Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          KMj4dmvqhdRl9LKoW2bc46G1eBtIAFtI94noJiWavn4=
Subject key identifier:   A5:57:D5:BD:28:46:6B:95:5B:08:C7:0D:DE:70:86:57:88:59:52:1A
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       0198D54DF5DE3C18D1B170AB3008D726F182
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 05:01:52 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:52 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:52 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: E6Bsorx9mf19GuUFZ7TFDeqqO/0asKvpsyUSUu9eZl8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:f5:de:3c:18:d1:b1:70:ab:30:08:d7:26:f1:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Aug 23 05:01:52 2025 GMT
            Not After : Aug 24 05:01:52 2025 GMT
        Subject: CN=a557d5bd28466b955b08c70dde7086578859521a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ee:eb:82:64:17:17:f5:9b:49:ef:aa:67:d9:
                    8a:7f:ab:e3:b9:73:e8:2c:b0:d5:35:84:10:19:5e:
                    15:e7:28:7d:57:ba:2b:0a:4e:5e:ad:4f:da:ad:f7:
                    e8:af:c2:7f:5d:ee:f9:86:03:f6:f8:7c:d1:91:af:
                    dd:a8:f2:4e:a0:89:22:df:80:ca:d6:02:fb:26:99:
                    50:d4:3c:b8:83:21:53:93:5f:fc:34:9b:c4:74:bf:
                    1f:71:52:1a:ae:de:ee:62:5b:bb:2b:4d:5c:5e:b6:
                    12:00:6d:bf:14:27:18:a3:f0:cb:e5:0f:70:56:8e:
                    8d:1b:d9:cd:47:c6:7d:05:c6:00:22:f0:1a:a9:16:
                    8f:57:64:2f:d7:8e:6b:4d:7c:73:5c:70:d7:04:01:
                    28:fb:fb:04:cd:1c:9a:49:80:6f:6d:b8:bd:91:a0:
                    62:33:f2:01:69:93:cd:c4:7c:d1:65:9c:0d:0a:c4:
                    56:96:d0:bb:fb:f6:a3:40:f7:6a:e9:c3:54:77:1b:
                    92:c2:ef:7c:3a:e5:06:fa:72:ae:fb:a6:3f:4b:9d:
                    db:a7:04:86:a6:3a:ec:f5:22:df:fb:50:4d:53:a9:
                    bc:4e:2d:72:fe:12:45:04:e3:7c:55:ec:4e:f8:68:
                    cc:b6:55:db:88:4a:fe:27:ce:62:12:66:ad:cf:86:
                    12:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:57:D5:BD:28:46:6B:95:5B:08:C7:0D:DE:70:86:57:88:59:52:1A
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:cd:d4:6c:19:e6:e1:4a:53:5b:18:89:16:e6:02:7f:55:d0:
         32:67:4c:8f:d8:7d:8c:96:99:97:c6:48:f5:86:d4:10:2f:2e:
         e8:cc:7f:44:b5:3b:9c:2c:fa:1b:0e:9f:7d:b0:d7:00:61:7b:
         a1:f0:18:7a:f5:b3:be:d5:fa:f6:7a:fa:25:84:82:62:67:69:
         6d:23:ca:a9:33:6b:5a:14:c0:cc:ef:93:1a:04:34:3f:07:3d:
         e3:13:d4:aa:ec:62:a8:14:93:fd:9f:10:0e:79:e8:04:8e:e4:
         24:25:4f:96:55:1f:7c:f3:4f:9f:33:bf:82:11:ad:0a:0b:42:
         6b:17:e7:50:63:89:60:b1:47:34:fd:51:cd:84:cc:d4:f4:b8:
         7b:f2:f2:35:88:e5:86:8e:ee:c1:6a:a3:ad:cf:09:12:42:12:
         5d:c2:02:d3:06:aa:e9:dc:c4:d0:48:9d:1f:3b:ba:40:13:ea:
         0f:7d:b7:12:2c:3e:63:01:ed:0a:44:ef:1a:21:26:31:8a:d5:
         52:d6:dd:d5:ca:91:54:1a:ea:21:b2:5a:ac:1b:b5:b4:0d:fb:
         5a:0a:85:a7:8c:b8:e6:b4:1e:4b:c0:b7:47:d4:6c:92:25:7f:
         c7:e2:90:83:cd:8f:cd:53:29:e6:9a:d7:28:a5:d2:7e:fc:97:
         e6:cb:d0:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTfXePBjRsXCrMAjXJvGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjUwODIzMDUwMTUyWhcNMjUwODI0MDUwMTUyWjAzMTEwLwYDVQQD
EyhhNTU3ZDViZDI4NDY2Yjk1NWIwOGM3MGRkZTcwODY1Nzg4NTk1MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+7rgmQXF/WbSe+qZ9mKf6vjuXPo
LLDVNYQQGV4V5yh9V7orCk5erU/arffor8J/Xe75hgP2+HzRka/dqPJOoIki34DK
1gL7JplQ1Dy4gyFTk1/8NJvEdL8fcVIart7uYlu7K01cXrYSAG2/FCcYo/DL5Q9w
Vo6NG9nNR8Z9BcYAIvAaqRaPV2Qv145rTXxzXHDXBAEo+/sEzRyaSYBvbbi9kaBi
M/IBaZPNxHzRZZwNCsRWltC7+/ajQPdq6cNUdxuSwu98OuUG+nKu+6Y/S53bpwSG
pjrs9SLf+1BNU6m8Ti1y/hJFBON8VexO+GjMtlXbiEr+J85iEmatz4YSUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVX1b0oRmuVWwjHDd5whleIWVIaMB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJM3UbBnm
4UpTWxiJFuYCf1XQMmdMj9h9jJaZl8ZI9YbUEC8u6Mx/RLU7nCz6Gw6ffbDXAGF7
ofAYevWzvtX69nr6JYSCYmdpbSPKqTNrWhTAzO+TGgQ0Pwc94xPUquxiqBST/Z8Q
DnnoBI7kJCVPllUffPNPnzO/ghGtCgtCaxfnUGOJYLFHNP1RzYTM1PS4e/LyNYjl
ho7uwWqjrc8JEkISXcIC0waq6dzE0EidHzu6QBPqD323Eiw+YwHtCkTvGiEmMYrV
Utbd1cqRVBrqIbJarBu1tA37WgqFp4y45rQeS8C3R9RskiV/x+KQg82PzVMp5prX
KKXSfvyX5svQdA==
-----END CERTIFICATE-----