Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          mFp5YhJdMgetbtCxRKA/B1ryN7j0ioEmrfnAkj493Gg=
Subject key identifier:   76:83:07:A2:26:C4:F8:EC:EB:29:3D:28:AC:CB:ED:2C:5B:36:2C:04
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       0198D583D20E185687645AFF6A0E69571A30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          0308
Signing time:             Sat 23 Aug 2025 06:00:42 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:42 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:42 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: LJ0G48hE+NPb4H3gwThCUiGZYKLHjfwQfSbfvhZpIAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:d2:0e:18:56:87:64:5a:ff:6a:0e:69:57:1a:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Aug 23 06:00:42 2025 GMT
            Not After : Aug 24 06:00:42 2025 GMT
        Subject: CN=768307a226c4f8eceb293d28accbed2c5b362c04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3c:18:68:c6:67:c2:26:c7:ab:37:50:a7:6a:
                    21:08:d0:f6:cc:87:3b:de:a5:7c:4f:62:3b:5f:ae:
                    51:2a:26:c8:fd:81:56:ce:b6:d3:69:5a:e5:cf:bf:
                    c2:82:a3:7b:31:00:61:e8:ac:d9:a8:b3:df:48:7e:
                    6e:0a:a9:3a:a9:ba:39:37:c3:1e:f7:a6:f0:b9:70:
                    fa:45:4c:56:a2:54:c5:4e:cd:bf:8c:d3:ba:71:da:
                    4d:3a:b8:1e:de:8a:a4:ac:39:e6:c5:ae:58:af:2b:
                    a1:97:2d:37:01:d1:20:1d:03:38:a2:b0:a4:a3:9f:
                    20:96:6d:e5:7e:7c:9f:35:5e:a2:97:c5:93:3f:7e:
                    50:f9:3c:af:89:e3:6f:d1:f4:82:14:55:f0:ea:55:
                    7b:ab:6d:5c:f4:46:d6:c1:64:b0:bb:6c:ba:fe:db:
                    78:d4:a8:7e:6b:51:40:4b:7c:41:79:88:73:6f:5e:
                    e0:44:3f:fc:45:6f:62:19:03:69:4b:06:a4:a3:63:
                    dd:ef:1d:4d:3e:72:13:ef:34:25:63:0f:2c:7d:a8:
                    39:ba:cf:20:99:c7:73:a2:89:20:6b:69:79:fc:0b:
                    a2:d1:51:ee:31:bd:26:35:81:f1:5a:b7:ac:93:12:
                    a9:38:82:2b:f9:f0:0e:e6:0f:87:e7:f5:e1:32:34:
                    b1:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:83:07:A2:26:C4:F8:EC:EB:29:3D:28:AC:CB:ED:2C:5B:36:2C:04
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:1a:38:f2:04:7a:3a:27:49:6d:5d:96:d6:f6:07:11:e2:74:
         a8:85:78:77:db:20:d1:f5:13:0f:03:30:62:1c:df:ed:8d:71:
         df:a6:d3:a9:48:c0:2a:80:a8:c2:90:c7:05:6f:21:41:70:4b:
         1d:12:14:ca:24:15:a3:d5:db:97:ac:2c:c5:cf:8f:4c:a8:b9:
         1d:f6:48:10:04:ce:76:ed:ee:4f:3b:ff:86:0d:f3:74:ed:33:
         86:92:5b:a1:96:26:e7:4a:c9:30:11:68:c9:20:0e:1e:b2:b9:
         b4:d7:ff:ee:cb:ba:77:11:f8:80:b5:ab:c5:fc:66:2d:d1:55:
         28:17:2e:9b:50:c6:25:fb:d2:ff:50:74:84:8f:7b:62:56:e1:
         85:d0:03:42:84:d2:45:48:6c:d4:ba:50:f2:49:7f:88:5a:8b:
         60:07:21:7f:f6:55:05:cd:28:82:e2:a7:87:78:3c:4f:8d:69:
         d9:cd:2e:d5:b8:2b:d0:d0:25:62:37:ac:51:1b:50:b8:72:4d:
         77:c2:51:57:b5:00:87:c2:51:dd:00:c0:73:7a:17:ea:39:81:
         8c:e0:7a:34:31:2f:87:57:85:a6:f7:e9:c9:1e:7b:d8:2e:ce:
         d1:2e:c8:34:51:02:34:38:f8:53:0a:09:41:b2:7b:00:94:c8:
         22:b0:79:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg9IOGFaHZFr/ag5pVxowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwODIzMDYwMDQyWhcNMjUwODI0MDYwMDQyWjAzMTEwLwYDVQQD
Eyg3NjgzMDdhMjI2YzRmOGVjZWIyOTNkMjhhY2NiZWQyYzViMzYyYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzwYaMZnwibHqzdQp2ohCND2zIc7
3qV8T2I7X65RKibI/YFWzrbTaVrlz7/CgqN7MQBh6KzZqLPfSH5uCqk6qbo5N8Me
96bwuXD6RUxWolTFTs2/jNO6cdpNOrge3oqkrDnmxa5Yryuhly03AdEgHQM4orCk
o58glm3lfnyfNV6il8WTP35Q+TyvieNv0fSCFFXw6lV7q21c9EbWwWSwu2y6/tt4
1Kh+a1FAS3xBeYhzb17gRD/8RW9iGQNpSwako2Pd7x1NPnIT7zQlYw8sfag5us8g
mcdzookga2l5/Aui0VHuMb0mNYHxWreskxKpOIIr+fAO5g+H5/XhMjSxfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaDB6ImxPjs6yk9KKzL7SxbNiwEMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBo48gR6
OidJbV2W1vYHEeJ0qIV4d9sg0fUTDwMwYhzf7Y1x36bTqUjAKoCowpDHBW8hQXBL
HRIUyiQVo9Xbl6wsxc+PTKi5HfZIEATOdu3uTzv/hg3zdO0zhpJboZYm50rJMBFo
ySAOHrK5tNf/7su6dxH4gLWrxfxmLdFVKBcum1DGJfvS/1B0hI97YlbhhdADQoTS
RUhs1LpQ8kl/iFqLYAchf/ZVBc0oguKnh3g8T41p2c0u1bgr0NAlYjesURtQuHJN
d8JRV7UAh8JR3QDAc3oX6jmBjOB6NDEvh1eFpvfpyR572C7O0S7INFECNDj4UwoJ
QbJ7AJTIIrB5Jw==
-----END CERTIFICATE-----