Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          sWTpuF19os+ltgWJsOm76v3P//eziksuYV67Iz1VhpI=
Subject key identifier:   FA:82:5D:20:21:96:ED:9A:51:B7:DE:1D:1F:E2:0E:35:A8:4D:94:BC
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       0198D5BBDA9E3CE426E0CDA9D015181F045D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          12DA
Signing time:             Sat 23 Aug 2025 07:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:54 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: sVHJjWEXxKiJYjm7u4LUIOTGKzSdOB6opzHJ03hg4C0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:da:9e:3c:e4:26:e0:cd:a9:d0:15:18:1f:04:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Aug 23 07:01:54 2025 GMT
            Not After : Aug 24 07:01:54 2025 GMT
        Subject: CN=fa825d202196ed9a51b7de1d1fe20e35a84d94bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c9:91:a9:d2:17:0f:fd:3a:ce:83:5d:2e:f0:
                    89:39:f2:58:5d:6d:50:09:e1:28:33:ef:b1:96:6a:
                    01:1b:26:4e:95:42:c4:0b:74:37:8c:1b:14:6c:30:
                    2a:54:99:67:fb:16:df:5f:b2:40:b9:b1:d8:a0:ef:
                    20:67:09:3d:ad:7b:f4:9f:fd:ec:83:53:6d:85:bf:
                    54:b9:b8:09:d5:08:31:b3:c3:18:6b:6d:e7:e4:8b:
                    5a:64:4f:f1:c5:56:6f:6b:60:ef:b2:f2:07:eb:6b:
                    3a:21:0b:f8:c9:22:37:f7:e5:af:e6:13:ba:f5:09:
                    cb:86:63:93:1b:0b:b7:c1:23:48:fc:a5:39:9b:5e:
                    21:f1:7a:ea:47:7f:ce:4b:b6:9c:33:62:2b:a1:87:
                    c0:e6:b1:c1:c8:ea:e0:cc:92:4c:6d:42:38:dd:22:
                    fd:f9:62:0d:81:d1:cd:a2:75:a8:80:f4:68:7f:9f:
                    13:70:04:89:6b:92:70:f5:a7:c0:d1:aa:26:1f:0d:
                    4d:8f:2d:0e:cd:00:3f:15:3c:ef:76:13:78:29:5c:
                    d4:4b:2d:ae:a9:07:0a:af:19:88:9d:07:fc:8a:c0:
                    63:f6:91:a8:a0:27:d2:71:ba:a6:92:e1:d8:37:3f:
                    29:f4:66:cb:58:b8:cc:23:50:fa:72:c4:a6:ca:76:
                    7b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:82:5D:20:21:96:ED:9A:51:B7:DE:1D:1F:E2:0E:35:A8:4D:94:BC
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:3f:bd:aa:e4:81:e8:c8:f7:da:43:71:b0:bc:16:ee:03:b8:
         ac:68:49:e4:d2:24:27:f3:b5:f9:61:a9:ec:b5:06:90:74:14:
         4d:7d:56:3b:bd:41:4b:5a:34:c9:3a:b1:c3:c5:0f:11:7e:7f:
         8d:91:8b:68:fb:c9:e7:60:17:47:5a:47:e9:a1:68:10:cd:e3:
         f5:05:8c:9c:95:f0:68:6e:bb:eb:35:3a:52:47:ff:ec:e4:03:
         40:d8:58:01:f9:e3:e9:11:35:df:37:19:fd:fc:53:45:02:af:
         0e:4e:3d:38:ef:49:d5:fe:3e:9b:0e:4e:d3:09:6c:0f:73:57:
         ac:bb:57:b4:55:0f:15:1d:f7:96:f0:f0:34:27:8f:57:f7:eb:
         ba:d0:56:6a:9f:c2:a8:f5:d0:5a:08:11:e8:c9:57:04:0e:82:
         72:87:69:d7:0a:33:69:23:83:68:53:1e:60:2a:f9:04:42:36:
         e5:b3:69:93:d4:f3:2d:b6:e4:14:c5:5a:d6:28:e9:5f:66:09:
         7b:51:8d:68:65:e5:d7:c0:fd:10:4f:ca:79:bc:b1:f7:df:23:
         a4:ba:4d:8c:07:a4:a8:aa:43:44:f2:ee:d8:e1:e4:17:06:9a:
         58:8d:85:2b:8b:ec:a0:36:8a:66:3a:dc:47:78:3e:22:58:55:
         34:3a:bb:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu9qePOQm4M2p0BUYHwRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjUwODIzMDcwMTU0WhcNMjUwODI0MDcwMTU0WjAzMTEwLwYDVQQD
EyhmYTgyNWQyMDIxOTZlZDlhNTFiN2RlMWQxZmUyMGUzNWE4NGQ5NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMmRqdIXD/06zoNdLvCJOfJYXW1Q
CeEoM++xlmoBGyZOlULEC3Q3jBsUbDAqVJln+xbfX7JAubHYoO8gZwk9rXv0n/3s
g1Nthb9UubgJ1Qgxs8MYa23n5ItaZE/xxVZva2DvsvIH62s6IQv4ySI39+Wv5hO6
9QnLhmOTGwu3wSNI/KU5m14h8XrqR3/OS7acM2IroYfA5rHByOrgzJJMbUI43SL9
+WINgdHNonWogPRof58TcASJa5Jw9afA0aomHw1Njy0OzQA/FTzvdhN4KVzUSy2u
qQcKrxmInQf8isBj9pGooCfScbqmkuHYNz8p9GbLWLjMI1D6csSmynZ7IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqCXSAhlu2aUbfeHR/iDjWoTZS8MB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYD+9quSB
6Mj32kNxsLwW7gO4rGhJ5NIkJ/O1+WGp7LUGkHQUTX1WO71BS1o0yTqxw8UPEX5/
jZGLaPvJ52AXR1pH6aFoEM3j9QWMnJXwaG676zU6Ukf/7OQDQNhYAfnj6RE13zcZ
/fxTRQKvDk49OO9J1f4+mw5O0wlsD3NXrLtXtFUPFR33lvDwNCePV/frutBWap/C
qPXQWggR6MlXBA6Ccodp1wozaSODaFMeYCr5BEI25bNpk9TzLbbkFMVa1ijpX2YJ
e1GNaGXl18D9EE/Kebyx998jpLpNjAekqKpDRPLu2OHkFwaaWI2FK4vsoDaKZjrc
R3g+IlhVNDq79w==
-----END CERTIFICATE-----