Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          5xH7k1X3QK1dRSb6M7+YZTnVAqWDJu01On41/R7Dfok=
Subject key identifier:   0B:16:CC:6E:5C:75:06:03:B2:75:BD:5A:BE:78:8D:54:72:CE:71:CF
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       0197B77C2933422DA1B3D5DB77E5BBED410F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 17:00:56 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:56 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:56 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: VCspQWgeRLrTmYC9gh9vmaSAbXnmuLN9KrBUFilUYOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:29:33:42:2d:a1:b3:d5:db:77:e5:bb:ed:41:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Jun 28 17:00:56 2025 GMT
            Not After : Jun 29 17:00:56 2025 GMT
        Subject: CN=0b16cc6e5c750603b275bd5abe788d5472ce71cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f5:00:79:af:dc:b3:08:76:f9:55:db:bb:49:
                    0e:7d:c8:54:47:9d:c2:c5:3d:f7:75:f4:7d:90:97:
                    fe:db:4c:30:59:59:b6:21:c0:30:7d:f2:67:c9:78:
                    5c:85:72:18:99:20:12:d3:db:c3:8e:55:19:f9:7e:
                    e7:2f:5f:85:9a:a0:a9:97:3d:3d:07:74:4d:4a:6f:
                    bc:7f:e8:de:04:7b:1a:b0:64:2d:20:8a:a3:dd:b9:
                    9d:e5:69:57:b7:7e:b3:2e:2e:1b:5f:e7:c0:c0:18:
                    d9:17:d2:ad:49:c3:d7:45:fa:38:cb:c9:e1:16:43:
                    2b:e4:5f:09:f7:62:c2:93:c4:3b:9f:8b:be:c1:45:
                    54:11:76:4c:c6:b3:29:05:fc:c5:8e:22:b7:cc:91:
                    6b:aa:33:24:30:47:fd:3f:2b:23:aa:86:26:c7:9a:
                    fe:5a:22:3c:06:c8:08:d0:52:a4:70:6e:48:94:91:
                    2f:2b:43:e0:36:14:42:d9:c4:13:19:71:28:5f:15:
                    fb:b5:47:aa:b7:46:f2:ba:03:f1:51:58:8a:ab:a7:
                    3e:ae:b9:09:af:39:5e:34:1f:49:b4:11:f6:89:07:
                    86:47:2a:96:c0:46:33:28:08:13:f7:56:f3:f9:3e:
                    3c:88:d2:ec:7f:bf:59:75:e6:e8:86:fb:b3:fa:f9:
                    e5:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:16:CC:6E:5C:75:06:03:B2:75:BD:5A:BE:78:8D:54:72:CE:71:CF
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:32:57:b0:66:cd:22:51:a0:1e:77:6a:ac:ae:92:eb:e6:d9:
         38:11:c6:b2:79:b2:78:e4:5f:36:01:93:f1:57:15:55:29:41:
         cd:89:f4:ef:6d:b8:5b:c5:e9:cb:b3:6b:43:4f:2e:5c:95:44:
         c5:da:61:54:d1:9e:57:99:ef:d7:a2:5e:01:63:8c:8a:57:4a:
         c8:41:64:0e:b7:4a:0c:b7:c8:51:dd:d9:1f:50:c4:a2:46:c0:
         39:02:ee:ca:05:86:56:d4:cd:0c:d6:81:6c:3b:2e:80:e5:fb:
         cc:97:d1:d3:78:88:63:70:33:4b:a0:5f:9c:12:46:32:24:b3:
         2a:22:3b:c5:a0:7c:f1:34:dd:41:55:aa:0c:86:f7:df:4a:b5:
         e9:75:a7:95:6d:c8:11:50:58:5a:82:14:74:9e:02:78:0d:bb:
         bd:05:5b:96:19:9e:2e:23:ee:92:3a:40:95:4e:2a:0f:84:44:
         8f:ea:29:c2:01:8d:1e:aa:fc:5a:89:77:1d:30:e1:2f:7f:ea:
         7e:8a:fc:1c:35:1a:9c:77:5f:68:5e:bc:2f:b5:dd:cc:f0:90:
         ae:e8:be:50:a4:ac:34:09:0b:70:5c:6c:90:e7:6d:69:2a:50:
         0a:79:d0:36:60:cd:3a:fb:88:2a:18:f8:48:56:f9:67:a9:42:
         1c:de:f3:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fCkzQi2hs9Xbd+W77UEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjUwNjI4MTcwMDU2WhcNMjUwNjI5MTcwMDU2WjAzMTEwLwYDVQQD
EygwYjE2Y2M2ZTVjNzUwNjAzYjI3NWJkNWFiZTc4OGQ1NDcyY2U3MWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvUAea/cswh2+VXbu0kOfchUR53C
xT33dfR9kJf+20wwWVm2IcAwffJnyXhchXIYmSAS09vDjlUZ+X7nL1+FmqCplz09
B3RNSm+8f+jeBHsasGQtIIqj3bmd5WlXt36zLi4bX+fAwBjZF9KtScPXRfo4y8nh
FkMr5F8J92LCk8Q7n4u+wUVUEXZMxrMpBfzFjiK3zJFrqjMkMEf9PysjqoYmx5r+
WiI8BsgI0FKkcG5IlJEvK0PgNhRC2cQTGXEoXxX7tUeqt0byugPxUViKq6c+rrkJ
rzleNB9JtBH2iQeGRyqWwEYzKAgT91bz+T48iNLsf79Zdebohvuz+vnl9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsWzG5cdQYDsnW9Wr54jVRyznHPMB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDJXsGbN
IlGgHndqrK6S6+bZOBHGsnmyeORfNgGT8VcVVSlBzYn07224W8Xpy7NrQ08uXJVE
xdphVNGeV5nv16JeAWOMildKyEFkDrdKDLfIUd3ZH1DEokbAOQLuygWGVtTNDNaB
bDsugOX7zJfR03iIY3AzS6BfnBJGMiSzKiI7xaB88TTdQVWqDIb330q16XWnlW3I
EVBYWoIUdJ4CeA27vQVblhmeLiPukjpAlU4qD4REj+opwgGNHqr8Wol3HTDhL3/q
for8HDUanHdfaF68L7XdzPCQrui+UKSsNAkLcFxskOdtaSpQCnnQNmDNOvuIKhj4
SFb5Z6lCHN7zEg==
-----END CERTIFICATE-----