Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          v1cE1J9kTJuSaLEYRkROaoYF2QBNRedhnVbFfx8ohHo=
Subject key identifier:   1E:36:54:08:FE:ED:FA:ED:A8:E1:C9:A2:E7:88:BA:33:91:A0:CB:E7
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       0198D884C151AD40E8BE53011B77193ACC36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          0255
Signing time:             Sat 23 Aug 2025 20:00:35 +0000
Manifest this update:     Sat 23 Aug 2025 20:00:35 +0000
Manifest next update:     Sun 24 Aug 2025 20:00:35 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: N6XtEAPSwI2/lQnLuILhchJ3HzdFiTVtop4RqZjp6VU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:84:c1:51:ad:40:e8:be:53:01:1b:77:19:3a:cc:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: Aug 23 20:00:35 2025 GMT
            Not After : Aug 24 20:00:35 2025 GMT
        Subject: CN=1e365408feedfaeda8e1c9a2e788ba3391a0cbe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:32:74:42:fd:a8:a9:0c:b5:90:98:7f:3d:de:
                    36:f6:33:7e:56:1f:28:3d:1d:1c:83:b3:d0:a7:12:
                    b7:49:36:6f:dc:fe:bf:9f:2b:4c:d5:2c:cb:24:a1:
                    56:af:1c:b0:47:0e:5a:ff:ab:25:bc:ac:ec:70:ff:
                    d4:16:e6:dd:69:8a:ae:ec:2e:4b:2b:98:49:d0:ec:
                    40:69:52:ff:16:f0:bb:c5:d3:52:74:ad:c1:8c:00:
                    be:e3:85:9c:d9:4a:b3:1e:9c:07:ee:04:da:32:7a:
                    ff:2c:46:67:22:57:77:18:3e:f8:9b:1f:45:f1:fa:
                    ad:42:e0:60:68:35:b7:86:51:bd:bb:ec:3a:cb:f2:
                    ea:24:d0:48:f8:5b:2e:b8:70:36:f3:b6:31:e4:5f:
                    d3:77:93:b2:42:4e:e1:7d:16:5b:e5:4e:f6:fd:39:
                    b5:1c:97:92:57:a6:a6:bf:4d:7a:a7:79:2d:8b:1f:
                    39:af:4c:52:41:ec:6d:34:af:5c:07:eb:61:90:d4:
                    bd:ed:8b:3c:d9:e3:a8:ed:9f:1a:6b:ea:0a:38:1a:
                    09:40:6e:61:6d:33:3f:d4:6e:aa:5b:68:68:c6:98:
                    40:40:dc:e2:dc:9f:43:5f:e3:2f:1f:3f:62:48:ec:
                    2a:0f:18:61:87:55:30:93:2b:bb:98:47:f3:9c:f1:
                    a0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:36:54:08:FE:ED:FA:ED:A8:E1:C9:A2:E7:88:BA:33:91:A0:CB:E7
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:e2:19:aa:56:b2:5d:f0:04:31:97:70:a1:c9:e3:ad:dc:c9:
         4b:e9:c5:30:ca:89:8d:b8:f6:fc:f1:65:03:9f:a5:00:b1:5d:
         1c:6a:37:28:a9:13:1a:b5:ef:7d:dd:3d:6d:15:cc:0b:db:55:
         b7:67:39:31:79:14:00:93:d0:c1:fa:c6:00:d1:fa:0c:e4:76:
         48:5a:c6:93:62:6b:90:58:b2:51:aa:78:11:fe:fc:42:48:36:
         82:98:63:98:c1:1e:2f:cb:b7:cd:7d:07:63:cf:4e:90:fc:93:
         5f:3e:bd:76:d8:a1:6c:bf:69:b8:b5:a8:a5:2d:e0:0e:f2:b3:
         05:85:e2:89:23:76:03:2b:36:0e:3e:c2:fe:1f:7c:76:b9:8b:
         d1:d4:a3:46:67:17:7f:18:b2:f2:2f:40:2f:e0:4e:e5:a4:f9:
         61:4c:29:28:ae:51:42:1c:eb:ef:d1:dd:0c:e1:be:ff:9a:35:
         fe:b0:de:db:8e:ed:d0:6d:32:98:3f:00:98:b1:d3:92:6f:b3:
         7d:e8:2a:55:4e:b5:56:e3:02:50:6d:8c:c5:cf:51:10:9a:94:
         48:9f:92:fd:e4:11:29:8a:9a:2f:88:5a:d5:f5:60:d6:bc:5f:
         7a:92:7e:fc:13:f3:b2:a2:cd:a0:76:01:14:4c:97:e6:21:23:
         78:b1:67:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYhMFRrUDovlMBG3cZOsw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjUwODIzMjAwMDM1WhcNMjUwODI0MjAwMDM1WjAzMTEwLwYDVQQD
EygxZTM2NTQwOGZlZWRmYWVkYThlMWM5YTJlNzg4YmEzMzkxYTBjYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDJ0Qv2oqQy1kJh/Pd429jN+Vh8o
PR0cg7PQpxK3STZv3P6/nytM1SzLJKFWrxywRw5a/6slvKzscP/UFubdaYqu7C5L
K5hJ0OxAaVL/FvC7xdNSdK3BjAC+44Wc2UqzHpwH7gTaMnr/LEZnIld3GD74mx9F
8fqtQuBgaDW3hlG9u+w6y/LqJNBI+FsuuHA287Yx5F/Td5OyQk7hfRZb5U72/Tm1
HJeSV6amv016p3ktix85r0xSQextNK9cB+thkNS97Ys82eOo7Z8aa+oKOBoJQG5h
bTM/1G6qW2hoxphAQNzi3J9DX+MvHz9iSOwqDxhhh1Uwkyu7mEfznPGg3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB42VAj+7frtqOHJoueIujORoMvnMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWeIZqlay
XfAEMZdwocnjrdzJS+nFMMqJjbj2/PFlA5+lALFdHGo3KKkTGrXvfd09bRXMC9tV
t2c5MXkUAJPQwfrGANH6DOR2SFrGk2JrkFiyUap4Ef78Qkg2gphjmMEeL8u3zX0H
Y89OkPyTXz69dtihbL9puLWopS3gDvKzBYXiiSN2Ays2Dj7C/h98drmL0dSjRmcX
fxiy8i9AL+BO5aT5YUwpKK5RQhzr79HdDOG+/5o1/rDe247t0G0ymD8AmLHTkm+z
fegqVU61VuMCUG2Mxc9REJqUSJ+S/eQRKYqaL4ha1fVg1rxfepJ+/BPzsqLNoHYB
FEyX5iEjeLFn9A==
-----END CERTIFICATE-----