Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
File:                     pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft (raw, json)
Hash identifier:          7YvlpAZw049PUvI12pYkuqCMAbtEkr3VOByTVW1UQ7o=
Subject key identifier:   D7:DE:0F:A8:5D:F6:77:29:BA:D5:F0:73:91:4E:D4:20:F8:22:55:8B
Authority key identifier: A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF
Certificate issuer:       /CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
Certificate serial:       0198D6603C525C7FFBA2609036F68BF7EC27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
Manifest number:          0F67
Signing time:             Sat 23 Aug 2025 10:01:27 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:27 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:27 +0000
Files and hashes:         1: pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl (hash: 4/iN4W/KTZEG53maUThZq98HR5bvFhU8u241DdATHME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:3c:52:5c:7f:fb:a2:60:90:36:f6:8b:f7:ec:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
        Validity
            Not Before: Aug 23 10:01:27 2025 GMT
            Not After : Aug 24 10:01:27 2025 GMT
        Subject: CN=d7de0fa85df67729bad5f073914ed420f822558b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7d:f2:24:04:3f:00:1d:ec:05:79:18:cc:83:
                    76:e5:8c:66:ab:f9:73:b1:86:13:8a:ca:45:1a:f9:
                    fa:7a:30:0e:43:11:8a:98:4a:b0:04:21:81:0f:fc:
                    48:19:be:f1:ff:bb:b2:4d:33:a4:3d:64:aa:ee:c2:
                    d6:b8:48:21:1e:28:7a:44:95:85:76:60:a8:e8:93:
                    6b:92:aa:02:86:49:5c:19:9c:ab:ff:05:18:73:d3:
                    ca:ec:60:0c:c7:5d:9f:d5:59:41:08:96:54:b3:da:
                    b1:ec:bd:e2:56:d4:90:69:88:ea:60:35:0e:3b:48:
                    b6:ad:04:67:3b:cb:25:6c:26:4e:a7:47:52:a9:fd:
                    7a:f5:5a:77:1b:f9:00:91:99:e0:82:2d:83:a5:f4:
                    49:97:da:b1:bb:75:2c:9d:f6:d5:7d:bf:19:e1:8f:
                    8d:51:e8:02:b4:6a:77:ca:4d:6a:fa:ff:cd:78:9f:
                    f8:12:25:05:90:46:4e:a9:ff:ad:f4:63:44:14:62:
                    84:c5:c5:17:ec:52:30:5c:36:a1:79:8c:7d:21:68:
                    82:56:48:b0:14:e0:a7:28:aa:16:e9:56:44:0e:90:
                    ed:6b:90:89:9b:28:12:35:d8:ae:ce:e9:cb:c0:7f:
                    1c:bd:39:d3:77:3f:db:c3:b0:11:00:6f:e1:1b:4e:
                    13:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:DE:0F:A8:5D:F6:77:29:BA:D5:F0:73:91:4E:D4:20:F8:22:55:8B
            X509v3 Authority Key Identifier:
                keyid:A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:97:7f:9a:dd:33:28:5b:6c:16:4d:10:bc:54:ed:e6:fe:22:
         ca:f2:e4:57:77:fa:b5:47:91:6a:cd:d9:90:25:ec:3f:37:7b:
         ef:e6:3b:f0:47:99:81:1d:14:e1:ba:d2:a8:95:7d:82:9a:3f:
         2f:21:06:56:18:65:58:f4:b9:82:4a:67:01:60:df:87:b3:45:
         fc:d1:95:50:d4:37:77:0b:4a:64:8c:e0:b7:68:45:6b:41:d9:
         58:61:fc:c2:2b:32:85:f8:ae:65:39:75:d0:64:bf:a7:6b:b7:
         48:92:0c:c3:8c:84:be:8a:2f:c7:8e:1c:0e:cc:1f:d0:22:1f:
         10:fc:7b:da:20:60:d7:51:88:9a:56:11:4d:b0:67:de:27:e9:
         51:72:4f:07:9d:75:bb:31:a1:84:a3:60:3b:46:a9:44:8d:72:
         77:b5:ff:01:41:ba:00:0c:bc:b8:30:39:04:d2:e2:15:6c:6a:
         4b:19:35:74:44:94:c6:c0:6f:d3:30:59:cb:fe:64:18:4b:8f:
         af:36:fb:9c:17:d8:c0:a1:81:9d:32:67:ae:5d:15:25:c4:1d:
         d6:37:63:75:f6:b4:c0:f0:61:ff:ae:39:e9:ba:6a:71:fb:c0:
         61:6f:51:85:62:c1:f0:f1:0f:80:c0:0e:9d:01:e9:d1:a4:56:
         45:39:bf:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDxSXH/7omCQNvaL9+wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGE5ZTI3NWM1YzE3ODA5YjhmY2Y4YzBmZTBiNWY2MzI5
Y2VlZWYwHhcNMjUwODIzMTAwMTI3WhcNMjUwODI0MTAwMTI3WjAzMTEwLwYDVQQD
EyhkN2RlMGZhODVkZjY3NzI5YmFkNWYwNzM5MTRlZDQyMGY4MjI1NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H3yJAQ/AB3sBXkYzIN25Yxmq/lz
sYYTispFGvn6ejAOQxGKmEqwBCGBD/xIGb7x/7uyTTOkPWSq7sLWuEghHih6RJWF
dmCo6JNrkqoChklcGZyr/wUYc9PK7GAMx12f1VlBCJZUs9qx7L3iVtSQaYjqYDUO
O0i2rQRnO8slbCZOp0dSqf169Vp3G/kAkZnggi2DpfRJl9qxu3UsnfbVfb8Z4Y+N
UegCtGp3yk1q+v/NeJ/4EiUFkEZOqf+t9GNEFGKExcUX7FIwXDaheYx9IWiCVkiw
FOCnKKoW6VZEDpDta5CJmygSNdiuzunLwH8cvTnTdz/bw7ARAG/hG04TLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfeD6hd9ncputXwc5FO1CD4IlWLMB8GA1UdIwQY
MBaAFKVKnidcXBeAm4/PjA/gtfYynO7vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTkt
Njk5ODBlZWJjMjBjLzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTktNjk5ODBlZWJjMjBj
LzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpd/mt0z
KFtsFk0QvFTt5v4iyvLkV3f6tUeRas3ZkCXsPzd77+Y78EeZgR0U4brSqJV9gpo/
LyEGVhhlWPS5gkpnAWDfh7NF/NGVUNQ3dwtKZIzgt2hFa0HZWGH8wisyhfiuZTl1
0GS/p2u3SJIMw4yEvoovx44cDswf0CIfEPx72iBg11GImlYRTbBn3ifpUXJPB511
uzGhhKNgO0apRI1yd7X/AUG6AAy8uDA5BNLiFWxqSxk1dESUxsBv0zBZy/5kGEuP
rzb7nBfYwKGBnTJnrl0VJcQd1jdjdfa0wPBh/6456bpqcfvAYW9RhWLB8PEPgMAO
nQHp0aRWRTm/aw==
-----END CERTIFICATE-----