Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          1QeYd+BjGdpBI22mL77peeIb2ZV7ktNDtGMKOdnLACU=
Subject key identifier:   2C:B1:5B:C0:74:D6:D7:41:11:5D:87:BF:4D:85:8D:47:06:39:53:6C
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       0198D4E0E6756E2DF5BBAFB0D5C615345CBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0CB0
Signing time:             Sat 23 Aug 2025 03:02:45 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:45 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:45 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: pM7xsVxHnxEKAICzcYZrCof7kpmQOJzl2TUzBqMIazE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:e6:75:6e:2d:f5:bb:af:b0:d5:c6:15:34:5c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Aug 23 03:02:45 2025 GMT
            Not After : Aug 24 03:02:45 2025 GMT
        Subject: CN=2cb15bc074d6d741115d87bf4d858d470639536c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:29:70:39:81:0e:02:6d:72:92:70:e7:f8:ca:
                    cd:33:88:57:10:36:d4:da:4a:4a:d0:84:00:5b:e3:
                    be:31:93:d6:b9:5b:2c:ee:34:90:2c:94:12:71:8a:
                    b3:5c:c5:78:07:7c:40:40:5b:19:be:fb:a1:75:6b:
                    05:49:63:db:ea:29:9e:a1:33:22:03:c3:d5:76:3e:
                    da:99:ba:f0:e6:a6:bf:0d:ad:a3:39:4a:a6:fc:e9:
                    b5:ed:78:5b:14:fa:ee:f3:8c:58:af:97:d5:c4:8d:
                    f2:6a:f8:db:d9:33:c9:93:da:3a:73:7e:5b:1d:e0:
                    89:42:3a:4b:31:d8:2a:60:6b:17:7f:af:96:68:b2:
                    04:f3:e9:5a:3f:bc:50:76:6f:2b:73:b8:62:c7:5c:
                    21:5b:47:60:7a:e3:1d:e0:e4:c0:47:cb:54:ff:cd:
                    10:71:73:35:36:25:13:a5:29:f1:70:98:ed:81:52:
                    56:83:db:03:04:ab:af:7b:b1:b1:28:37:6d:0b:dc:
                    bf:bb:e3:f8:1b:25:69:a8:eb:39:85:34:a8:f4:47:
                    ba:86:0d:ba:51:8b:40:cb:a7:48:a1:7c:e0:b8:5e:
                    82:97:fc:43:23:2e:a0:eb:88:13:c6:94:f5:0f:73:
                    a6:93:2f:5a:85:d6:f4:81:2a:e7:02:34:7c:b3:97:
                    34:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:B1:5B:C0:74:D6:D7:41:11:5D:87:BF:4D:85:8D:47:06:39:53:6C
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:54:0e:ca:0d:97:ed:30:d4:30:48:82:14:0b:5e:11:75:b6:
         cf:a7:40:6a:b3:3b:3a:b7:6a:60:11:6c:3c:f8:16:9d:20:69:
         75:6d:22:69:95:cc:f8:d6:f2:09:10:ff:97:fb:27:74:d0:9d:
         f6:4c:61:34:70:50:a5:fe:91:31:0c:04:8d:c9:a6:15:c1:2c:
         a6:45:38:a8:a6:80:aa:19:63:93:44:4d:c1:56:f1:09:05:86:
         8b:83:f1:a3:d1:6f:b0:51:48:fc:d9:df:d9:99:04:57:f2:85:
         9f:49:62:9f:63:c2:81:e4:95:5c:10:ee:12:72:79:61:81:df:
         a6:30:56:eb:7c:5a:4e:46:4d:26:b9:fb:3e:15:47:05:68:90:
         37:a4:04:22:db:09:77:07:e9:70:db:fd:33:4f:7d:10:4f:03:
         ca:0b:96:ce:6b:17:00:75:ed:64:bd:f1:c3:48:b1:fd:6b:82:
         7f:8f:bb:89:fe:6b:4d:5b:80:b0:f9:54:3a:c2:d2:26:8c:b9:
         22:1b:60:9e:2a:40:89:33:56:93:8c:33:1c:5d:af:73:82:d2:
         75:a1:06:7e:03:7a:a3:a1:40:c9:dc:4a:f9:99:ed:54:6d:55:
         20:90:09:5f:cc:8e:cc:fc:90:d4:a0:22:d9:9d:12:ca:29:df:
         4b:90:bd:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4OZ1bi31u6+w1cYVNFy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUwODIzMDMwMjQ1WhcNMjUwODI0MDMwMjQ1WjAzMTEwLwYDVQQD
EygyY2IxNWJjMDc0ZDZkNzQxMTE1ZDg3YmY0ZDg1OGQ0NzA2Mzk1MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApilwOYEOAm1yknDn+MrNM4hXEDbU
2kpK0IQAW+O+MZPWuVss7jSQLJQScYqzXMV4B3xAQFsZvvuhdWsFSWPb6imeoTMi
A8PVdj7ambrw5qa/Da2jOUqm/Om17XhbFPru84xYr5fVxI3yavjb2TPJk9o6c35b
HeCJQjpLMdgqYGsXf6+WaLIE8+laP7xQdm8rc7hix1whW0dgeuMd4OTAR8tU/80Q
cXM1NiUTpSnxcJjtgVJWg9sDBKuve7GxKDdtC9y/u+P4GyVpqOs5hTSo9Ee6hg26
UYtAy6dIoXzguF6Cl/xDIy6g64gTxpT1D3Omky9ahdb0gSrnAjR8s5c0hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyxW8B01tdBEV2Hv02FjUcGOVNsMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtVQOyg2X
7TDUMEiCFAteEXW2z6dAarM7OrdqYBFsPPgWnSBpdW0iaZXM+NbyCRD/l/sndNCd
9kxhNHBQpf6RMQwEjcmmFcEspkU4qKaAqhljk0RNwVbxCQWGi4Pxo9FvsFFI/Nnf
2ZkEV/KFn0lin2PCgeSVXBDuEnJ5YYHfpjBW63xaTkZNJrn7PhVHBWiQN6QEItsJ
dwfpcNv9M099EE8DyguWzmsXAHXtZL3xw0ix/WuCf4+7if5rTVuAsPlUOsLSJoy5
IhtgnipAiTNWk4wzHF2vc4LSdaEGfgN6o6FAydxK+ZntVG1VIJAJX8yOzPyQ1KAi
2Z0SyinfS5C9mw==
-----END CERTIFICATE-----