Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          dbTRya7e/8jBf6caZpkzWMNkLxLEDasZ2HYzKuhzgyQ=
Subject key identifier:   62:3B:C9:F7:9D:08:EF:D9:9B:45:A5:E9:E0:05:6D:73:7A:2A:1D:50
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       0198D515B2FCF3C9B07DA1BEA9D5FACEEC15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 04:00:25 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:25 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:25 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: 2bM/xkkcS2lK9yusOfu89l3cNy8gm//l4fTU/kkEXFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:b2:fc:f3:c9:b0:7d:a1:be:a9:d5:fa:ce:ec:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Aug 23 04:00:25 2025 GMT
            Not After : Aug 24 04:00:25 2025 GMT
        Subject: CN=623bc9f79d08efd99b45a5e9e0056d737a2a1d50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:16:33:ad:64:0a:68:a1:f9:2a:7f:d0:03:b3:
                    99:b2:38:aa:4d:8d:50:4a:db:ee:e6:e3:a1:e6:09:
                    92:76:29:33:c1:3d:85:e5:1c:67:2d:c5:11:be:80:
                    59:3c:50:5c:a5:fb:0e:40:73:71:7b:de:2e:9c:d3:
                    53:bc:17:e8:0e:5f:16:c8:c6:64:a2:16:09:6f:c7:
                    0d:7c:0c:6e:08:a3:a5:95:76:f3:b6:15:a3:81:8f:
                    0e:f5:0f:c4:52:b4:ed:60:e6:54:65:1c:bc:e1:f2:
                    a8:20:5a:a8:50:61:07:b9:3c:bb:08:4c:54:f9:d5:
                    d4:5d:81:4f:fb:f9:50:58:aa:10:a4:1b:73:d4:07:
                    5b:0d:3f:94:53:63:b5:f3:b5:27:a5:9f:1d:e5:6e:
                    a4:7f:d4:c0:d6:88:0b:01:d6:f7:7f:5b:02:f7:23:
                    d1:9c:0f:4e:87:4a:40:58:e8:93:2b:d4:a6:64:f3:
                    2a:a4:71:b0:86:3e:68:d3:c2:2e:c8:2d:11:7f:50:
                    ea:dc:49:ba:83:de:78:01:66:84:6c:74:35:ad:01:
                    f4:42:f6:53:45:c0:f1:af:bc:4c:a3:3e:a4:4d:3d:
                    20:a2:31:cd:16:51:97:78:50:a2:0b:f1:14:71:ff:
                    04:1c:46:48:2e:88:c6:a2:54:c0:b7:b0:32:cc:e4:
                    47:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:3B:C9:F7:9D:08:EF:D9:9B:45:A5:E9:E0:05:6D:73:7A:2A:1D:50
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:35:23:c8:70:fc:3b:a0:d2:e0:bb:2b:9a:7a:e2:bd:7a:91:
         18:b4:5c:96:e8:5b:82:d5:bb:0c:4c:0f:f3:3d:e5:d1:8c:6a:
         bb:cf:24:1d:e4:aa:fd:f5:52:6a:bb:1f:0e:15:c4:f1:71:d9:
         ad:7e:66:65:4f:a8:85:32:5d:0c:01:81:08:3f:a8:6e:10:e8:
         f4:e6:79:a4:64:1d:43:c6:9b:cd:a5:70:42:12:60:19:c5:e3:
         4b:64:17:b3:44:0b:57:80:29:fa:bd:9e:de:0d:67:fa:44:94:
         a7:79:13:c2:c3:03:2d:7d:70:de:83:1b:0d:d0:eb:cd:30:72:
         3b:f8:3c:e6:09:f1:50:e3:f4:96:ac:09:32:d4:ba:eb:63:06:
         aa:42:c6:ad:e7:dd:23:f6:3e:a0:ac:7e:12:68:21:2d:d7:45:
         81:0b:8b:bc:4b:ef:5c:ae:0d:cf:0a:78:42:f8:47:04:e6:03:
         4b:89:2f:d3:67:1a:cf:2b:ba:69:26:ed:6a:fb:b0:d6:5e:fc:
         09:e0:28:a6:37:10:3b:74:0b:88:97:86:5d:79:85:9d:04:c6:
         c3:c7:d1:8c:fb:17:5f:cb:d5:4b:fa:7c:7c:4a:38:4f:46:56:
         dc:ba:6a:b4:ad:e7:04:cb:c6:86:28:90:1f:59:ff:f0:c1:42:
         ee:37:14:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFbL888mwfaG+qdX6zuwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUwODIzMDQwMDI1WhcNMjUwODI0MDQwMDI1WjAzMTEwLwYDVQQD
Eyg2MjNiYzlmNzlkMDhlZmQ5OWI0NWE1ZTllMDA1NmQ3MzdhMmExZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxYzrWQKaKH5Kn/QA7OZsjiqTY1Q
Stvu5uOh5gmSdikzwT2F5RxnLcURvoBZPFBcpfsOQHNxe94unNNTvBfoDl8WyMZk
ohYJb8cNfAxuCKOllXbzthWjgY8O9Q/EUrTtYOZUZRy84fKoIFqoUGEHuTy7CExU
+dXUXYFP+/lQWKoQpBtz1AdbDT+UU2O187UnpZ8d5W6kf9TA1ogLAdb3f1sC9yPR
nA9Oh0pAWOiTK9SmZPMqpHGwhj5o08IuyC0Rf1Dq3Em6g954AWaEbHQ1rQH0QvZT
RcDxr7xMoz6kTT0gojHNFlGXeFCiC/EUcf8EHEZILojGolTAt7AyzORHtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI7yfedCO/Zm0Wl6eAFbXN6Kh1QMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTUjyHD8
O6DS4LsrmnrivXqRGLRcluhbgtW7DEwP8z3l0Yxqu88kHeSq/fVSarsfDhXE8XHZ
rX5mZU+ohTJdDAGBCD+obhDo9OZ5pGQdQ8abzaVwQhJgGcXjS2QXs0QLV4Ap+r2e
3g1n+kSUp3kTwsMDLX1w3oMbDdDrzTByO/g85gnxUOP0lqwJMtS662MGqkLGrefd
I/Y+oKx+EmghLddFgQuLvEvvXK4Nzwp4QvhHBOYDS4kv02cazyu6aSbtavuw1l78
CeAopjcQO3QLiJeGXXmFnQTGw8fRjPsXX8vVS/p8fEo4T0ZW3LpqtK3nBMvGhiiQ
H1n/8MFC7jcULA==
-----END CERTIFICATE-----