Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.mft
File:                     pq1ecAE_TfhFX6Bsk-YAEsKZc9U.mft (raw, json)
Hash identifier:          0zUMrfzImTIVVUHU/Tuz//NK0PX9s1VOpwYwPJRg3+k=
Subject key identifier:   50:C1:84:C4:D3:4F:ED:05:76:93:93:15:49:8A:39:C6:0A:1A:40:30
Authority key identifier: A6:AD:5E:70:01:3F:4D:F8:45:5F:A0:6C:93:E6:00:12:C2:99:73:D5
Certificate issuer:       /CN=a6ad5e70013f4df8455fa06c93e60012c29973d5
Certificate serial:       0198D65F54A78D52FD183D42BF338167F181
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:00:28 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:28 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:28 +0000
Files and hashes:         1: pq1ecAE_TfhFX6Bsk-YAEsKZc9U.crl (hash: thOCJtAeMx378RKsk7gAQOIzm1JQr2sX+wG/MBzM9nE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:54:a7:8d:52:fd:18:3d:42:bf:33:81:67:f1:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6ad5e70013f4df8455fa06c93e60012c29973d5
        Validity
            Not Before: Aug 23 10:00:28 2025 GMT
            Not After : Aug 24 10:00:28 2025 GMT
        Subject: CN=50c184c4d34fed0576939315498a39c60a1a4030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a3:ed:78:75:67:c5:37:67:94:0d:b0:d0:97:
                    e3:b8:f6:77:25:af:93:bd:ac:68:84:a1:7a:f7:02:
                    62:f5:b2:55:ac:d8:c2:84:59:b8:d7:00:ae:73:a2:
                    13:db:df:47:20:41:ad:86:28:bf:fa:3b:79:95:7f:
                    9b:11:dd:4d:1b:fb:6a:bd:d8:00:15:5a:dc:a2:f5:
                    e7:7d:d5:79:0b:91:12:97:da:e0:82:e0:80:41:3c:
                    0f:d5:85:da:d2:90:c1:0f:5e:8f:ea:35:a5:b9:d8:
                    61:6b:a3:b2:e1:b3:40:29:19:60:51:2b:fb:ae:3f:
                    be:78:04:da:2b:60:5c:0f:d1:d9:e7:97:cc:e4:e2:
                    1f:76:07:35:36:8a:e5:71:62:4c:2c:90:b1:df:6f:
                    c9:52:04:27:d4:e5:60:35:cc:11:b8:47:91:a9:fa:
                    f5:6e:41:8a:62:b2:16:7d:e7:95:25:15:d5:b4:82:
                    dc:61:32:85:ac:17:82:4c:47:5d:61:d3:f9:a8:b3:
                    65:41:f0:94:96:05:c8:a5:f6:7f:c2:de:27:a2:fa:
                    1c:4a:b4:6c:a2:89:0c:90:94:9f:a6:16:b2:d9:fe:
                    ea:ff:97:c2:50:72:93:f3:16:34:24:5e:19:64:96:
                    ed:77:31:ea:74:c8:cc:54:d9:81:6c:01:34:09:21:
                    36:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:C1:84:C4:D3:4F:ED:05:76:93:93:15:49:8A:39:C6:0A:1A:40:30
            X509v3 Authority Key Identifier:
                keyid:A6:AD:5E:70:01:3F:4D:F8:45:5F:A0:6C:93:E6:00:12:C2:99:73:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/546b9b-df0f-4970-a68e-36870337077e/1/pq1ecAE_TfhFX6Bsk-YAEsKZc9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:53:58:99:09:23:71:32:c0:05:d3:7e:c7:69:63:c8:c2:85:
         7d:94:32:e6:d9:4a:96:25:73:62:e0:db:63:8e:d3:b9:67:2e:
         a7:79:1b:0d:a4:8c:91:e3:c2:cb:73:ff:87:c8:aa:81:2d:33:
         bf:4f:7c:2a:95:fd:26:93:a1:5b:f4:69:19:ec:61:d9:ef:ea:
         e7:d8:61:ef:cb:9b:98:64:55:f0:ab:b0:10:3b:b6:8c:48:11:
         19:01:3e:f9:ab:c5:ad:4f:94:08:a2:9f:9f:74:0e:52:de:5a:
         92:dc:c0:33:38:7c:90:a1:4c:30:70:06:ab:be:1d:c9:e4:96:
         dc:05:93:ea:cf:3a:25:fc:21:bd:c9:a3:00:8a:44:3d:7c:fa:
         df:35:76:21:20:7d:dc:a9:f5:89:f1:fc:dd:0d:ff:f0:78:fc:
         68:ea:af:56:fc:97:53:15:38:df:b2:c2:ed:c7:c8:2e:3b:ca:
         71:15:27:8b:23:4f:dc:40:ed:c5:00:b0:c4:b5:d1:9d:48:38:
         5e:b2:c3:06:d5:64:f4:b8:75:60:d6:a7:73:85:75:6a:e9:db:
         4b:22:a2:93:0f:46:bd:a7:19:e1:10:d0:c6:b6:c9:9a:01:43:
         92:6c:17:fe:8b:22:70:b8:07:a7:4d:24:79:64:9b:86:c4:9b:
         8d:34:0c:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX1SnjVL9GD1CvzOBZ/GBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YWQ1ZTcwMDEzZjRkZjg0NTVmYTA2YzkzZTYwMDEyYzI5
OTczZDUwHhcNMjUwODIzMTAwMDI4WhcNMjUwODI0MTAwMDI4WjAzMTEwLwYDVQQD
Eyg1MGMxODRjNGQzNGZlZDA1NzY5MzkzMTU0OThhMzljNjBhMWE0MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6PteHVnxTdnlA2w0JfjuPZ3Ja+T
vaxohKF69wJi9bJVrNjChFm41wCuc6IT299HIEGthii/+jt5lX+bEd1NG/tqvdgA
FVrcovXnfdV5C5ESl9rgguCAQTwP1YXa0pDBD16P6jWludhha6Oy4bNAKRlgUSv7
rj++eATaK2BcD9HZ55fM5OIfdgc1NorlcWJMLJCx32/JUgQn1OVgNcwRuEeRqfr1
bkGKYrIWfeeVJRXVtILcYTKFrBeCTEddYdP5qLNlQfCUlgXIpfZ/wt4novocSrRs
ookMkJSfphay2f7q/5fCUHKT8xY0JF4ZZJbtdzHqdMjMVNmBbAE0CSE2EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDBhMTTT+0FdpOTFUmKOcYKGkAwMB8GA1UdIwQY
MBaAFKatXnABP034RV+gbJPmABLCmXPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHExZWNBRV9UZmhGWDZCc2stWUFFc0taYzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81NDZiOWItZGYwZi00OTcwLWE2OGUt
MzY4NzAzMzcwNzdlLzEvcHExZWNBRV9UZmhGWDZCc2stWUFFc0taYzlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81NDZiOWItZGYwZi00OTcwLWE2OGUtMzY4NzAzMzcwNzdl
LzEvcHExZWNBRV9UZmhGWDZCc2stWUFFc0taYzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK1NYmQkj
cTLABdN+x2ljyMKFfZQy5tlKliVzYuDbY47TuWcup3kbDaSMkePCy3P/h8iqgS0z
v098KpX9JpOhW/RpGexh2e/q59hh78ubmGRV8KuwEDu2jEgRGQE++avFrU+UCKKf
n3QOUt5aktzAMzh8kKFMMHAGq74dyeSW3AWT6s86JfwhvcmjAIpEPXz63zV2ISB9
3Kn1ifH83Q3/8Hj8aOqvVvyXUxU437LC7cfILjvKcRUniyNP3EDtxQCwxLXRnUg4
XrLDBtVk9Lh1YNanc4V1aunbSyKikw9GvacZ4RDQxrbJmgFDkmwX/osicLgHp00k
eWSbhsSbjTQMUA==
-----END CERTIFICATE-----