Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          5oobDRuPnlHNHFJe63yTTg0ipRZFEXc6lTmlUDGjwh8=
Subject key identifier:   25:8B:13:65:04:C7:85:7F:F4:54:59:1E:AF:22:B0:AC:FD:DE:B8:EB
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       0198D6601958F5F5EE8A29010B968CF84CBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          083F
Signing time:             Sat 23 Aug 2025 10:01:18 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:18 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:18 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: 49AnEBhjZ+fcqnuNLyZATXp57AzHdZOeFlJyVgIFNcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:19:58:f5:f5:ee:8a:29:01:0b:96:8c:f8:4c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Aug 23 10:01:18 2025 GMT
            Not After : Aug 24 10:01:18 2025 GMT
        Subject: CN=258b136504c7857ff454591eaf22b0acfddeb8eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:7b:38:d6:ed:73:76:9d:6e:80:d6:36:3a:68:
                    b0:bf:f1:02:9a:0a:0c:b2:95:4b:7e:7f:bb:23:1b:
                    ce:27:e6:8c:e6:ce:c5:b2:15:75:6f:2a:c0:ed:b1:
                    02:f1:ea:8c:0a:a2:7e:78:c2:31:e3:23:98:08:c8:
                    4c:5c:65:4d:17:cf:47:7e:b7:fd:15:63:48:0c:9d:
                    14:4a:6a:bf:f1:98:22:a9:90:df:8f:9e:b9:db:dc:
                    98:e0:30:96:18:45:f8:af:75:f1:de:7e:5f:a4:99:
                    90:1d:8a:7f:3f:8b:8e:3d:3e:d2:58:2f:0a:47:7c:
                    e9:e8:69:4a:d8:12:9d:5c:f7:87:df:39:bc:18:a0:
                    73:08:52:ea:1a:23:2d:c2:87:99:58:9d:bf:57:6b:
                    f4:b1:ea:23:84:fd:3f:06:31:da:7b:fd:0f:5e:4f:
                    53:38:6d:25:e1:af:6c:99:77:1d:29:83:b7:1d:fe:
                    97:98:b6:d2:36:13:bc:5f:b9:42:69:f9:b4:b5:f6:
                    c2:83:35:8c:4b:30:da:fb:3f:2e:4c:ae:09:87:2e:
                    70:96:76:e9:49:cf:b8:36:25:09:d5:35:d3:1e:c1:
                    8c:77:d5:db:dd:9a:ac:20:03:3c:48:59:37:98:ae:
                    80:4c:2c:ca:3a:76:43:d2:93:ad:d8:d2:49:43:f2:
                    73:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:8B:13:65:04:C7:85:7F:F4:54:59:1E:AF:22:B0:AC:FD:DE:B8:EB
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:e1:24:46:0f:71:5a:8b:2a:49:93:bf:f7:d8:cb:c6:1a:66:
         03:da:63:8a:b6:79:7a:27:8a:0b:3b:61:13:70:65:b7:e0:b2:
         72:63:13:ea:c5:d6:93:8a:e4:84:a5:1c:80:b4:91:14:09:67:
         44:1e:3e:f2:f6:5d:dc:ec:3c:02:ce:b8:b1:90:c9:c8:f8:81:
         a8:2e:0b:df:a7:5c:ab:eb:b2:bc:f1:67:ce:5b:c7:a6:41:6e:
         c8:4b:4a:e9:7e:2b:e3:a1:06:40:e1:f2:23:3a:37:9d:79:9b:
         ef:b6:3f:a3:2b:1f:41:20:68:43:10:1c:2c:dd:7e:f5:74:c8:
         ad:c0:bc:9a:d1:ac:a2:3c:b8:d3:e5:c1:91:99:c8:b0:0d:c2:
         a0:18:19:be:a1:0e:76:ee:f8:c0:8b:6a:c7:16:0e:2a:08:b0:
         81:17:6b:b6:40:5f:3f:cc:eb:6d:a9:be:fb:94:a0:8d:e1:03:
         7c:0c:80:e8:1d:e0:b6:27:f4:0a:22:af:fe:29:66:05:35:30:
         a3:b4:f1:76:ea:64:df:07:94:93:66:dc:94:8e:d2:9f:cf:3f:
         0c:05:a5:e1:97:a5:17:47:52:af:9d:99:9d:67:37:82:19:ea:
         bd:70:14:5a:3b:e3:8c:21:c5:b3:ee:55:8e:e4:ae:5e:1f:bf:
         00:2c:7b:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYBlY9fXuiikBC5aM+Ey7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUwODIzMTAwMTE4WhcNMjUwODI0MTAwMTE4WjAzMTEwLwYDVQQD
EygyNThiMTM2NTA0Yzc4NTdmZjQ1NDU5MWVhZjIyYjBhY2ZkZGViOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Hs41u1zdp1ugNY2Omiwv/ECmgoM
spVLfn+7IxvOJ+aM5s7FshV1byrA7bEC8eqMCqJ+eMIx4yOYCMhMXGVNF89Hfrf9
FWNIDJ0USmq/8ZgiqZDfj56529yY4DCWGEX4r3Xx3n5fpJmQHYp/P4uOPT7SWC8K
R3zp6GlK2BKdXPeH3zm8GKBzCFLqGiMtwoeZWJ2/V2v0seojhP0/BjHae/0PXk9T
OG0l4a9smXcdKYO3Hf6XmLbSNhO8X7lCafm0tfbCgzWMSzDa+z8uTK4Jhy5wlnbp
Sc+4NiUJ1TXTHsGMd9Xb3ZqsIAM8SFk3mK6ATCzKOnZD0pOt2NJJQ/JzZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWLE2UEx4V/9FRZHq8isKz93rjrMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAleEkRg9x
WosqSZO/99jLxhpmA9pjirZ5eieKCzthE3Blt+CycmMT6sXWk4rkhKUcgLSRFAln
RB4+8vZd3Ow8As64sZDJyPiBqC4L36dcq+uyvPFnzlvHpkFuyEtK6X4r46EGQOHy
Izo3nXmb77Y/oysfQSBoQxAcLN1+9XTIrcC8mtGsojy40+XBkZnIsA3CoBgZvqEO
du74wItqxxYOKgiwgRdrtkBfP8zrbam++5SgjeEDfAyA6B3gtif0CiKv/ilmBTUw
o7Txdupk3weUk2bclI7Sn88/DAWl4ZelF0dSr52ZnWc3ghnqvXAUWjvjjCHFs+5V
juSuXh+/ACx7LA==
-----END CERTIFICATE-----