Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          GsVN6PobBhR2fFCzWkxsiwOY67UY0smpLEHO/Jpq3HU=
Subject key identifier:   A1:7F:3E:1A:0B:6B:85:2B:5F:03:E1:45:0D:B2:7D:CA:73:37:F5:F5
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       0198D65F25C02AD9C82A4881905B383479B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          07C9
Signing time:             Sat 23 Aug 2025 10:00:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:16 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: 9W+uGSJnHiVXxOjmnD5pfG1zo1+NHuPlV5CEaTmRZaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:25:c0:2a:d9:c8:2a:48:81:90:5b:38:34:79:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: Aug 23 10:00:16 2025 GMT
            Not After : Aug 24 10:00:16 2025 GMT
        Subject: CN=a17f3e1a0b6b852b5f03e1450db27dca7337f5f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a5:f5:cb:91:b0:73:22:f6:d9:35:95:e3:eb:
                    b5:93:af:81:a5:3e:55:d9:a5:f5:77:3f:6d:3c:33:
                    7e:06:70:7c:86:70:83:0f:24:9c:d1:0c:5c:95:52:
                    f7:0e:ba:56:90:6c:a8:ad:68:1e:89:39:f9:cf:28:
                    59:64:3a:ff:53:83:96:24:17:a8:75:4a:76:4a:53:
                    3d:dc:d6:76:e8:47:33:28:cc:83:5a:62:f1:9e:a8:
                    5e:29:c2:ee:ba:cf:81:8e:fc:5f:a2:50:89:98:27:
                    22:57:77:18:4c:36:00:9b:f8:86:56:09:1a:87:ed:
                    da:33:ba:cd:16:99:38:b1:81:51:55:b8:74:2b:5d:
                    95:6d:27:96:c2:1e:19:a1:cc:0a:52:a2:83:a8:7f:
                    a0:eb:c8:84:53:12:81:1d:74:6f:5b:4c:b6:3e:c7:
                    40:97:18:33:5c:42:b0:03:31:55:d3:7e:6b:a0:8f:
                    9e:f6:75:c9:17:c1:d7:7c:82:00:97:d3:9b:6b:01:
                    77:4f:03:42:ba:4f:f3:ad:c1:6a:5d:04:fb:61:87:
                    c2:bd:1c:ab:3f:90:3a:05:ec:87:9e:f4:1d:bf:e1:
                    d8:c6:2b:b7:16:a4:63:3e:0e:5e:3f:ec:6b:c0:33:
                    30:50:e5:d2:8e:25:72:62:28:25:78:95:64:c0:cd:
                    c7:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:7F:3E:1A:0B:6B:85:2B:5F:03:E1:45:0D:B2:7D:CA:73:37:F5:F5
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:c8:39:75:79:4d:a6:39:6a:0e:0b:bc:ab:a5:cc:eb:c9:7d:
         85:b9:a7:9f:ea:e8:61:1a:ff:c6:ee:4b:dc:78:7d:f6:2a:b8:
         77:20:46:aa:e2:e5:7b:8e:42:db:47:e4:57:1e:84:8d:6d:a9:
         d5:1f:73:6f:95:61:f0:49:7f:99:f9:9d:1e:16:31:0e:32:23:
         0b:ff:d8:90:7a:28:4f:28:f8:01:b7:52:51:98:e8:2a:90:0b:
         c3:64:67:41:89:70:8f:23:6c:da:fa:d3:54:eb:c9:a2:1f:96:
         f6:41:d4:cc:7c:96:13:8b:a7:b5:1f:6c:ba:1c:2a:fa:48:eb:
         b2:9a:54:e0:f9:9d:7e:ff:5c:ed:e4:ff:52:91:45:a6:e2:55:
         cc:a8:fb:ac:3e:a4:92:58:61:a6:5c:b0:55:e1:db:e7:a3:2f:
         8b:27:2c:0a:01:bc:19:7e:ee:74:f6:8a:9a:7e:29:4e:00:8a:
         b0:4e:05:02:9f:60:42:08:f2:8a:cf:f8:4e:c4:aa:2b:1d:a2:
         53:b4:17:f7:75:00:7d:94:01:31:ea:ab:da:86:d0:df:7c:55:
         30:97:62:89:58:0e:10:10:80:67:2c:87:c2:4f:e1:90:69:d6:
         a4:29:66:21:38:4c:d7:89:51:b5:9d:a2:d0:e3:95:ea:ba:d3:
         03:1e:6e:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXyXAKtnIKkiBkFs4NHmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjUwODIzMTAwMDE2WhcNMjUwODI0MTAwMDE2WjAzMTEwLwYDVQQD
EyhhMTdmM2UxYTBiNmI4NTJiNWYwM2UxNDUwZGIyN2RjYTczMzdmNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aX1y5GwcyL22TWV4+u1k6+BpT5V
2aX1dz9tPDN+BnB8hnCDDySc0QxclVL3DrpWkGyorWgeiTn5zyhZZDr/U4OWJBeo
dUp2SlM93NZ26EczKMyDWmLxnqheKcLuus+BjvxfolCJmCciV3cYTDYAm/iGVgka
h+3aM7rNFpk4sYFRVbh0K12VbSeWwh4ZocwKUqKDqH+g68iEUxKBHXRvW0y2PsdA
lxgzXEKwAzFV035roI+e9nXJF8HXfIIAl9ObawF3TwNCuk/zrcFqXQT7YYfCvRyr
P5A6BeyHnvQdv+HYxiu3FqRjPg5eP+xrwDMwUOXSjiVyYigleJVkwM3HBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKF/PhoLa4UrXwPhRQ2yfcpzN/X1MB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMg5dXlN
pjlqDgu8q6XM68l9hbmnn+roYRr/xu5L3Hh99iq4dyBGquLle45C20fkVx6EjW2p
1R9zb5Vh8El/mfmdHhYxDjIjC//YkHooTyj4AbdSUZjoKpALw2RnQYlwjyNs2vrT
VOvJoh+W9kHUzHyWE4untR9suhwq+kjrsppU4Pmdfv9c7eT/UpFFpuJVzKj7rD6k
klhhplywVeHb56MviycsCgG8GX7udPaKmn4pTgCKsE4FAp9gQgjyis/4TsSqKx2i
U7QX93UAfZQBMeqr2obQ33xVMJdiiVgOEBCAZyyHwk/hkGnWpClmIThM14lRtZ2i
0OOV6rrTAx5uSw==
-----END CERTIFICATE-----