Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          FTwOXVK/fKiS8etr16kPjCs9rt5sjf1IB/cRxy7rQdM=
Subject key identifier:   0C:F6:24:63:FA:04:A1:98:8D:FB:E4:1F:0B:36:62:E5:FB:27:F5:CB
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       0198D65F88E20C32B20760E05984505314B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          013C
Signing time:             Sat 23 Aug 2025 10:00:41 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:41 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:41 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: BmWjzblVQwAVa8rIOw3xoihdBowR3tqc+MAQSWgdzz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:88:e2:0c:32:b2:07:60:e0:59:84:50:53:14:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Aug 23 10:00:41 2025 GMT
            Not After : Aug 24 10:00:41 2025 GMT
        Subject: CN=0cf62463fa04a1988dfbe41f0b3662e5fb27f5cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:dc:bd:cc:fe:32:20:39:9d:91:96:6b:24:
                    a2:5f:93:a9:83:df:b7:ae:bc:ab:e0:fe:f4:9f:8d:
                    e9:a9:cd:5a:26:9f:60:ae:ee:8d:20:95:f5:3b:3c:
                    02:b8:96:53:a6:5f:c6:65:eb:42:e3:a1:78:57:da:
                    93:4f:70:5a:e3:cd:06:f3:f4:1e:56:80:fc:1b:19:
                    ab:5c:19:16:13:f4:1d:31:0d:6f:1f:37:33:8f:fb:
                    53:d3:71:97:b7:4a:e3:fa:5f:e7:55:8a:c1:21:f9:
                    19:80:9c:d3:6d:af:9a:20:c9:33:9e:36:17:06:d7:
                    8b:2c:a0:fe:e2:1e:9e:82:85:42:b2:7b:52:76:26:
                    92:bc:ef:38:0a:b1:fa:d1:68:79:1b:2e:86:a5:db:
                    d5:df:5c:de:bd:66:35:f5:6e:5e:bc:f2:e5:37:20:
                    cd:e6:cb:29:1c:c3:78:48:89:e8:17:6c:26:ab:ed:
                    90:27:b1:e3:a5:8b:ce:73:67:2b:5c:7b:d3:19:ac:
                    40:cc:ee:8d:36:4a:66:c1:e3:b9:85:5a:5f:8a:43:
                    8e:bf:f3:5b:44:d6:41:76:55:8f:4c:52:9a:b7:62:
                    10:93:82:f0:05:77:67:f2:35:fb:74:f6:ac:64:cb:
                    35:96:9a:bf:9f:aa:70:b0:d2:bd:7d:ec:09:7c:9c:
                    d6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:F6:24:63:FA:04:A1:98:8D:FB:E4:1F:0B:36:62:E5:FB:27:F5:CB
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:50:93:ac:6f:de:11:7e:e5:a4:0b:bd:e7:4f:9a:8e:0f:2d:
         d6:fc:f0:e2:3d:a2:d7:35:43:ca:cd:3e:34:10:11:35:be:e6:
         1b:c1:71:4d:64:37:f9:c6:21:f3:64:71:1d:25:49:0f:dd:6b:
         aa:ff:e1:58:18:d5:2b:88:67:93:f4:39:a8:2c:3c:ec:e6:17:
         21:83:3e:06:e1:e0:bd:c8:6c:e3:29:9d:ce:4c:dc:0a:d5:86:
         c9:b9:0e:91:3b:56:cc:20:a5:90:1c:24:88:8b:0c:6f:cf:87:
         ee:c6:5c:98:0a:0f:d8:a1:5b:53:28:84:48:0e:57:0e:92:de:
         99:6e:59:29:ae:ae:dc:ad:1f:a0:8b:31:33:04:aa:9f:a9:43:
         be:0c:e1:03:f5:aa:15:1e:c9:36:78:97:a4:79:95:9e:51:e8:
         d6:5d:ef:22:b1:09:5a:4f:1b:ec:e6:5b:7e:d8:c2:10:fd:ff:
         8b:e6:64:b9:db:84:95:e7:0a:3c:b4:36:31:08:d4:92:38:9a:
         d5:2a:b6:3c:54:bf:90:e6:c9:d4:9b:06:47:75:e5:90:67:b3:
         81:b4:c0:ba:87:f8:f4:50:b5:c7:b6:3c:07:b0:62:98:83:4a:
         cf:c3:ba:87:51:a9:ea:e3:54:50:78:8a:e0:7d:13:89:55:b9:
         2c:0b:62:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX4jiDDKyB2DgWYRQUxSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwODIzMTAwMDQxWhcNMjUwODI0MTAwMDQxWjAzMTEwLwYDVQQD
EygwY2Y2MjQ2M2ZhMDRhMTk4OGRmYmU0MWYwYjM2NjJlNWZiMjdmNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPXcvcz+MiA5nZGWaySiX5Opg9+3
rryr4P70n43pqc1aJp9gru6NIJX1OzwCuJZTpl/GZetC46F4V9qTT3Ba480G8/Qe
VoD8GxmrXBkWE/QdMQ1vHzczj/tT03GXt0rj+l/nVYrBIfkZgJzTba+aIMkznjYX
BteLLKD+4h6egoVCsntSdiaSvO84CrH60Wh5Gy6GpdvV31zevWY19W5evPLlNyDN
5sspHMN4SInoF2wmq+2QJ7HjpYvOc2crXHvTGaxAzO6NNkpmweO5hVpfikOOv/Nb
RNZBdlWPTFKat2IQk4LwBXdn8jX7dPasZMs1lpq/n6pwsNK9fewJfJzWiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAz2JGP6BKGYjfvkHws2YuX7J/XLMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADVCTrG/e
EX7lpAu950+ajg8t1vzw4j2i1zVDys0+NBARNb7mG8FxTWQ3+cYh82RxHSVJD91r
qv/hWBjVK4hnk/Q5qCw87OYXIYM+BuHgvchs4ymdzkzcCtWGybkOkTtWzCClkBwk
iIsMb8+H7sZcmAoP2KFbUyiESA5XDpLemW5ZKa6u3K0foIsxMwSqn6lDvgzhA/Wq
FR7JNniXpHmVnlHo1l3vIrEJWk8b7OZbftjCEP3/i+ZkuduElecKPLQ2MQjUkjia
1Sq2PFS/kObJ1JsGR3XlkGezgbTAuof49FC1x7Y8B7BimINKz8O6h1Gp6uNUUHiK
4H0TiVW5LAtikA==
-----END CERTIFICATE-----