Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          ssQgIcdsqk3BfHIb4bEdhrK1gUB8ksaqhYoaUe7dk6E=
Subject key identifier:   AE:56:1C:79:D8:13:83:D4:8D:E5:D7:61:95:9B:B5:83:1E:4E:C7:17
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0198D66079ABB9DEC0EB6A0F8260D313A72F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:01:43 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:43 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:43 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: JynGhpokVuuDohxsm6DFlwN6mVb6VgFUccVNdOyXQ8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:79:ab:b9:de:c0:eb:6a:0f:82:60:d3:13:a7:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Aug 23 10:01:43 2025 GMT
            Not After : Aug 24 10:01:43 2025 GMT
        Subject: CN=ae561c79d81383d48de5d761959bb5831e4ec717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:1e:60:5a:66:4a:2c:48:82:32:ab:0c:04:16:
                    00:15:9c:3c:6e:de:cb:69:79:cd:30:f9:5d:69:3c:
                    db:ec:4f:63:8a:66:3c:4b:da:5b:14:d7:9c:94:8d:
                    9f:90:fe:b0:92:f9:22:e3:2a:23:7e:d8:c0:2e:b1:
                    68:9a:6a:44:1d:b5:3c:48:63:f3:a8:62:79:dd:77:
                    f0:92:d4:8e:89:89:c7:70:e7:1a:d2:b1:55:ea:e6:
                    6f:b1:13:31:28:89:08:9c:73:28:2e:87:73:40:17:
                    46:5e:62:34:8f:28:26:c2:b5:3e:08:a5:e8:d4:51:
                    ef:19:bf:e9:1d:01:65:2f:89:2d:c6:76:e3:48:39:
                    dd:57:0e:52:05:1a:e8:91:a8:75:ce:28:ba:7f:9f:
                    ca:0f:1f:9a:f0:4f:7f:ba:92:34:42:b8:bd:f8:3c:
                    78:6c:c5:94:92:24:36:f6:5d:a5:bc:38:39:16:1b:
                    a6:37:6e:bb:5d:a1:99:f5:8f:77:cb:29:18:0e:e6:
                    0c:ef:e4:db:85:04:09:92:12:96:cf:89:d4:a7:aa:
                    7c:a0:85:dd:30:a0:0b:7e:b9:cc:52:f1:2a:61:50:
                    90:73:b7:69:22:cb:54:7e:24:fe:51:12:b8:83:40:
                    f1:d4:2e:be:59:1f:16:33:d8:c7:53:be:b0:e4:93:
                    79:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:56:1C:79:D8:13:83:D4:8D:E5:D7:61:95:9B:B5:83:1E:4E:C7:17
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:32:0c:6a:10:b5:8f:ad:37:25:f6:2b:74:d3:6a:9a:aa:b2:
         1a:c2:20:22:a6:f5:91:d2:be:cb:8f:03:e3:76:55:29:de:fb:
         58:bf:4c:c3:ad:4a:b0:52:5a:6f:c4:55:59:96:b1:a1:31:a6:
         48:67:ba:c6:31:55:1f:c2:ba:5a:67:cb:47:0e:57:bb:a9:88:
         d0:c6:58:be:62:c9:a0:cb:78:9c:c0:e5:00:b8:90:c3:76:44:
         2c:9c:4f:05:9f:dd:44:7f:10:e3:56:82:73:58:17:23:5b:db:
         86:0f:43:1d:79:4c:fb:0c:c4:41:ce:80:87:ed:5a:15:6c:12:
         65:bb:67:38:76:77:44:ec:c3:d3:9f:ee:e8:7d:5d:01:18:78:
         04:67:6e:14:6c:39:ad:4b:f7:c5:3a:b0:42:a5:a8:cb:ac:99:
         f8:15:98:18:83:c6:18:07:8c:45:b0:2b:b2:4e:31:ee:5d:64:
         42:a0:c5:85:c9:70:25:0b:65:9f:2f:06:ed:14:d0:4d:ee:87:
         2b:e0:bc:3f:86:ab:90:fd:5c:c3:a1:7b:da:34:77:08:7b:94:
         b2:5a:47:9c:e1:55:55:31:9d:49:20:1f:f9:71:22:b8:cf:86:
         03:32:ef:bc:a4:b1:d7:cc:f4:45:0e:0d:c8:3f:45:00:53:7d:
         ef:d8:5e:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYHmrud7A62oPgmDTE6cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwODIzMTAwMTQzWhcNMjUwODI0MTAwMTQzWjAzMTEwLwYDVQQD
EyhhZTU2MWM3OWQ4MTM4M2Q0OGRlNWQ3NjE5NTliYjU4MzFlNGVjNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh5gWmZKLEiCMqsMBBYAFZw8bt7L
aXnNMPldaTzb7E9jimY8S9pbFNeclI2fkP6wkvki4yojftjALrFommpEHbU8SGPz
qGJ53XfwktSOiYnHcOca0rFV6uZvsRMxKIkInHMoLodzQBdGXmI0jygmwrU+CKXo
1FHvGb/pHQFlL4ktxnbjSDndVw5SBRrokah1zii6f5/KDx+a8E9/upI0Qri9+Dx4
bMWUkiQ29l2lvDg5FhumN267XaGZ9Y93yykYDuYM7+TbhQQJkhKWz4nUp6p8oIXd
MKALfrnMUvEqYVCQc7dpIstUfiT+URK4g0Dx1C6+WR8WM9jHU76w5JN5owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5WHHnYE4PUjeXXYZWbtYMeTscXMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDIMahC1
j603JfYrdNNqmqqyGsIgIqb1kdK+y48D43ZVKd77WL9Mw61KsFJab8RVWZaxoTGm
SGe6xjFVH8K6WmfLRw5Xu6mI0MZYvmLJoMt4nMDlALiQw3ZELJxPBZ/dRH8Q41aC
c1gXI1vbhg9DHXlM+wzEQc6Ah+1aFWwSZbtnOHZ3ROzD05/u6H1dARh4BGduFGw5
rUv3xTqwQqWoy6yZ+BWYGIPGGAeMRbArsk4x7l1kQqDFhclwJQtlny8G7RTQTe6H
K+C8P4arkP1cw6F72jR3CHuUslpHnOFVVTGdSSAf+XEiuM+GAzLvvKSx18z0RQ4N
yD9FAFN979he4A==
-----END CERTIFICATE-----