzMDIwMDEzWhcNMjUwODI0MDIwMDEzWjAzMTEwLwYDVQQD
EygzZWE0YWE3ODk1ZmI5NjhiMWY5Nzc5YWY3ZDI1OWQzY2RjZTA1NDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Zfc5p11ome5+mm3kJkL8hUBriqi
5M8LBW6+zp8qQmARqGFgJ0zF8ivUWsL9kcOHdVxU3faqt3WiQ/1927xd3ONY0nWq
w0vQMt7MHsAK4SI84tolx6zPleD9BbPyE46luOyKfSIkrQRabFKZEOfMwBnKj1H8
sLPGfH2socbZgz8vfV+TciUbwkPL3ttnUEE+HD1utEcTsGOmTX0yLn7oSi5d7cHX
okud5YRm6Pvr3tsFsrARoItjH8PZL+eXj6oncCgNTSZYSdQ0Y1Sb7ARMGJ2FR9NA
vMguT4PP8c2bTJnVmdwzPWxhpAd5k8TbqYsZMy8hNRLo/rYEjGbB1t6lowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6kqniV+5aLH5d5r30lnTzc4FQVMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9Uz4J5M
X4kAxoargyUsmKtvunby/3zQ3yHZX4nR3/nqTN6HE1ioYfdggMEFtHyQiUhmyHWN
YXGC7AbkcvKWAElInPUQtPik0IHOum6Q33u+Xrt92Q8D89CQ9nnG8+ndYi9h+ZzN
JRoxu7IViS1ItObx/Mr0C9wNTOvDITKKb4ONVILozXCVEacrpvbNscuiL+FESkAK
OW59mhIhDWB+ni7tffgapmdwoHVnW1MhMXaNkngZBeRCX7yPyEU+K7xY+tfDUIzD
eIeWT9a9JTcmCbm9CmVzcH0Ki2zjKekaMIcZbR41I+RZQuYfLRePGEvbSDS0gAXL
c2d2BXFyMoqQnQ==
-----END CERTIFICATE-----