Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
File:                     rSRGM37TPO3jTe_1VxBdxxwDqRY.mft (raw, json)
Hash identifier:          fmAp4HARLcFtdyg9P/OeCs51YbhT4oABQXlkoXmWUOQ=
Subject key identifier:   0B:53:D2:1E:7A:32:5C:0A:86:9D:AB:D3:52:D9:90:C7:59:51:A0:7C
Authority key identifier: AD:24:46:33:7E:D3:3C:ED:E3:4D:EF:F5:57:10:5D:C7:1C:03:A9:16
Certificate issuer:       /CN=ad2446337ed33cede34deff557105dc71c03a916
Certificate serial:       0198D65F660C93C0F50EDBEFE91C9DC7209F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
Manifest number:          05DB
Signing time:             Sat 23 Aug 2025 10:00:32 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:32 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:32 +0000
Files and hashes:         1: rSRGM37TPO3jTe_1VxBdxxwDqRY.crl (hash: Is4SjXJ0t2B6Ao+4Y6Bkxp4Q+QwSmsicNxjca5gztSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:66:0c:93:c0:f5:0e:db:ef:e9:1c:9d:c7:20:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2446337ed33cede34deff557105dc71c03a916
        Validity
            Not Before: Aug 23 10:00:32 2025 GMT
            Not After : Aug 24 10:00:32 2025 GMT
        Subject: CN=0b53d21e7a325c0a869dabd352d990c75951a07c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:37:f4:a1:42:db:94:72:66:21:af:60:e9:b3:
                    b8:e5:5e:0c:d7:4f:00:8a:55:0c:e1:c0:9c:75:88:
                    ef:8e:82:70:65:a2:97:f5:24:ac:7d:71:c0:27:86:
                    a9:0e:39:ad:4f:e5:39:44:7d:2c:11:b4:e7:f5:b4:
                    cf:4d:de:ec:db:3d:28:91:a2:6a:d8:bb:a3:cc:79:
                    ce:34:e4:77:f9:ec:fa:ea:c7:04:8e:0a:4d:ba:61:
                    79:30:46:9d:6e:7c:86:3b:97:51:ce:35:97:6f:23:
                    95:d8:f8:66:27:4f:c8:06:98:3d:54:d3:48:88:1e:
                    2d:7d:21:a5:0f:5e:69:3c:b6:e2:c0:56:cd:7c:ec:
                    db:a1:fe:75:63:ee:48:c8:06:6f:c1:20:78:02:ec:
                    8d:c8:6e:6a:39:0f:56:34:ef:b9:2a:3f:ed:3a:b2:
                    eb:31:29:a3:d3:60:f6:5d:6e:ca:ec:a8:1e:45:59:
                    4f:de:a6:53:4d:58:37:80:78:e6:aa:a6:60:bb:43:
                    9a:ff:31:4d:83:08:48:7a:a4:fc:cb:a8:1c:45:1e:
                    78:b9:e4:4a:d5:5d:53:00:9a:b4:09:f3:e9:99:8b:
                    b4:cc:7c:1d:71:2f:94:05:07:3a:92:d0:85:4f:c5:
                    5c:f6:f2:3d:dc:a9:8d:d5:d5:9e:aa:2f:3e:c5:ec:
                    9c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:53:D2:1E:7A:32:5C:0A:86:9D:AB:D3:52:D9:90:C7:59:51:A0:7C
            X509v3 Authority Key Identifier:
                keyid:AD:24:46:33:7E:D3:3C:ED:E3:4D:EF:F5:57:10:5D:C7:1C:03:A9:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:04:69:d4:69:22:28:46:5f:8c:15:0c:c3:d0:4b:ef:8c:68:
         49:1a:49:ab:82:3b:73:20:7b:11:cc:31:19:95:8d:c9:f1:18:
         75:e5:2e:b4:78:49:49:ef:5f:37:4d:b0:97:77:90:5e:1c:8d:
         5d:ed:68:ea:1b:88:63:0c:c5:6f:f1:bf:9d:9c:80:55:cd:52:
         47:e2:dd:63:f8:dc:97:94:d7:23:f0:ed:4f:6a:ba:7d:19:12:
         d5:90:33:88:d7:be:dc:f4:d8:77:24:d8:b7:ee:99:c3:ef:0c:
         78:34:8b:89:3b:5b:14:74:1d:a5:45:94:ba:68:d7:2c:71:8b:
         5d:2f:cf:bc:5d:ba:07:45:a7:49:2f:d1:35:ab:d9:ac:e1:dd:
         18:28:23:ab:33:02:f8:29:25:16:51:cb:1a:dd:0d:6c:17:3e:
         56:3e:3c:90:ec:59:03:7a:19:41:fa:cd:69:ca:c2:7a:f3:f9:
         7c:76:0e:38:2e:f3:a3:7b:5e:af:8e:a2:6a:f7:9f:0c:b9:29:
         a5:c7:e8:c4:4f:95:40:57:89:5b:82:03:05:4d:52:17:98:b2:
         d7:8a:d5:26:d4:48:f1:83:67:c7:cc:a2:ab:81:87:f3:e0:d7:
         a3:98:e7:bc:9a:ea:8d:e0:b9:00:fb:59:b7:62:0a:6b:8f:f6:
         98:56:a8:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX2YMk8D1Dtvv6RydxyCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQ0NjMzN2VkMzNjZWRlMzRkZWZmNTU3MTA1ZGM3MWMw
M2E5MTYwHhcNMjUwODIzMTAwMDMyWhcNMjUwODI0MTAwMDMyWjAzMTEwLwYDVQQD
EygwYjUzZDIxZTdhMzI1YzBhODY5ZGFiZDM1MmQ5OTBjNzU5NTFhMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszf0oULblHJmIa9g6bO45V4M108A
ilUM4cCcdYjvjoJwZaKX9SSsfXHAJ4apDjmtT+U5RH0sEbTn9bTPTd7s2z0okaJq
2LujzHnONOR3+ez66scEjgpNumF5MEadbnyGO5dRzjWXbyOV2PhmJ0/IBpg9VNNI
iB4tfSGlD15pPLbiwFbNfOzbof51Y+5IyAZvwSB4AuyNyG5qOQ9WNO+5Kj/tOrLr
MSmj02D2XW7K7KgeRVlP3qZTTVg3gHjmqqZgu0Oa/zFNgwhIeqT8y6gcRR54ueRK
1V1TAJq0CfPpmYu0zHwdcS+UBQc6ktCFT8Vc9vI93KmN1dWeqi8+xeycfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtT0h56MlwKhp2r01LZkMdZUaB8MB8GA1UdIwQY
MBaAFK0kRjN+0zzt403v9VcQXcccA6kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZmE3NmMtMDVjYy00M2RjLTk4ZjEt
ZTcwN2RlYzdiZDZjLzEvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZmE3NmMtMDVjYy00M2RjLTk4ZjEtZTcwN2RlYzdiZDZj
LzEvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQRp1Gki
KEZfjBUMw9BL74xoSRpJq4I7cyB7EcwxGZWNyfEYdeUutHhJSe9fN02wl3eQXhyN
Xe1o6huIYwzFb/G/nZyAVc1SR+LdY/jcl5TXI/DtT2q6fRkS1ZAziNe+3PTYdyTY
t+6Zw+8MeDSLiTtbFHQdpUWUumjXLHGLXS/PvF26B0WnSS/RNavZrOHdGCgjqzMC
+CklFlHLGt0NbBc+Vj48kOxZA3oZQfrNacrCevP5fHYOOC7zo3ter46iavefDLkp
pcfoxE+VQFeJW4IDBU1SF5iy14rVJtRI8YNnx8yiq4GH8+DXo5jnvJrqjeC5APtZ
t2IKa4/2mFaotg==
-----END CERTIFICATE-----