Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
File:                     aQMR37ZbZZViGO_0cZep65akB9s.mft (raw, json)
Hash identifier:          iWuXkUL1blMqWJKwbTKEu/5MHj0NNkaFaw+y9LoDFvM=
Subject key identifier:   7B:70:C9:3C:73:FA:D1:AA:11:22:40:7E:36:51:46:EA:70:EC:FF:B6
Authority key identifier: 69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB
Certificate issuer:       /CN=690311dfb65b65956218eff47197a9eb96a407db
Certificate serial:       0198D474A3C15024654805D21A4A0F3C35DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:04:30 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:30 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:30 +0000
Files and hashes:         1: aQMR37ZbZZViGO_0cZep65akB9s.crl (hash: QO6HSwj4rPIjD6jiDExFIei3aegyxlE3b7qBqLnXX2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:a3:c1:50:24:65:48:05:d2:1a:4a:0f:3c:35:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690311dfb65b65956218eff47197a9eb96a407db
        Validity
            Not Before: Aug 23 01:04:30 2025 GMT
            Not After : Aug 24 01:04:30 2025 GMT
        Subject: CN=7b70c93c73fad1aa1122407e365146ea70ecffb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:07:4c:7c:02:00:a3:5d:10:1c:8e:a1:a5:50:
                    4e:20:eb:8f:c6:7e:00:e6:a7:73:e0:07:89:e8:9a:
                    94:d6:c7:c4:70:57:0a:ed:b7:41:47:a3:e0:84:6e:
                    a7:b8:b0:36:b3:ba:a2:7d:54:0b:ff:2d:67:52:cb:
                    53:6e:84:11:51:8e:70:e3:11:b3:ff:2b:00:c1:3e:
                    29:75:a8:c6:7b:0c:e4:16:b2:78:73:26:92:3f:38:
                    c7:ba:df:cb:7f:78:22:29:29:75:4a:46:5d:f1:3e:
                    dd:c0:45:c7:6e:e9:16:5f:af:27:a8:b2:a3:c2:2f:
                    61:40:89:65:b5:5e:af:70:1d:0d:50:c5:aa:6c:66:
                    3a:30:3d:92:6f:bd:e1:44:82:d0:c9:a7:25:62:14:
                    8f:c1:40:ee:23:4b:e6:bb:5f:fa:81:43:ae:b2:cd:
                    91:77:00:e8:b4:1f:0f:08:f1:66:0a:0c:06:a0:82:
                    ed:ef:16:b8:4e:37:a0:70:10:d8:08:46:e3:fb:e0:
                    65:dc:23:5a:b2:3f:9c:e1:bc:7e:ec:83:4d:e0:38:
                    58:b1:db:bc:e5:97:bf:91:f2:8b:2a:1a:de:77:2d:
                    a7:32:04:cb:e9:72:5d:58:9b:3a:23:6a:40:b7:15:
                    38:69:bb:2b:8c:7a:6b:56:13:7b:70:1d:08:d7:1b:
                    56:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:70:C9:3C:73:FA:D1:AA:11:22:40:7E:36:51:46:EA:70:EC:FF:B6
            X509v3 Authority Key Identifier:
                keyid:69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:13:ad:85:6a:d9:62:22:d2:89:69:a2:1b:b9:3e:fc:b8:d4:
         d4:04:19:a3:a7:98:9e:f1:3e:ae:cb:29:67:2e:d3:dc:31:e0:
         f8:1a:a7:37:45:10:19:b6:e4:b1:0c:06:83:66:57:e2:04:4e:
         dc:c0:63:2a:51:87:a1:52:79:f2:59:65:63:f7:94:17:13:81:
         b4:95:68:ec:cb:4b:83:72:26:32:13:0f:00:4f:a4:2a:c4:0b:
         fe:48:6c:9d:ba:d8:f1:b8:55:de:d6:4d:6f:60:ed:70:24:92:
         df:db:17:01:71:a0:34:4d:1f:1a:6b:c1:c4:7e:a4:26:fd:44:
         10:24:0c:10:62:75:ed:0d:07:82:6f:05:1b:93:20:c0:df:20:
         79:a6:d7:77:b1:60:17:7a:5f:7a:90:37:ee:41:b8:2f:b7:93:
         2f:01:4c:75:06:18:8e:21:2d:fd:e3:61:0f:b3:48:44:77:5e:
         f0:43:af:71:23:52:41:d5:c0:e4:ef:4d:8d:97:a1:52:c5:7b:
         4e:3a:14:6c:f4:6e:77:96:42:d7:ba:f5:fe:d7:ca:57:1b:14:
         61:0c:4d:cf:b4:4f:4a:5e:ea:99:0c:f1:dd:d7:f1:7d:1a:e5:
         a7:d9:27:ed:16:8d:50:d6:84:d3:e1:24:1d:f7:5b:cb:89:33:
         ff:3f:9b:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdKPBUCRlSAXSGkoPPDXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDMxMWRmYjY1YjY1OTU2MjE4ZWZmNDcxOTdhOWViOTZh
NDA3ZGIwHhcNMjUwODIzMDEwNDMwWhcNMjUwODI0MDEwNDMwWjAzMTEwLwYDVQQD
Eyg3YjcwYzkzYzczZmFkMWFhMTEyMjQwN2UzNjUxNDZlYTcwZWNmZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngdMfAIAo10QHI6hpVBOIOuPxn4A
5qdz4AeJ6JqU1sfEcFcK7bdBR6PghG6nuLA2s7qifVQL/y1nUstTboQRUY5w4xGz
/ysAwT4pdajGewzkFrJ4cyaSPzjHut/Lf3giKSl1SkZd8T7dwEXHbukWX68nqLKj
wi9hQIlltV6vcB0NUMWqbGY6MD2Sb73hRILQyaclYhSPwUDuI0vmu1/6gUOuss2R
dwDotB8PCPFmCgwGoILt7xa4TjegcBDYCEbj++Bl3CNasj+c4bx+7INN4DhYsdu8
5Ze/kfKLKhredy2nMgTL6XJdWJs6I2pAtxU4absrjHprVhN7cB0I1xtWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtwyTxz+tGqESJAfjZRRupw7P+2MB8GA1UdIwQY
MBaAFGkDEd+2W2WVYhjv9HGXqeuWpAfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQt
YTQ1NmUzNjRjYjBlLzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQtYTQ1NmUzNjRjYjBl
LzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiBOthWrZ
YiLSiWmiG7k+/LjU1AQZo6eYnvE+rsspZy7T3DHg+BqnN0UQGbbksQwGg2ZX4gRO
3MBjKlGHoVJ58lllY/eUFxOBtJVo7MtLg3ImMhMPAE+kKsQL/khsnbrY8bhV3tZN
b2DtcCSS39sXAXGgNE0fGmvBxH6kJv1EECQMEGJ17Q0Hgm8FG5MgwN8geabXd7Fg
F3pfepA37kG4L7eTLwFMdQYYjiEt/eNhD7NIRHde8EOvcSNSQdXA5O9NjZehUsV7
TjoUbPRud5ZC17r1/tfKVxsUYQxNz7RPSl7qmQzx3dfxfRrlp9kn7RaNUNaE0+Ek
Hfdby4kz/z+bWg==
-----END CERTIFICATE-----