Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
File:                     ccWe2rmO-wzTdnYPQGnkxouL2iA.mft (raw, json)
Hash identifier:          iWxBtG0JM5IiZm04JFfFzaifE26rUmDdmkaKxWaEIgo=
Subject key identifier:   39:BD:12:45:2E:F1:A0:EE:E6:B5:B3:A6:97:72:77:63:19:CC:32:D6
Authority key identifier: 71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20
Certificate issuer:       /CN=71c59edab98efb0cd376760f4069e4c68b8bda20
Certificate serial:       0198D6602E196A15E7B0C5BD2D02C6E9328B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
Manifest number:          079A
Signing time:             Sat 23 Aug 2025 10:01:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:24 +0000
Files and hashes:         1: ccWe2rmO-wzTdnYPQGnkxouL2iA.crl (hash: d70pUi9fOwQotb+hZm4xnJbBPtdrWAXrxQlIDcqamTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:2e:19:6a:15:e7:b0:c5:bd:2d:02:c6:e9:32:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71c59edab98efb0cd376760f4069e4c68b8bda20
        Validity
            Not Before: Aug 23 10:01:24 2025 GMT
            Not After : Aug 24 10:01:24 2025 GMT
        Subject: CN=39bd12452ef1a0eee6b5b3a69772776319cc32d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3f:b6:4f:93:48:22:48:98:8f:d1:96:c1:ca:
                    e0:8e:7b:c5:1a:bd:f1:a8:3a:e4:6d:67:cf:c6:e4:
                    44:2f:9f:63:97:13:16:8a:48:20:97:81:7e:96:77:
                    20:f1:d4:bf:e5:e3:2c:3e:72:44:7a:d3:b0:5b:ad:
                    8e:14:7d:85:24:db:04:3c:92:25:3c:0e:15:af:75:
                    85:0a:dc:d3:90:44:8b:28:e5:64:dc:31:e9:32:a5:
                    c4:61:15:8b:b9:38:b9:9f:c6:0c:1a:24:72:fc:29:
                    ca:03:02:3d:7e:71:0c:07:ca:a0:57:06:3e:83:9c:
                    10:2f:d1:2a:b4:ff:d4:09:65:f4:ff:5f:77:09:40:
                    3e:f8:b3:6a:c8:79:35:7a:e0:33:88:72:8e:36:73:
                    44:a6:fa:41:65:73:39:91:67:50:15:7d:7b:8e:c1:
                    3f:a8:51:a4:b8:ea:1d:74:a5:e0:62:a8:47:de:28:
                    77:d6:e5:e9:46:be:4c:22:52:f6:c8:23:c3:86:d5:
                    5d:23:ad:3a:69:e8:24:aa:76:0c:90:27:58:92:c1:
                    63:86:55:52:83:c4:78:1a:db:f4:52:c5:d2:43:c6:
                    0a:89:88:75:e3:18:c6:66:97:45:e1:b4:78:ca:e7:
                    81:df:38:cf:6e:18:dd:60:18:7e:ec:96:da:76:4b:
                    99:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BD:12:45:2E:F1:A0:EE:E6:B5:B3:A6:97:72:77:63:19:CC:32:D6
            X509v3 Authority Key Identifier:
                keyid:71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:7c:0d:9b:dd:d0:e9:7c:72:ab:ab:50:aa:fe:b8:a6:12:a5:
         78:34:58:38:70:d3:33:44:48:3f:fc:9e:ed:e7:f0:a5:78:0a:
         f5:57:de:54:0e:31:0d:03:75:70:d8:02:56:6a:bc:c5:55:e9:
         b3:12:b9:e8:c0:29:f8:47:4d:51:09:cb:6d:1b:e9:bc:52:16:
         4e:13:c6:23:ee:6a:44:0c:b6:94:f5:4a:c8:23:ac:17:50:39:
         83:fe:28:a8:44:6b:f0:1c:46:fb:9e:b8:b9:71:83:6d:1f:5e:
         eb:c8:7a:6f:05:f8:7c:bc:03:b6:eb:dc:a0:de:03:9d:6c:03:
         a6:f5:84:4b:cf:ff:bc:4b:b7:0a:f2:37:0c:22:0a:aa:a1:1f:
         01:b8:22:01:c1:e3:6a:02:41:fd:3b:36:c0:33:1e:53:45:01:
         d8:cc:6c:8a:fe:11:0e:0e:ec:1d:d2:92:0b:20:17:33:d3:ec:
         2a:ca:97:ac:7f:8c:cc:e5:45:6d:df:47:7c:d7:75:e2:ab:8f:
         b3:b2:bf:fc:24:5b:c0:d1:bd:d5:12:cf:42:6b:70:89:63:e3:
         ab:bc:7d:b2:6c:26:6b:29:fa:40:e2:37:34:08:6a:0f:8f:bf:
         cd:fd:a7:ab:e0:f2:b9:be:70:85:85:41:bb:ef:be:71:60:e1:
         a0:e7:c0:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYC4ZahXnsMW9LQLG6TKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzU5ZWRhYjk4ZWZiMGNkMzc2NzYwZjQwNjllNGM2OGI4
YmRhMjAwHhcNMjUwODIzMTAwMTI0WhcNMjUwODI0MTAwMTI0WjAzMTEwLwYDVQQD
EygzOWJkMTI0NTJlZjFhMGVlZTZiNWIzYTY5NzcyNzc2MzE5Y2MzMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj+2T5NIIkiYj9GWwcrgjnvFGr3x
qDrkbWfPxuREL59jlxMWikggl4F+lncg8dS/5eMsPnJEetOwW62OFH2FJNsEPJIl
PA4Vr3WFCtzTkESLKOVk3DHpMqXEYRWLuTi5n8YMGiRy/CnKAwI9fnEMB8qgVwY+
g5wQL9EqtP/UCWX0/193CUA++LNqyHk1euAziHKONnNEpvpBZXM5kWdQFX17jsE/
qFGkuOoddKXgYqhH3ih31uXpRr5MIlL2yCPDhtVdI606aegkqnYMkCdYksFjhlVS
g8R4Gtv0UsXSQ8YKiYh14xjGZpdF4bR4yueB3zjPbhjdYBh+7JbadkuZSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDm9EkUu8aDu5rWzppdyd2MZzDLWMB8GA1UdIwQY
MBaAFHHFntq5jvsM03Z2D0Bp5MaLi9ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTct
NzdlY2JiYjRmN2Q4LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTctNzdlY2JiYjRmN2Q4
LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3wNm93Q
6Xxyq6tQqv64phKleDRYOHDTM0RIP/ye7efwpXgK9VfeVA4xDQN1cNgCVmq8xVXp
sxK56MAp+EdNUQnLbRvpvFIWThPGI+5qRAy2lPVKyCOsF1A5g/4oqERr8BxG+564
uXGDbR9e68h6bwX4fLwDtuvcoN4DnWwDpvWES8//vEu3CvI3DCIKqqEfAbgiAcHj
agJB/Ts2wDMeU0UB2Mxsiv4RDg7sHdKSCyAXM9PsKsqXrH+MzOVFbd9HfNd14quP
s7K//CRbwNG91RLPQmtwiWPjq7x9smwmayn6QOI3NAhqD4+/zf2nq+Dyub5whYVB
u+++cWDhoOfAGg==
-----END CERTIFICATE-----