Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          Ec3qf6F1teR1yFxQNAm7MRvmLz1v5fCLupSBOeSD1qg=
Subject key identifier:   5E:E0:EC:EC:E2:92:20:5A:04:FD:5E:13:3F:42:B0:ED:91:FC:9F:05
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0198D66166D39459EB12CC0C243D07A04553
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0873
Signing time:             Sat 23 Aug 2025 10:02:44 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:44 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:44 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: FszIqRiVkUaiqIpCaib2Y2rgr0ApgwS3XIYiIcljJrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:66:d3:94:59:eb:12:cc:0c:24:3d:07:a0:45:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Aug 23 10:02:44 2025 GMT
            Not After : Aug 24 10:02:44 2025 GMT
        Subject: CN=5ee0ecece292205a04fd5e133f42b0ed91fc9f05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2f:30:e1:9e:8c:68:b5:72:d7:30:77:4a:54:
                    b7:7c:3a:a2:22:ff:a0:b6:9e:ee:3e:cd:b4:07:c8:
                    28:b4:d8:0f:d2:92:58:15:20:85:99:8b:ae:0e:87:
                    31:75:50:8e:dc:06:ec:ef:ce:a3:6b:dc:99:7d:41:
                    aa:07:79:c1:ab:6b:6f:b5:92:fb:be:a8:06:85:2c:
                    91:ec:ba:e2:6a:8a:c2:d6:84:5a:02:24:b6:c9:7e:
                    71:a5:0f:65:d9:a6:6c:ce:8e:95:ca:a0:92:9a:7a:
                    59:53:44:8d:41:ea:d3:84:f9:d4:5b:e2:36:4a:ce:
                    36:58:8b:50:b9:57:1a:8c:8d:18:b0:5d:f8:21:cc:
                    ff:c1:68:0c:ce:c3:da:68:82:3a:f8:11:c1:fb:75:
                    4f:ee:84:32:92:0b:cf:54:55:fa:1f:7d:30:c5:44:
                    2f:f8:dd:59:db:05:02:e6:96:a6:a9:af:46:f8:8f:
                    88:e5:43:5a:f7:74:13:77:ce:53:d4:ad:5d:59:e5:
                    1d:8f:cb:e9:54:35:40:65:1d:28:0d:36:bf:27:67:
                    db:35:e9:20:e1:50:0f:b5:ff:e8:bb:df:63:f4:00:
                    be:99:15:85:df:5b:d1:43:8d:9f:fe:2b:54:1e:a8:
                    70:58:ee:f6:d9:f3:6f:6b:38:80:23:1f:a4:3b:2d:
                    84:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:E0:EC:EC:E2:92:20:5A:04:FD:5E:13:3F:42:B0:ED:91:FC:9F:05
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:b4:1a:a3:cf:54:8a:64:e1:67:2d:db:ab:16:3a:7d:06:88:
         f2:31:14:c8:42:84:c8:9a:3d:5d:33:1c:0e:ce:ee:1d:31:d6:
         b5:3e:0e:77:df:65:ed:59:63:96:c5:58:7d:1a:c2:4b:16:f2:
         81:c0:df:81:1d:0e:c7:98:10:0a:13:00:c2:29:2f:d7:12:2b:
         c2:18:5d:0b:6e:fa:e8:32:5a:09:51:20:d7:37:72:0e:ef:9e:
         11:59:06:15:a1:74:e8:54:dd:24:32:ef:e0:8f:20:1e:0f:e6:
         64:ab:75:bc:05:52:ab:44:5c:81:94:9e:33:fe:49:4d:17:ef:
         fe:bd:5b:4a:3e:ff:8a:bd:79:ce:7c:1f:97:f3:86:ca:50:f6:
         26:d1:17:2e:3e:5c:b9:d1:65:29:c0:cf:4b:80:df:a4:eb:22:
         be:35:da:03:e5:31:21:61:c0:fc:04:90:fd:88:95:02:66:80:
         5f:d2:0a:1d:88:b4:d7:6a:96:52:2d:10:48:e1:98:40:b9:a7:
         96:f3:51:ab:1b:90:7b:4d:7c:fd:15:16:ef:05:cb:f1:89:8a:
         78:62:d5:b9:75:f6:9f:cf:20:3b:19:b2:64:57:69:e9:eb:60:
         b3:1e:44:bb:42:07:00:c8:b7:89:9c:13:f4:dd:de:9b:65:59:
         9b:70:67:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYWbTlFnrEswMJD0HoEVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwODIzMTAwMjQ0WhcNMjUwODI0MTAwMjQ0WjAzMTEwLwYDVQQD
Eyg1ZWUwZWNlY2UyOTIyMDVhMDRmZDVlMTMzZjQyYjBlZDkxZmM5ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS8w4Z6MaLVy1zB3SlS3fDqiIv+g
tp7uPs20B8gotNgP0pJYFSCFmYuuDocxdVCO3Abs786ja9yZfUGqB3nBq2tvtZL7
vqgGhSyR7LriaorC1oRaAiS2yX5xpQ9l2aZszo6VyqCSmnpZU0SNQerThPnUW+I2
Ss42WItQuVcajI0YsF34Icz/wWgMzsPaaII6+BHB+3VP7oQykgvPVFX6H30wxUQv
+N1Z2wUC5pamqa9G+I+I5UNa93QTd85T1K1dWeUdj8vpVDVAZR0oDTa/J2fbNekg
4VAPtf/ou99j9AC+mRWF31vRQ42f/itUHqhwWO722fNvaziAIx+kOy2EswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7g7OzikiBaBP1eEz9CsO2R/J8FMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbQao89U
imThZy3bqxY6fQaI8jEUyEKEyJo9XTMcDs7uHTHWtT4Od99l7VljlsVYfRrCSxby
gcDfgR0Ox5gQChMAwikv1xIrwhhdC2766DJaCVEg1zdyDu+eEVkGFaF06FTdJDLv
4I8gHg/mZKt1vAVSq0RcgZSeM/5JTRfv/r1bSj7/ir15znwfl/OGylD2JtEXLj5c
udFlKcDPS4DfpOsivjXaA+UxIWHA/ASQ/YiVAmaAX9IKHYi012qWUi0QSOGYQLmn
lvNRqxuQe018/RUW7wXL8YmKeGLVuXX2n88gOxmyZFdp6etgsx5Eu0IHAMi3iZwT
9N3em2VZm3BnqQ==
-----END CERTIFICATE-----