Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
File:                     E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft (raw, json)
Hash identifier:          9Vy9tVzSGTFgmt0gDOeYz5499zWttKEE6eDxR+WdB2g=
Subject key identifier:   FF:E8:89:A1:FD:74:7F:41:D4:46:CD:11:A2:2B:53:BC:84:59:B4:37
Authority key identifier: 13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F
Certificate issuer:       /CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
Certificate serial:       0198D54EB9E4B5A20AB8F71925A68D16185F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
Manifest number:          0295
Signing time:             Sat 23 Aug 2025 05:02:42 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:42 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:42 +0000
Files and hashes:         1: E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl (hash: oP+tIanjO/hij+LXzjym8/ruWyLu9YWIN8e00loCIIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:b9:e4:b5:a2:0a:b8:f7:19:25:a6:8d:16:18:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
        Validity
            Not Before: Aug 23 05:02:42 2025 GMT
            Not After : Aug 24 05:02:42 2025 GMT
        Subject: CN=ffe889a1fd747f41d446cd11a22b53bc8459b437
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4c:e9:9c:b1:1d:75:c8:8f:45:90:6b:51:2e:
                    3c:9f:8b:9e:06:87:9b:3c:2a:a7:41:93:00:04:fe:
                    8d:0a:4e:5b:c9:3e:9a:4f:e2:af:b0:22:36:2d:4e:
                    d0:a4:ae:3d:3a:dd:b6:33:2a:5e:70:0c:da:09:1b:
                    86:f8:4d:4b:5a:c7:fb:d9:fc:f5:73:3c:3b:53:5b:
                    fa:fd:8f:4e:4d:97:b4:0b:c2:ba:e9:40:45:9c:00:
                    b4:03:b0:26:0d:12:b3:30:28:7c:2e:b0:bc:17:5d:
                    64:ae:aa:39:23:52:06:5c:85:48:f0:1c:4b:0e:b9:
                    15:c0:c5:37:06:15:02:4b:d7:76:5c:aa:48:db:e9:
                    a1:80:fe:b4:6d:39:53:58:5a:85:f8:e4:ce:cb:e8:
                    be:e6:38:1b:24:11:83:30:64:65:70:2c:68:f2:11:
                    c9:b4:82:31:f2:90:67:6c:6e:b7:04:ee:f7:65:b9:
                    73:d6:3d:38:46:d9:b7:d0:c6:1f:6a:3f:7e:9c:c9:
                    1c:0a:70:d3:10:63:6e:c5:f2:52:3a:c9:97:d0:b6:
                    40:05:c7:2d:4b:71:d4:9e:0a:3f:18:64:0d:f2:be:
                    73:c7:1a:a3:b4:79:c4:03:0c:c2:c6:2b:95:29:da:
                    21:b6:13:01:d2:2b:c0:1a:a9:1f:55:0c:38:9d:1e:
                    96:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E8:89:A1:FD:74:7F:41:D4:46:CD:11:A2:2B:53:BC:84:59:B4:37
            X509v3 Authority Key Identifier:
                keyid:13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:05:7c:e2:5f:45:94:45:4c:7e:3c:c6:ed:ac:93:46:d6:ea:
         50:b6:c0:c6:7f:42:52:cd:a9:df:1a:3d:ec:b8:cf:31:fb:65:
         84:3e:e0:90:68:e9:a5:d6:bf:60:2f:d4:a5:55:7a:d5:fb:d0:
         3f:fa:9f:9d:31:4c:f4:0a:3f:d9:ab:e5:58:cb:02:cb:c0:45:
         9d:d2:4d:7c:39:38:69:b2:69:e4:7e:cb:d5:f1:27:ea:7f:a0:
         75:86:f4:94:fb:54:a7:47:09:81:00:71:9b:2f:c4:ac:e3:0a:
         14:c5:35:f5:d0:09:de:cc:51:e4:eb:b0:7f:e2:4d:7d:58:12:
         04:26:3d:04:71:12:d6:ae:d2:22:75:8e:b1:66:a7:7a:ab:65:
         1f:a3:3d:de:68:b6:6d:39:4a:93:8b:ff:8f:9c:e3:c5:32:de:
         3c:24:08:b0:41:9e:0f:3b:ce:a2:cb:d2:5b:a3:e7:52:9a:5b:
         55:69:dd:5f:cb:54:49:d1:ac:cf:31:f3:15:f4:bd:96:82:db:
         3a:13:57:5b:e7:03:3f:b8:56:5f:d8:c9:7c:51:8d:44:40:e4:
         75:8b:9b:dc:68:17:2a:ca:92:da:0b:ef:c4:ee:8e:d8:7f:8e:
         fc:d4:35:0b:c1:29:2f:e9:01:0a:62:12:10:ab:eb:25:d2:be:
         86:56:19:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTrnktaIKuPcZJaaNFhhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQyMWI4MmFiN2JiYTZlMmY1NWU5MDJhOWZiODFmYTNh
ZjI5OGYwHhcNMjUwODIzMDUwMjQyWhcNMjUwODI0MDUwMjQyWjAzMTEwLwYDVQQD
EyhmZmU4ODlhMWZkNzQ3ZjQxZDQ0NmNkMTFhMjJiNTNiYzg0NTliNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkzpnLEddciPRZBrUS48n4ueBoeb
PCqnQZMABP6NCk5byT6aT+KvsCI2LU7QpK49Ot22MypecAzaCRuG+E1LWsf72fz1
czw7U1v6/Y9OTZe0C8K66UBFnAC0A7AmDRKzMCh8LrC8F11krqo5I1IGXIVI8BxL
DrkVwMU3BhUCS9d2XKpI2+mhgP60bTlTWFqF+OTOy+i+5jgbJBGDMGRlcCxo8hHJ
tIIx8pBnbG63BO73Zblz1j04Rtm30MYfaj9+nMkcCnDTEGNuxfJSOsmX0LZABcct
S3HUngo/GGQN8r5zxxqjtHnEAwzCxiuVKdohthMB0ivAGqkfVQw4nR6W/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/oiaH9dH9B1EbNEaIrU7yEWbQ3MB8GA1UdIwQY
MBaAFBO0Ibgqt7um4vVekCqfuB+jrymPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDct
ZGZhNzA3OTQwNTM3LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDctZGZhNzA3OTQwNTM3
LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASwV84l9F
lEVMfjzG7ayTRtbqULbAxn9CUs2p3xo97LjPMftlhD7gkGjppda/YC/UpVV61fvQ
P/qfnTFM9Ao/2avlWMsCy8BFndJNfDk4abJp5H7L1fEn6n+gdYb0lPtUp0cJgQBx
my/ErOMKFMU19dAJ3sxR5Ouwf+JNfVgSBCY9BHES1q7SInWOsWaneqtlH6M93mi2
bTlKk4v/j5zjxTLePCQIsEGeDzvOosvSW6PnUppbVWndX8tUSdGszzHzFfS9loLb
OhNXW+cDP7hWX9jJfFGNREDkdYub3GgXKsqS2gvvxO6O2H+O/NQ1C8EpL+kBCmIS
EKvrJdK+hlYZQQ==
-----END CERTIFICATE-----