Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          FDPWocuyaWjpiZCppjJ7GyUHxinZIbjS9ycB2Dh1uZQ=
Subject key identifier:   B6:26:FF:A5:B1:3C:04:43:45:D5:86:F3:1B:07:C0:28:AB:63:88:66
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       0198D4E03FDB04A46C01094A4CE85869A101
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:02:02 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:02 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:02 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: /30iLlhNqAW2106+iEZlYMnDxpopDb1zbDJ/qVVTLLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:3f:db:04:a4:6c:01:09:4a:4c:e8:58:69:a1:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Aug 23 03:02:02 2025 GMT
            Not After : Aug 24 03:02:02 2025 GMT
        Subject: CN=b626ffa5b13c044345d586f31b07c028ab638866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:28:36:5d:32:28:60:c4:40:be:d5:27:71:b3:
                    a1:0f:fb:27:a5:9a:10:e3:52:ba:1a:4f:66:31:6c:
                    21:94:c4:f9:82:69:7b:e5:e3:1f:3d:2d:b3:7e:8c:
                    4f:b4:e4:b9:a3:bc:ec:6d:73:56:76:9b:e7:8d:0f:
                    6c:04:f4:62:79:de:d1:23:71:35:f6:cd:0b:92:3e:
                    4f:c6:73:6b:9b:7c:b5:71:ce:a6:16:5b:f5:76:7f:
                    3e:e9:e3:09:47:b3:e4:57:99:9e:24:ad:44:c7:1f:
                    f3:22:36:bf:b5:70:be:44:c9:4e:ba:bd:69:50:96:
                    6f:ff:52:67:39:94:ae:9d:13:92:62:dd:64:a4:ac:
                    24:f1:d2:11:bc:1d:e4:52:b8:e9:d8:9e:5a:0e:dc:
                    4b:14:e3:ad:63:00:1a:4a:47:d3:cb:b0:9e:40:97:
                    ae:8a:2c:de:99:68:84:2c:30:cc:82:fb:ca:c4:c3:
                    4a:dd:93:1f:05:a9:d9:73:98:39:c8:20:26:e5:09:
                    06:a3:3c:a0:ca:68:1c:1d:12:9c:ad:0f:38:1d:dc:
                    c6:de:71:80:b0:df:e6:95:6b:b8:c6:15:6e:7f:ac:
                    94:de:01:b4:36:c2:b7:a0:81:78:03:28:0d:0c:3a:
                    13:7c:64:3a:e4:b2:5a:e6:30:fa:a8:89:ea:0b:0b:
                    ee:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:26:FF:A5:B1:3C:04:43:45:D5:86:F3:1B:07:C0:28:AB:63:88:66
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:b2:5f:cc:e7:9d:c5:d9:02:85:ad:49:ca:bd:53:1a:ad:b8:
         fc:e3:78:51:8b:d5:75:37:14:31:13:42:14:1b:33:6f:5a:6c:
         de:31:02:00:61:23:04:60:b9:90:54:e2:d8:75:4a:17:01:68:
         a6:27:bc:04:17:aa:37:f8:8f:2c:ff:4c:77:71:35:84:02:27:
         42:b1:67:9b:99:cc:a8:aa:08:25:9d:8c:b8:12:5d:78:52:7d:
         ec:92:95:12:74:26:45:99:33:36:27:9d:7e:11:ba:ce:bd:52:
         40:59:dd:51:b6:bd:f1:c2:af:f0:76:cd:41:49:9d:bd:4f:c1:
         96:5d:8b:f4:09:18:b1:0f:c9:03:b1:1c:3e:ff:14:bf:a0:fc:
         74:a9:e8:36:d9:ce:3d:2d:47:66:63:f4:3e:0c:c3:9c:d0:f8:
         10:d9:dd:a4:b3:08:85:2b:e3:83:dc:26:10:a3:47:5b:ea:59:
         fa:3c:de:95:d5:1b:a9:b1:14:2a:cf:2f:f4:73:e7:4c:c3:d6:
         02:ab:90:ab:25:4b:f3:a0:68:7c:7d:0f:4e:4f:c6:8f:d5:3a:
         5c:d2:68:67:89:f6:6d:be:c6:dc:53:d0:8b:8a:69:12:1a:cc:
         ed:f7:f8:ef:68:fc:fd:a1:7d:06:eb:72:dd:7b:4b:63:f4:91:
         2a:95:98:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4D/bBKRsAQlKTOhYaaEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwODIzMDMwMjAyWhcNMjUwODI0MDMwMjAyWjAzMTEwLwYDVQQD
EyhiNjI2ZmZhNWIxM2MwNDQzNDVkNTg2ZjMxYjA3YzAyOGFiNjM4ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCg2XTIoYMRAvtUncbOhD/snpZoQ
41K6Gk9mMWwhlMT5gml75eMfPS2zfoxPtOS5o7zsbXNWdpvnjQ9sBPRied7RI3E1
9s0Lkj5PxnNrm3y1cc6mFlv1dn8+6eMJR7PkV5meJK1Exx/zIja/tXC+RMlOur1p
UJZv/1JnOZSunROSYt1kpKwk8dIRvB3kUrjp2J5aDtxLFOOtYwAaSkfTy7CeQJeu
iizemWiELDDMgvvKxMNK3ZMfBanZc5g5yCAm5QkGozygymgcHRKcrQ84HdzG3nGA
sN/mlWu4xhVuf6yU3gG0NsK3oIF4AygNDDoTfGQ65LJa5jD6qInqCwvu6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYm/6WxPARDRdWG8xsHwCirY4hmMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcbJfzOed
xdkCha1Jyr1TGq24/ON4UYvVdTcUMRNCFBszb1ps3jECAGEjBGC5kFTi2HVKFwFo
pie8BBeqN/iPLP9Md3E1hAInQrFnm5nMqKoIJZ2MuBJdeFJ97JKVEnQmRZkzNied
fhG6zr1SQFndUba98cKv8HbNQUmdvU/Bll2L9AkYsQ/JA7EcPv8Uv6D8dKnoNtnO
PS1HZmP0PgzDnND4ENndpLMIhSvjg9wmEKNHW+pZ+jzeldUbqbEUKs8v9HPnTMPW
AquQqyVL86BofH0PTk/Gj9U6XNJoZ4n2bb7G3FPQi4ppEhrM7ff472j8/aF9Buty
3XtLY/SRKpWYPw==
-----END CERTIFICATE-----