Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          E2AG3hinLoNwxdCUDfkF9FDjzGzpxpjgP4fkggSZF70=
Subject key identifier:   A5:F8:2A:EB:C4:49:C0:8A:2C:57:BC:90:17:71:63:64:F2:F4:E9:0A
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       0198D4A7A52B6A6FB66262D0F617B7B8E8EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0EC9
Signing time:             Sat 23 Aug 2025 02:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:13 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: evbS28LmGpJGLSBNrGZV2IUrMDnUpuxozUYpiSMU1kE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:a5:2b:6a:6f:b6:62:62:d0:f6:17:b7:b8:e8:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Aug 23 02:00:13 2025 GMT
            Not After : Aug 24 02:00:13 2025 GMT
        Subject: CN=a5f82aebc449c08a2c57bc9017716364f2f4e90a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7f:de:d2:79:3e:9d:8a:3a:99:59:eb:ea:22:
                    36:f6:2a:de:a2:3e:ea:5b:06:68:74:1e:37:d9:11:
                    b0:19:d5:97:88:13:9c:03:9a:3e:14:9c:0b:68:b6:
                    9d:85:c7:14:7c:8b:b4:ac:a6:ba:2a:e8:44:d1:1e:
                    bb:05:a1:25:d2:96:e4:7c:6d:00:98:3a:74:8b:7f:
                    57:bf:30:a5:bf:20:77:b8:51:26:c2:a8:49:65:ed:
                    9e:35:e5:6f:be:62:65:9a:1c:5f:08:97:f8:19:2e:
                    a7:c0:e2:b5:b2:f1:06:2f:26:01:f6:18:17:68:2f:
                    8a:cd:82:b4:c3:f4:77:12:e5:f9:d6:6d:ca:e7:37:
                    30:30:14:56:96:db:11:e7:a4:27:d4:8c:f2:54:d6:
                    23:ad:34:d1:2f:ba:4b:d0:6e:b4:eb:ff:38:68:90:
                    43:0e:c6:da:e5:f0:50:dc:df:eb:26:8f:f3:a8:39:
                    1f:48:7d:69:c0:8e:ed:7c:75:92:3f:4e:64:77:94:
                    4c:e4:4d:b8:9e:15:71:75:f5:bd:64:f1:a1:a7:9d:
                    e9:30:ce:c6:87:c9:11:c4:72:f9:a8:9d:f1:9e:28:
                    6c:f2:0c:e9:3a:6c:84:e0:f9:fc:39:73:8d:c2:e4:
                    c7:4a:81:04:98:3e:43:b2:bc:30:72:f6:26:32:ba:
                    17:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:F8:2A:EB:C4:49:C0:8A:2C:57:BC:90:17:71:63:64:F2:F4:E9:0A
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:b0:96:db:7b:39:aa:df:e5:9f:36:c6:99:e9:7b:17:b5:32:
         41:d3:e4:4d:85:5f:67:18:79:80:32:bc:a1:b9:c6:f3:b9:83:
         7b:67:c8:6e:80:e4:f5:ae:18:f3:46:4c:79:f7:34:1a:5f:55:
         a9:d0:e0:e4:ff:27:5b:3f:1d:da:e6:09:57:2b:4f:a9:31:0a:
         0e:7f:f1:3e:e4:bd:c5:0c:f2:8c:86:21:c6:7a:a6:d4:06:25:
         52:54:86:c2:cd:c2:28:9c:75:13:5d:a9:87:7b:c7:6d:d0:5a:
         dd:f5:7e:23:11:de:9b:dd:e0:ef:05:63:d9:bc:e9:5e:a1:28:
         4f:1c:23:19:5b:29:3b:19:b7:a1:9e:67:c6:ae:cc:91:73:ac:
         a3:e5:d0:e4:64:1d:9f:8f:27:5b:30:04:e4:43:f8:f1:45:33:
         a7:e5:6e:75:36:e3:b7:f4:1d:01:c7:f6:52:4c:f6:11:c1:b8:
         70:93:48:0b:6b:9a:f0:e8:b7:0d:ca:4b:9a:2c:e6:08:5d:9a:
         62:41:cc:a8:0a:20:97:1f:ea:f0:f6:03:af:ad:60:f5:35:bb:
         f4:b0:db:99:e9:83:6e:4a:13:78:dc:a9:19:10:e0:01:0b:38:
         75:d3:d4:61:db:e9:42:de:72:e9:2f:c8:29:1e:7b:e9:9b:ba:
         2c:b9:5f:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp6Uram+2YmLQ9he3uOjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwODIzMDIwMDEzWhcNMjUwODI0MDIwMDEzWjAzMTEwLwYDVQQD
EyhhNWY4MmFlYmM0NDljMDhhMmM1N2JjOTAxNzcxNjM2NGYyZjRlOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH/e0nk+nYo6mVnr6iI29ireoj7q
WwZodB432RGwGdWXiBOcA5o+FJwLaLadhccUfIu0rKa6KuhE0R67BaEl0pbkfG0A
mDp0i39XvzClvyB3uFEmwqhJZe2eNeVvvmJlmhxfCJf4GS6nwOK1svEGLyYB9hgX
aC+KzYK0w/R3EuX51m3K5zcwMBRWltsR56Qn1IzyVNYjrTTRL7pL0G606/84aJBD
Dsba5fBQ3N/rJo/zqDkfSH1pwI7tfHWSP05kd5RM5E24nhVxdfW9ZPGhp53pMM7G
h8kRxHL5qJ3xnihs8gzpOmyE4Pn8OXONwuTHSoEEmD5DsrwwcvYmMroXlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX4KuvEScCKLFe8kBdxY2Ty9OkKMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrCW23s5
qt/lnzbGmel7F7UyQdPkTYVfZxh5gDK8obnG87mDe2fIboDk9a4Y80ZMefc0Gl9V
qdDg5P8nWz8d2uYJVytPqTEKDn/xPuS9xQzyjIYhxnqm1AYlUlSGws3CKJx1E12p
h3vHbdBa3fV+IxHem93g7wVj2bzpXqEoTxwjGVspOxm3oZ5nxq7MkXOso+XQ5GQd
n48nWzAE5EP48UUzp+VudTbjt/QdAcf2Ukz2EcG4cJNIC2ua8Oi3DcpLmizmCF2a
YkHMqAoglx/q8PYDr61g9TW79LDbmemDbkoTeNypGRDgAQs4ddPUYdvpQt5y6S/I
KR576Zu6LLlfCA==
-----END CERTIFICATE-----