Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
File:                     hqSVrmh0HnnVjjiGviqoeMSME7Y.mft (raw, json)
Hash identifier:          w/aTlDa/XrQVGj1E5ViNe6YS91+F8DDHRm1iCa59XoA=
Subject key identifier:   DF:74:01:8D:3B:29:0A:B3:FC:08:91:A1:17:98:08:A0:F9:4D:F5:22
Authority key identifier: 86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6
Certificate issuer:       /CN=86a495ae68741e79d58e3886be2aa878c48c13b6
Certificate serial:       0198D54E239BC9A0CD4521D230BD1339AEA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 05:02:04 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:04 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:04 +0000
Files and hashes:         1: hqSVrmh0HnnVjjiGviqoeMSME7Y.crl (hash: zZ8TK9mYeTrUpVrjEy/y1BM61xNgk3mJ4J62k4CdPNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:23:9b:c9:a0:cd:45:21:d2:30:bd:13:39:ae:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a495ae68741e79d58e3886be2aa878c48c13b6
        Validity
            Not Before: Aug 23 05:02:04 2025 GMT
            Not After : Aug 24 05:02:04 2025 GMT
        Subject: CN=df74018d3b290ab3fc0891a1179808a0f94df522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1e:61:65:8b:ae:eb:0d:a6:cb:10:8c:c6:aa:
                    cc:b5:2c:08:62:fc:8c:e3:ca:ed:2f:91:14:9f:98:
                    42:e3:c3:20:db:b6:65:03:29:e7:84:ad:3f:81:35:
                    2b:77:b9:72:b3:97:e4:46:b8:db:86:10:7f:d0:ec:
                    ab:ff:1b:00:3d:90:07:da:2d:06:d1:16:88:c9:40:
                    3b:51:6d:24:08:52:0c:fc:f4:06:fb:09:d4:98:42:
                    af:4c:9b:5d:fa:2a:d0:ff:ae:a7:74:d0:2f:7a:6d:
                    43:8e:b5:ff:19:18:c2:fe:1d:a6:ed:8a:a4:1b:ec:
                    cb:a7:08:17:59:e6:39:2f:39:65:a3:69:91:c6:15:
                    b1:0a:e5:02:db:c4:65:aa:9b:f6:2e:b7:c6:56:9e:
                    df:5b:f3:fd:10:6b:fa:5f:31:0c:2a:80:45:3a:ce:
                    95:a9:6a:4b:f6:65:45:a5:c7:35:8f:6f:17:9c:d9:
                    91:fe:34:42:7d:b3:dd:35:a4:4a:31:e1:c9:77:5c:
                    93:5e:c0:a2:a7:ce:fa:e7:0f:fd:fe:d6:7e:a2:91:
                    b5:39:96:b7:e3:ad:86:34:38:89:df:1f:13:c1:fc:
                    4d:86:f3:34:5b:94:06:1c:fc:16:a6:35:39:1d:85:
                    7f:9d:56:fc:c0:45:a6:bf:ef:91:6b:9a:b8:33:7c:
                    ab:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:74:01:8D:3B:29:0A:B3:FC:08:91:A1:17:98:08:A0:F9:4D:F5:22
            X509v3 Authority Key Identifier:
                keyid:86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:69:a2:0e:98:e7:96:fe:6b:80:da:f2:79:fb:77:1a:5d:1e:
         3a:56:89:e5:fd:19:4a:63:9b:a8:48:b7:f1:41:c5:05:46:15:
         c3:1c:8c:41:bf:8e:a7:02:89:69:f4:93:63:90:65:57:5e:9a:
         fb:30:1c:f3:c9:94:39:fa:d6:40:6e:6a:76:32:36:b8:a8:92:
         a5:34:32:b0:72:57:98:e7:6b:e9:8b:4c:0a:9b:02:63:c7:35:
         7a:64:33:2e:ef:89:60:e4:45:73:b1:37:ce:68:23:09:47:f8:
         96:0d:39:49:71:5b:a5:45:b9:3c:d0:2b:21:81:e6:8e:10:b9:
         92:02:46:92:8e:b7:fc:97:bc:1f:e4:0e:ff:ee:e9:a6:60:a1:
         6c:c7:2d:55:3c:57:a4:30:cf:7d:20:0c:14:ec:fd:6d:c9:ea:
         db:f2:5b:87:6b:64:a1:32:18:65:ba:b0:d3:54:4e:93:cc:0b:
         0e:d5:f3:5f:60:b0:5a:16:41:ca:c9:12:13:50:64:30:f6:71:
         06:4f:76:39:eb:08:3c:e7:ae:f9:69:52:88:42:3c:05:37:27:
         36:9a:ff:1e:de:3a:73:5d:d0:67:8b:b1:aa:4d:47:5e:96:84:
         07:cd:0a:3d:8e:f6:b7:57:f2:59:38:ca:c5:be:b5:d1:49:d8:
         ec:f9:1a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTiObyaDNRSHSML0TOa6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTQ5NWFlNjg3NDFlNzlkNThlMzg4NmJlMmFhODc4YzQ4
YzEzYjYwHhcNMjUwODIzMDUwMjA0WhcNMjUwODI0MDUwMjA0WjAzMTEwLwYDVQQD
EyhkZjc0MDE4ZDNiMjkwYWIzZmMwODkxYTExNzk4MDhhMGY5NGRmNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh5hZYuu6w2myxCMxqrMtSwIYvyM
48rtL5EUn5hC48Mg27ZlAynnhK0/gTUrd7lys5fkRrjbhhB/0Oyr/xsAPZAH2i0G
0RaIyUA7UW0kCFIM/PQG+wnUmEKvTJtd+irQ/66ndNAvem1DjrX/GRjC/h2m7Yqk
G+zLpwgXWeY5Lzllo2mRxhWxCuUC28Rlqpv2LrfGVp7fW/P9EGv6XzEMKoBFOs6V
qWpL9mVFpcc1j28XnNmR/jRCfbPdNaRKMeHJd1yTXsCip8765w/9/tZ+opG1OZa3
462GNDiJ3x8TwfxNhvM0W5QGHPwWpjU5HYV/nVb8wEWmv++Ra5q4M3yrQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN90AY07KQqz/AiRoReYCKD5TfUiMB8GA1UdIwQY
MBaAFIakla5odB551Y44hr4qqHjEjBO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEt
NDkxOGIwMjc0MmM3LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEtNDkxOGIwMjc0MmM3
LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemmiDpjn
lv5rgNryeft3Gl0eOlaJ5f0ZSmObqEi38UHFBUYVwxyMQb+OpwKJafSTY5BlV16a
+zAc88mUOfrWQG5qdjI2uKiSpTQysHJXmOdr6YtMCpsCY8c1emQzLu+JYORFc7E3
zmgjCUf4lg05SXFbpUW5PNArIYHmjhC5kgJGko63/Je8H+QO/+7ppmChbMctVTxX
pDDPfSAMFOz9bcnq2/Jbh2tkoTIYZbqw01ROk8wLDtXzX2CwWhZByskSE1BkMPZx
Bk92OesIPOeu+WlSiEI8BTcnNpr/Ht46c13QZ4uxqk1HXpaEB80KPY72t1fyWTjK
xb610UnY7Pka1g==
-----END CERTIFICATE-----