Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
File:                     7_vi0INCz7z3p9dOiOvQMeEgItk.mft (raw, json)
Hash identifier:          KNNPbgwt0oJhJw5hjrv6b3QfTCSdqihw9A+B9QrD7Y0=
Subject key identifier:   51:D8:4A:57:6F:A9:02:8B:33:2C:2F:DA:85:5C:4F:31:6C:79:B7:8E
Authority key identifier: EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9
Certificate issuer:       /CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
Certificate serial:       0198D51635DD8BC6EC029497D8948C37FEF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
Manifest number:          043E
Signing time:             Sat 23 Aug 2025 04:00:59 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:59 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:59 +0000
Files and hashes:         1: 7_vi0INCz7z3p9dOiOvQMeEgItk.crl (hash: Pn/LdyAxGIC/itoV8rcoBIgo0hyCjfmX0sF0OG/cTdE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:35:dd:8b:c6:ec:02:94:97:d8:94:8c:37:fe:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
        Validity
            Not Before: Aug 23 04:00:59 2025 GMT
            Not After : Aug 24 04:00:59 2025 GMT
        Subject: CN=51d84a576fa9028b332c2fda855c4f316c79b78e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:10:32:d2:7a:0f:61:22:ab:3e:3b:ba:fe:1b:
                    a2:e0:fd:8b:72:a7:71:05:c5:fb:c4:29:29:5c:85:
                    8e:23:7a:ab:74:6f:c2:5e:41:a5:15:90:fd:11:84:
                    8e:0f:1c:08:f6:a5:6b:56:7a:c0:1d:76:e0:c1:b9:
                    3d:0c:c3:2c:70:38:36:93:95:e8:9d:e1:4b:9f:e4:
                    24:06:fd:b8:ea:72:30:ec:76:1d:30:f4:87:ea:bd:
                    b6:71:ad:c0:4f:65:4f:9d:99:fc:79:aa:45:a0:22:
                    4a:2b:98:bd:6e:59:29:1b:8e:47:2d:78:21:8f:22:
                    2a:d9:f5:f0:0a:2a:15:3a:42:0a:47:f5:6d:4e:aa:
                    b2:32:90:b5:6c:48:6f:ec:6b:67:6e:57:0b:f8:7f:
                    98:73:10:55:88:34:38:ce:e8:36:c9:98:76:00:d9:
                    04:92:51:a3:bc:8a:45:7c:93:db:23:9f:9d:d7:9c:
                    91:9a:76:a5:7e:de:d7:00:70:64:ba:3a:b8:d4:ee:
                    7f:26:71:5d:c3:1d:d3:cb:38:04:d0:79:1f:31:7d:
                    cd:db:9b:60:00:f5:f6:61:6a:42:43:3e:36:ff:12:
                    01:97:73:dc:89:9d:42:0c:91:e4:4a:09:f3:2d:d4:
                    60:44:6c:ae:20:13:59:3e:f2:82:d6:fc:9f:b2:b6:
                    7e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D8:4A:57:6F:A9:02:8B:33:2C:2F:DA:85:5C:4F:31:6C:79:B7:8E
            X509v3 Authority Key Identifier:
                keyid:EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:48:fa:ed:f9:91:74:17:c6:bb:c0:39:66:8d:98:80:b4:67:
         e0:62:d0:e3:d3:b3:64:b1:15:35:4e:63:d7:b5:65:8a:2d:b6:
         66:eb:a9:d9:fe:ff:06:e1:a6:65:e6:ab:8a:f8:c3:31:0a:b2:
         3e:6c:64:fa:8c:3f:90:9d:1d:fe:c2:ba:8c:5b:6c:78:76:ce:
         13:e0:8d:20:f2:80:6d:b3:87:27:57:ab:d5:25:73:b4:b7:4d:
         85:2d:72:ab:74:17:cf:86:a4:38:a7:4b:9b:f1:66:0f:9e:0b:
         98:af:c9:d9:db:06:38:22:bf:35:79:5a:b1:dd:cd:58:78:4b:
         57:c2:88:57:70:6b:14:6f:5b:27:af:50:f9:fe:22:e0:b9:6b:
         3c:06:ba:18:fd:b2:25:64:94:c3:09:21:b8:c2:6d:f7:4f:cf:
         08:aa:71:27:19:2a:33:3f:58:f8:13:8d:d9:74:93:e9:f6:b5:
         9c:82:47:9f:d8:33:c3:2e:9c:03:72:f0:e9:3b:ec:e4:88:be:
         4d:2a:65:5f:ea:ed:7d:03:4b:f2:81:44:8f:60:5c:1a:ad:1d:
         d1:46:6b:26:93:88:88:b5:23:8a:c7:77:f5:70:5a:68:56:04:
         65:a4:d1:94:67:03:13:c9:12:9d:17:da:e6:68:ac:74:9f:a6:
         cb:2c:6d:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFjXdi8bsApSX2JSMN/72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZmJlMmQwODM0MmNmYmNmN2E3ZDc0ZTg4ZWJkMDMxZTEy
MDIyZDkwHhcNMjUwODIzMDQwMDU5WhcNMjUwODI0MDQwMDU5WjAzMTEwLwYDVQQD
Eyg1MWQ4NGE1NzZmYTkwMjhiMzMyYzJmZGE4NTVjNGYzMTZjNzliNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxAy0noPYSKrPju6/hui4P2Lcqdx
BcX7xCkpXIWOI3qrdG/CXkGlFZD9EYSODxwI9qVrVnrAHXbgwbk9DMMscDg2k5Xo
neFLn+QkBv246nIw7HYdMPSH6r22ca3AT2VPnZn8eapFoCJKK5i9blkpG45HLXgh
jyIq2fXwCioVOkIKR/VtTqqyMpC1bEhv7GtnblcL+H+YcxBViDQ4zug2yZh2ANkE
klGjvIpFfJPbI5+d15yRmnalft7XAHBkujq41O5/JnFdwx3TyzgE0HkfMX3N25tg
APX2YWpCQz42/xIBl3PciZ1CDJHkSgnzLdRgRGyuIBNZPvKC1vyfsrZ+7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHYSldvqQKLMywv2oVcTzFsebeOMB8GA1UdIwQY
MBaAFO/74tCDQs+896fXTojr0DHhICLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEt
ZjJmMWNhMjg3MTQxLzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEtZjJmMWNhMjg3MTQx
LzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0j67fmR
dBfGu8A5Zo2YgLRn4GLQ49OzZLEVNU5j17Vlii22Zuup2f7/BuGmZearivjDMQqy
Pmxk+ow/kJ0d/sK6jFtseHbOE+CNIPKAbbOHJ1er1SVztLdNhS1yq3QXz4akOKdL
m/FmD54LmK/J2dsGOCK/NXlasd3NWHhLV8KIV3BrFG9bJ69Q+f4i4LlrPAa6GP2y
JWSUwwkhuMJt90/PCKpxJxkqMz9Y+BON2XST6fa1nIJHn9gzwy6cA3Lw6Tvs5Ii+
TSplX+rtfQNL8oFEj2BcGq0d0UZrJpOIiLUjisd39XBaaFYEZaTRlGcDE8kSnRfa
5misdJ+myyxtEw==
-----END CERTIFICATE-----