Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
File:                     q33wfyEEN2kvd-7DRpuaSCuW0ao.mft (raw, json)
Hash identifier:          0vgOBJsN8x/+dxelQA3J9/+o+pROhas55Lx+a37OwoY=
Subject key identifier:   E4:8E:7B:20:C4:5D:E7:87:AB:A8:87:C9:8D:EF:C2:89:06:67:1F:9A
Authority key identifier: AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA
Certificate issuer:       /CN=ab7df07f210437692f77eec3469b9a482b96d1aa
Certificate serial:       0198D583C9EDEA667CD9E6FD0D6F4DFAA577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
Manifest number:          05DE
Signing time:             Sat 23 Aug 2025 06:00:40 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:40 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:40 +0000
Files and hashes:         1: q33wfyEEN2kvd-7DRpuaSCuW0ao.crl (hash: HAEERGFtiq+8NLmlMMomBxswbbGTo0WEeSXwSWR+/es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:c9:ed:ea:66:7c:d9:e6:fd:0d:6f:4d:fa:a5:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7df07f210437692f77eec3469b9a482b96d1aa
        Validity
            Not Before: Aug 23 06:00:40 2025 GMT
            Not After : Aug 24 06:00:40 2025 GMT
        Subject: CN=e48e7b20c45de787aba887c98defc28906671f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:87:81:2c:91:0f:8f:9f:92:7f:7a:22:c1:5b:
                    11:d2:b7:93:a6:8a:a1:18:08:5f:27:54:6d:7d:80:
                    e7:0a:ea:b9:06:c2:b4:f6:d8:6a:1b:91:48:60:e4:
                    6a:82:22:23:f9:f3:80:61:ce:2f:68:72:bb:cd:2b:
                    55:c7:5a:01:84:4a:77:fc:56:61:d0:66:2c:bb:c9:
                    f3:58:fa:69:8d:2c:fe:47:7d:d6:ba:18:ae:63:20:
                    98:49:16:cd:de:2d:c6:0d:a5:1e:95:bc:3a:8e:5e:
                    6a:96:31:98:3a:d0:6f:ba:2f:c7:71:a4:cd:88:8b:
                    4e:bc:91:35:38:fa:88:80:67:20:90:5d:17:98:27:
                    6d:9d:c2:69:45:2d:0e:c5:b5:40:f7:a5:f9:26:1b:
                    d5:ae:37:ec:95:3b:83:2d:e6:09:1c:49:5f:43:67:
                    1a:1f:dc:d2:0e:b3:a8:87:1e:c5:61:81:97:09:e9:
                    cd:e8:63:dd:9c:f2:ad:60:3b:9b:3f:36:f7:8d:8d:
                    24:a4:43:35:ac:42:ab:cd:be:71:71:73:71:22:cd:
                    0f:3d:87:4b:b6:cb:41:45:7b:99:ac:1e:93:e8:a6:
                    9b:fc:2e:0c:b1:67:19:f0:79:c5:66:6f:a8:5c:c9:
                    89:32:3b:34:f0:13:1c:90:16:f9:f4:c9:0a:14:17:
                    5c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:8E:7B:20:C4:5D:E7:87:AB:A8:87:C9:8D:EF:C2:89:06:67:1F:9A
            X509v3 Authority Key Identifier:
                keyid:AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:fb:f3:8c:07:8b:c7:09:a3:52:1f:13:86:28:fe:2e:e3:72:
         d8:2e:49:02:a1:a2:d7:e7:51:c8:8e:c8:f5:20:d3:cf:14:5f:
         8b:32:55:4d:7b:a9:00:49:34:33:8b:02:0a:d4:8a:2d:76:52:
         a0:7b:07:d7:e0:e0:68:46:64:17:90:69:84:0d:9a:78:ca:2b:
         a9:fa:40:b5:0c:91:0f:e0:d8:ae:ed:37:f5:08:59:9a:dd:b4:
         46:16:40:aa:15:06:68:4b:26:eb:fc:6e:54:ad:ef:1c:25:20:
         4f:40:fd:b8:46:97:52:47:53:18:ab:e1:c6:6b:9c:c8:1c:39:
         c7:76:b4:ce:30:90:fa:50:01:64:c7:16:3a:aa:41:6f:39:03:
         42:f3:bc:0d:33:a7:9f:88:37:5b:1a:20:cf:81:f1:40:81:91:
         22:f6:97:19:70:77:01:b0:50:e3:c5:9e:00:90:b6:b0:fb:5a:
         11:51:59:b3:38:c9:40:51:13:f1:3b:04:2f:82:f6:c6:73:bf:
         0a:fa:ef:80:8a:3d:0d:48:ca:6c:d5:10:8e:d8:23:74:27:8b:
         d5:38:14:f4:e3:8c:65:50:3f:fa:15:25:14:f9:56:2e:7f:2a:
         81:d9:ec:ab:37:98:62:a4:bc:f6:7e:1f:dd:13:1b:c6:31:4a:
         c2:e6:45:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg8nt6mZ82eb9DW9N+qV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2RmMDdmMjEwNDM3NjkyZjc3ZWVjMzQ2OWI5YTQ4MmI5
NmQxYWEwHhcNMjUwODIzMDYwMDQwWhcNMjUwODI0MDYwMDQwWjAzMTEwLwYDVQQD
EyhlNDhlN2IyMGM0NWRlNzg3YWJhODg3Yzk4ZGVmYzI4OTA2NjcxZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIeBLJEPj5+Sf3oiwVsR0reTpoqh
GAhfJ1RtfYDnCuq5BsK09thqG5FIYORqgiIj+fOAYc4vaHK7zStVx1oBhEp3/FZh
0GYsu8nzWPppjSz+R33WuhiuYyCYSRbN3i3GDaUelbw6jl5qljGYOtBvui/HcaTN
iItOvJE1OPqIgGcgkF0XmCdtncJpRS0OxbVA96X5JhvVrjfslTuDLeYJHElfQ2ca
H9zSDrOohx7FYYGXCenN6GPdnPKtYDubPzb3jY0kpEM1rEKrzb5xcXNxIs0PPYdL
tstBRXuZrB6T6Kab/C4MsWcZ8HnFZm+oXMmJMjs08BMckBb59MkKFBdcDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSOeyDEXeeHq6iHyY3vwokGZx+aMB8GA1UdIwQY
MBaAFKt98H8hBDdpL3fuw0abmkgrltGqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQt
NjcxMGU5NmExYjZmLzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQtNjcxMGU5NmExYjZm
LzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/vzjAeL
xwmjUh8Thij+LuNy2C5JAqGi1+dRyI7I9SDTzxRfizJVTXupAEk0M4sCCtSKLXZS
oHsH1+DgaEZkF5BphA2aeMorqfpAtQyRD+DYru039QhZmt20RhZAqhUGaEsm6/xu
VK3vHCUgT0D9uEaXUkdTGKvhxmucyBw5x3a0zjCQ+lABZMcWOqpBbzkDQvO8DTOn
n4g3Wxogz4HxQIGRIvaXGXB3AbBQ48WeAJC2sPtaEVFZszjJQFET8TsEL4L2xnO/
CvrvgIo9DUjKbNUQjtgjdCeL1TgU9OOMZVA/+hUlFPlWLn8qgdnsqzeYYqS89n4f
3RMbxjFKwuZF5Q==
-----END CERTIFICATE-----