Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
File:                     5weSQnGbdzi4P0kUerH1gp93ahU.mft (raw, json)
Hash identifier:          7kqcYxjHGg3pWRH9Gw/Z0NDL/BMO8Lkv9/KXNHH68k0=
Subject key identifier:   9C:1A:10:BB:4E:70:51:F3:8C:C6:D6:F1:8C:80:E6:A3:46:D9:D3:CB
Authority key identifier: E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15
Certificate issuer:       /CN=e7079242719b7738b83f49147ab1f5829f776a15
Certificate serial:       0198D73B531ED2A59D98365CC8C996093E80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
Manifest number:          15
Signing time:             Sat 23 Aug 2025 14:00:45 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:45 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:45 +0000
Files and hashes:         1: 5weSQnGbdzi4P0kUerH1gp93ahU.crl (hash: vIY0yiLXtfQbJz+gRl3Oy68lIQWWbWtR6GoT1R+JsIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:53:1e:d2:a5:9d:98:36:5c:c8:c9:96:09:3e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7079242719b7738b83f49147ab1f5829f776a15
        Validity
            Not Before: Aug 23 14:00:45 2025 GMT
            Not After : Aug 24 14:00:45 2025 GMT
        Subject: CN=9c1a10bb4e7051f38cc6d6f18c80e6a346d9d3cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:24:74:77:33:5a:dc:5c:80:54:5a:2b:26:28:
                    33:45:0d:82:d0:c4:d1:f9:04:29:f3:29:1f:39:78:
                    99:8a:8b:02:b1:23:a9:73:e5:84:c1:a2:90:1f:c7:
                    26:9d:5a:44:aa:e5:70:db:91:6b:c6:b9:c0:6f:ea:
                    d1:21:25:00:54:b9:37:49:d9:10:d1:ae:36:46:b1:
                    30:78:43:09:1b:ea:b3:9b:32:30:87:b2:3f:15:13:
                    ca:e1:71:f2:c8:2b:f7:ae:2b:5b:4e:7d:ae:83:ff:
                    a2:1a:db:7c:67:84:25:eb:c4:e6:c6:91:fc:5d:90:
                    5e:ae:8c:17:5f:1c:7f:0f:1c:49:a8:90:f3:95:bb:
                    39:3c:29:79:c2:5d:1f:92:19:45:15:56:79:66:84:
                    a3:f6:cd:14:1a:2f:51:fc:a7:cc:96:c9:65:79:0b:
                    b6:59:3c:12:d4:d2:46:b3:6f:92:7e:61:75:59:96:
                    4e:5a:14:69:54:72:06:ca:79:57:d5:20:e5:37:9a:
                    a3:52:9a:81:52:2b:d5:b8:42:d8:d5:61:e2:55:17:
                    a9:55:b4:c0:47:b2:13:d4:61:45:ca:76:38:c9:4b:
                    92:a4:80:5a:64:d7:0b:07:2d:de:26:2e:73:bf:f6:
                    a3:be:a6:41:72:44:16:ea:2c:51:73:cc:f6:3a:8c:
                    b6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:1A:10:BB:4E:70:51:F3:8C:C6:D6:F1:8C:80:E6:A3:46:D9:D3:CB
            X509v3 Authority Key Identifier:
                keyid:E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:67:90:21:e7:84:dc:0c:4d:30:95:e6:1a:a5:c9:ae:43:12:
         22:58:ae:c3:32:ae:f6:da:be:c8:8d:a2:aa:04:9a:f2:5d:18:
         21:6b:6e:d5:08:e7:28:3d:4f:6d:14:16:06:d5:01:3b:a2:3c:
         c9:77:52:c8:8e:fc:b5:10:42:30:5a:3b:fd:18:a7:32:5c:8c:
         6e:b8:dc:00:2c:84:9f:91:4a:bc:5a:36:8f:3a:53:60:e7:bd:
         9a:68:8a:f3:c7:e4:0a:7a:c2:bd:aa:ec:fa:2e:25:60:f0:11:
         e2:1f:9f:c5:30:b9:9f:d0:f6:da:f8:59:97:6d:82:48:97:41:
         be:b5:6a:dd:75:d7:a3:e9:ad:7a:9c:b8:65:9a:2d:d8:c7:4c:
         ca:f8:2c:56:14:96:d7:dd:f4:54:b8:aa:55:d5:4f:d4:09:b8:
         d8:39:dd:7d:65:da:dc:41:3a:7a:38:e8:ad:bd:dc:85:64:d0:
         af:4c:21:d6:2c:91:3f:93:f8:95:0a:55:88:ff:0d:41:cf:a8:
         7a:4b:dd:42:4e:08:47:ee:81:46:01:7b:f1:44:33:dc:65:e9:
         9f:49:f5:10:e9:53:53:fb:32:5d:94:15:03:22:23:0a:fa:0a:
         ad:f6:fb:6e:47:b5:6d:9d:67:6b:ba:bf:75:fd:95:07:47:31:
         e2:8b:5d:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO1Me0qWdmDZcyMmWCT6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MDc5MjQyNzE5Yjc3MzhiODNmNDkxNDdhYjFmNTgyOWY3
NzZhMTUwHhcNMjUwODIzMTQwMDQ1WhcNMjUwODI0MTQwMDQ1WjAzMTEwLwYDVQQD
Eyg5YzFhMTBiYjRlNzA1MWYzOGNjNmQ2ZjE4YzgwZTZhMzQ2ZDlkM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryR0dzNa3FyAVForJigzRQ2C0MTR
+QQp8ykfOXiZiosCsSOpc+WEwaKQH8cmnVpEquVw25FrxrnAb+rRISUAVLk3SdkQ
0a42RrEweEMJG+qzmzIwh7I/FRPK4XHyyCv3ritbTn2ug/+iGtt8Z4Ql68TmxpH8
XZBerowXXxx/DxxJqJDzlbs5PCl5wl0fkhlFFVZ5ZoSj9s0UGi9R/KfMlslleQu2
WTwS1NJGs2+SfmF1WZZOWhRpVHIGynlX1SDlN5qjUpqBUivVuELY1WHiVRepVbTA
R7IT1GFFynY4yUuSpIBaZNcLBy3eJi5zv/ajvqZBckQW6ixRc8z2Ooy2RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwaELtOcFHzjMbW8YyA5qNG2dPLMB8GA1UdIwQY
MBaAFOcHkkJxm3c4uD9JFHqx9YKfd2oVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEt
ZDUwZjI5MzA4NDY0LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEtZDUwZjI5MzA4NDY0
LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkmeQIeeE
3AxNMJXmGqXJrkMSIliuwzKu9tq+yI2iqgSa8l0YIWtu1QjnKD1PbRQWBtUBO6I8
yXdSyI78tRBCMFo7/RinMlyMbrjcACyEn5FKvFo2jzpTYOe9mmiK88fkCnrCvars
+i4lYPAR4h+fxTC5n9D22vhZl22CSJdBvrVq3XXXo+mtepy4ZZot2MdMyvgsVhSW
1930VLiqVdVP1Am42DndfWXa3EE6ejjorb3chWTQr0wh1iyRP5P4lQpViP8NQc+o
ekvdQk4IR+6BRgF78UQz3GXpn0n1EOlTU/syXZQVAyIjCvoKrfb7bke1bZ1na7q/
df2VB0cx4otdrw==
-----END CERTIFICATE-----