Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
File:                     aPQ7W7zEligG6pMi7Ckum2bdzMU.mft (raw, json)
Hash identifier:          wPG5WqYXjpKtk/tuhDxcrrdGluXDUBeFwFZT4ccOj48=
Subject key identifier:   D9:CA:89:B1:10:D7:7C:DE:1A:FD:88:61:BA:7A:30:4D:2B:86:7E:A9
Authority key identifier: 68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5
Certificate issuer:       /CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
Certificate serial:       0198D73AE24B912428EB1AC2562DD7E1F9B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
Manifest number:          7C
Signing time:             Sat 23 Aug 2025 14:00:17 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:17 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:17 +0000
Files and hashes:         1: aPQ7W7zEligG6pMi7Ckum2bdzMU.crl (hash: TUryvh7DZ9yqUu3CPrPhTtOynMGeSqurBqWU0aX8Pao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3a:e2:4b:91:24:28:eb:1a:c2:56:2d:d7:e1:f9:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
        Validity
            Not Before: Aug 23 14:00:17 2025 GMT
            Not After : Aug 24 14:00:17 2025 GMT
        Subject: CN=d9ca89b110d77cde1afd8861ba7a304d2b867ea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c5:de:13:ff:16:f4:c2:9f:96:b5:8a:66:22:
                    08:3d:34:0b:c8:e3:50:77:e6:62:d4:cb:d0:9e:e4:
                    68:ba:61:f6:29:dc:32:85:7f:c0:df:5e:a2:40:75:
                    1a:d4:4d:c2:79:29:69:2d:32:88:6a:6b:7b:61:61:
                    6d:7c:4c:c2:2a:71:40:8f:15:ed:58:3e:7d:46:da:
                    f5:27:78:9e:6f:bd:98:3c:25:df:4a:91:b0:49:ec:
                    f6:a7:a6:9e:aa:00:73:6f:e4:0a:d6:73:4e:e0:f5:
                    c6:4d:04:3c:19:65:5f:c5:6e:3a:18:77:9a:ba:90:
                    a0:a6:15:f3:70:89:be:70:75:21:a6:4d:81:3b:3e:
                    40:16:ca:b4:4e:68:32:85:3f:b9:d7:89:b9:e6:1d:
                    e7:3e:75:cf:94:b2:7d:b7:d0:ec:5e:f8:b1:e3:58:
                    c0:82:38:1f:70:71:99:72:49:0f:a3:cf:6f:e3:a0:
                    f9:8d:21:a4:16:e0:c0:8d:9c:d0:de:b5:e8:55:b4:
                    02:02:0f:b6:d6:d0:f8:1d:83:25:02:0b:56:2a:12:
                    aa:51:19:90:3d:fa:74:46:10:84:64:ce:22:d4:e4:
                    1e:3c:76:c1:11:1c:10:76:05:63:d8:ad:11:c3:e2:
                    95:aa:e7:36:03:ed:10:2c:09:74:bf:b0:ba:e4:f3:
                    6c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:CA:89:B1:10:D7:7C:DE:1A:FD:88:61:BA:7A:30:4D:2B:86:7E:A9
            X509v3 Authority Key Identifier:
                keyid:68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:1f:fa:1f:0a:78:cf:99:f0:5f:36:30:91:0c:d9:f8:08:ce:
         94:0a:9f:a2:cb:3b:c2:19:18:91:d0:1d:b3:56:c5:d9:49:76:
         1f:27:c7:d9:f2:50:08:0c:ed:00:47:be:f0:e1:b3:a1:0c:cf:
         55:6d:d5:9c:55:0a:62:2e:fe:20:c6:08:a5:7b:0f:65:6c:70:
         2b:21:3c:d7:3a:ef:59:b9:15:9c:7a:f7:df:af:89:34:3b:4a:
         0c:d9:f9:b2:23:26:7f:fc:6c:a2:e9:1f:8e:7b:3c:d7:a5:62:
         ae:7b:61:1c:69:f0:5a:36:c6:5c:6a:93:a7:d3:d9:2c:f1:bc:
         29:5e:23:f9:9b:09:65:8c:7e:ab:f1:d1:47:e2:91:83:d7:44:
         66:cd:48:4d:20:3f:e1:4c:64:d2:00:1c:cf:2f:9f:68:c1:85:
         64:b3:cf:7c:6f:2b:86:af:b0:83:4f:e6:a2:0a:86:f3:85:02:
         44:7e:36:30:93:20:7e:03:23:8a:44:6a:7b:96:1d:8a:87:0d:
         5a:1e:23:25:6a:96:73:5d:ce:48:23:ae:18:08:92:5c:33:94:
         ad:00:cf:6b:66:b0:6f:6e:d8:09:6b:75:75:3b:61:a0:25:96:
         c3:44:cc:c5:fd:7b:1b:cc:0a:0c:f1:38:b4:0a:f0:9d:a7:56:
         e1:f1:cb:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOuJLkSQo6xrCVi3X4fmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjQzYjViYmNjNDk2MjgwNmVhOTMyMmVjMjkyZTliNjZk
ZGNjYzUwHhcNMjUwODIzMTQwMDE3WhcNMjUwODI0MTQwMDE3WjAzMTEwLwYDVQQD
EyhkOWNhODliMTEwZDc3Y2RlMWFmZDg4NjFiYTdhMzA0ZDJiODY3ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MXeE/8W9MKflrWKZiIIPTQLyONQ
d+Zi1MvQnuRoumH2KdwyhX/A316iQHUa1E3CeSlpLTKIamt7YWFtfEzCKnFAjxXt
WD59Rtr1J3ieb72YPCXfSpGwSez2p6aeqgBzb+QK1nNO4PXGTQQ8GWVfxW46GHea
upCgphXzcIm+cHUhpk2BOz5AFsq0TmgyhT+514m55h3nPnXPlLJ9t9DsXvix41jA
gjgfcHGZckkPo89v46D5jSGkFuDAjZzQ3rXoVbQCAg+21tD4HYMlAgtWKhKqURmQ
Pfp0RhCEZM4i1OQePHbBERwQdgVj2K0Rw+KVquc2A+0QLAl0v7C65PNsuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnKibEQ13zeGv2IYbp6ME0rhn6pMB8GA1UdIwQY
MBaAFGj0O1u8xJYoBuqTIuwpLptm3czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUt
MDI0ODNlNjQ4MmNiLzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUtMDI0ODNlNjQ4MmNi
LzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbx/6Hwp4
z5nwXzYwkQzZ+AjOlAqfoss7whkYkdAds1bF2Ul2HyfH2fJQCAztAEe+8OGzoQzP
VW3VnFUKYi7+IMYIpXsPZWxwKyE81zrvWbkVnHr336+JNDtKDNn5siMmf/xsoukf
jns816VirnthHGnwWjbGXGqTp9PZLPG8KV4j+ZsJZYx+q/HRR+KRg9dEZs1ITSA/
4Uxk0gAczy+faMGFZLPPfG8rhq+wg0/mogqG84UCRH42MJMgfgMjikRqe5YdiocN
Wh4jJWqWc13OSCOuGAiSXDOUrQDPa2awb27YCWt1dTthoCWWw0TMxf17G8wKDPE4
tArwnadW4fHLWg==
-----END CERTIFICATE-----