Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
File:                     QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json)
Hash identifier:          k/9BQ4q3bYT3xkdDlRFTI4UjUzSGjh71oWBqSJrSqLI=
Subject key identifier:   D3:00:E0:8F:6C:B9:9C:42:1A:0F:48:F3:61:F2:18:FC:28:55:EF:F1
Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
Certificate issuer:       /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Certificate serial:       0198D84FF80EDA8B50F7FA9B01A1C005C09D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
Manifest number:          0C37
Signing time:             Sat 23 Aug 2025 19:02:56 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:56 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:56 +0000
Files and hashes:         1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: 4Haq/xLVAhcbK9ZaujzhncAOJL8uW1BNYhcnoRRqhbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 19:02:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:f8:0e:da:8b:50:f7:fa:9b:01:a1:c0:05:c0:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
        Validity
            Not Before: Aug 23 19:02:56 2025 GMT
            Not After : Aug 24 19:02:56 2025 GMT
        Subject: CN=d300e08f6cb99c421a0f48f361f218fc2855eff1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:10:b2:88:5d:c6:3c:31:e1:c3:28:13:51:a9:
                    4f:b2:cc:c8:c3:2b:12:cd:5c:8b:6c:b9:01:ca:de:
                    8a:b4:77:2f:0c:62:50:8f:dc:2b:3d:65:b7:a8:39:
                    37:10:54:c2:ed:60:93:00:3a:18:2f:af:51:76:cd:
                    18:a9:c0:de:3d:de:16:2c:16:a0:6d:29:7c:0d:03:
                    4c:c6:0c:b8:5e:bf:e3:37:48:2f:e7:ce:52:73:f0:
                    40:7e:45:0d:69:5c:95:6c:fb:e5:f2:02:3d:a3:d3:
                    41:aa:d9:65:bd:b3:5a:db:43:0f:99:42:12:89:ce:
                    2b:5c:72:0a:d5:e0:e3:fb:31:c3:9a:3b:1e:33:3b:
                    f3:2b:b2:44:42:49:86:b7:00:92:a2:72:e1:9d:10:
                    54:c6:eb:26:86:1f:f5:ba:85:79:9b:d9:59:a1:83:
                    0c:09:a2:f5:c9:05:d0:67:5d:02:08:0f:73:6b:21:
                    21:e7:98:6b:38:b4:01:82:36:5e:9f:e6:60:25:fe:
                    b8:38:af:9d:66:97:1e:fa:38:a2:6c:10:7a:ad:f3:
                    44:80:f2:a4:8e:d5:24:9d:23:c7:0e:6a:95:0b:d6:
                    ad:f7:73:12:01:c7:db:e6:9d:a2:b1:14:0e:16:e0:
                    fc:cc:18:d2:02:13:37:37:61:0c:60:f6:72:55:cc:
                    42:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:00:E0:8F:6C:B9:9C:42:1A:0F:48:F3:61:F2:18:FC:28:55:EF:F1
            X509v3 Authority Key Identifier:
                keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:3c:c8:ac:26:7e:23:a4:d4:13:21:21:20:10:57:97:16:ac:
         2c:c5:88:f8:27:c1:5c:70:fe:98:e9:d1:af:3c:3e:06:9a:e3:
         88:06:35:9e:d1:12:6e:69:00:00:8c:a5:44:09:8e:f4:53:0c:
         31:3c:25:fc:e2:61:35:9c:39:8b:9a:44:bf:23:96:9e:2d:e9:
         4c:3b:06:49:e9:73:fe:6b:ac:48:ab:e6:06:4c:42:d2:65:6e:
         18:88:1d:db:29:7c:bd:f4:a2:90:bd:6d:1f:bf:8f:43:57:16:
         35:1b:73:95:e8:97:2d:76:8a:45:45:25:a0:15:be:46:de:0b:
         e8:7f:05:35:62:9d:39:cd:7f:80:02:f0:39:10:55:54:b9:0c:
         9b:87:68:f3:6a:3b:97:19:a1:70:5c:f5:c9:dc:2e:ab:04:38:
         b6:dc:fe:53:6f:ed:21:34:ad:85:93:c0:e3:b3:53:db:3c:2c:
         24:86:44:32:e7:4c:aa:05:46:86:0b:d7:1f:41:ff:7d:af:bb:
         15:a3:8e:02:95:92:a4:15:d0:09:ca:eb:e6:84:de:c3:a3:02:
         cd:45:57:9e:e2:76:01:6d:81:00:75:36:9d:f1:92:f6:0e:13:
         4e:5b:a3:21:7e:89:12:24:bc:ea:9d:50:e3:23:73:b9:3e:1f:
         36:ee:d3:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT/gO2otQ9/qbAaHABcCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw
ZjhjZjUwHhcNMjUwODIzMTkwMjU2WhcNMjUwODI0MTkwMjU2WjAzMTEwLwYDVQQD
EyhkMzAwZTA4ZjZjYjk5YzQyMWEwZjQ4ZjM2MWYyMThmYzI4NTVlZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBCyiF3GPDHhwygTUalPsszIwysS
zVyLbLkByt6KtHcvDGJQj9wrPWW3qDk3EFTC7WCTADoYL69Rds0YqcDePd4WLBag
bSl8DQNMxgy4Xr/jN0gv585Sc/BAfkUNaVyVbPvl8gI9o9NBqtllvbNa20MPmUIS
ic4rXHIK1eDj+zHDmjseMzvzK7JEQkmGtwCSonLhnRBUxusmhh/1uoV5m9lZoYMM
CaL1yQXQZ10CCA9zayEh55hrOLQBgjZen+ZgJf64OK+dZpce+jiibBB6rfNEgPKk
jtUknSPHDmqVC9at93MSAcfb5p2isRQOFuD8zBjSAhM3N2EMYPZyVcxCVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMA4I9suZxCGg9I82HyGPwoVe/xMB8GA1UdIwQY
MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt
YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj
LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAADzIrCZ+
I6TUEyEhIBBXlxasLMWI+CfBXHD+mOnRrzw+BprjiAY1ntESbmkAAIylRAmO9FMM
MTwl/OJhNZw5i5pEvyOWni3pTDsGSelz/musSKvmBkxC0mVuGIgd2yl8vfSikL1t
H7+PQ1cWNRtzleiXLXaKRUUloBW+Rt4L6H8FNWKdOc1/gALwORBVVLkMm4do82o7
lxmhcFz1ydwuqwQ4ttz+U2/tITSthZPA47NT2zwsJIZEMudMqgVGhgvXH0H/fa+7
FaOOApWSpBXQCcrr5oTew6MCzUVXnuJ2AW2BAHU2nfGS9g4TTlujIX6JEiS86p1Q
4yNzuT4fNu7T7g==
-----END CERTIFICATE-----