Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          i19tYWRFgzMNNFfuA1OtzM58afJWRhevEe1m1TW1KC0=
Subject key identifier:   CD:E4:05:D4:8A:AF:B0:CC:BD:F8:88:85:6C:48:37:B5:6F:CD:CB:60
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       0198D515A920906FDC05E886C5CA4F7C75FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0E38
Signing time:             Sat 23 Aug 2025 04:00:23 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:23 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:23 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: 6BDXH34cp+AfNaJYK6WDRqWixmhVIHqDAeqn5fuyyV8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:a9:20:90:6f:dc:05:e8:86:c5:ca:4f:7c:75:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Aug 23 04:00:23 2025 GMT
            Not After : Aug 24 04:00:23 2025 GMT
        Subject: CN=cde405d48aafb0ccbdf888856c4837b56fcdcb60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:39:91:3f:58:bf:dd:0f:0c:80:e6:ed:5d:21:
                    a5:7b:bc:2c:0e:e9:f8:e1:26:f7:98:ff:40:c7:dc:
                    f3:40:71:f9:3d:ba:29:d6:b9:44:e1:9c:e4:89:3c:
                    34:c0:74:7e:04:9d:5c:1e:aa:6e:4f:cb:0a:9e:9b:
                    15:79:44:d7:5d:e0:93:19:f4:a6:cc:95:4d:ae:e0:
                    db:ab:85:5d:39:a5:09:10:18:11:65:a2:78:20:ee:
                    b2:32:9c:91:31:6c:2f:b6:ef:ba:32:a4:72:ef:c2:
                    3c:04:f0:95:4c:21:10:59:cc:72:48:3f:8f:bd:8b:
                    82:38:8a:da:97:61:d4:91:3b:b0:97:fe:25:95:af:
                    6b:7d:a6:80:0f:f2:aa:b5:56:b7:f1:5b:71:bd:cf:
                    1e:8f:2d:bd:49:97:64:83:36:a5:05:e9:e6:70:6b:
                    b4:8a:fe:8a:44:7b:17:23:43:72:e0:57:4c:e3:70:
                    ce:01:5f:c0:5a:22:0a:e1:b3:99:3d:ad:25:0d:1b:
                    a2:7e:b6:b9:72:aa:46:4f:9c:c1:ea:29:0d:f2:e0:
                    6d:55:d2:e3:dc:dc:3e:06:7e:52:54:26:a3:b6:7e:
                    15:5e:f3:e6:f9:f6:60:ae:24:21:2b:a4:27:99:4b:
                    bf:6c:37:1d:34:cb:2a:24:0c:3d:b4:32:35:5f:f6:
                    7c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:E4:05:D4:8A:AF:B0:CC:BD:F8:88:85:6C:48:37:B5:6F:CD:CB:60
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:18:95:6a:0f:04:ae:08:54:73:36:93:98:d6:23:f1:e8:c5:
         b3:6f:c3:97:f0:7c:10:fa:24:9e:d8:a0:46:cb:26:42:53:48:
         f2:fc:67:28:5a:1b:6f:e4:25:28:a0:9b:8b:d8:8d:c7:d5:09:
         5f:5b:ea:b1:f0:63:7b:0f:02:8b:0c:f2:3c:8b:c4:aa:cb:68:
         91:ac:d4:05:60:79:9a:a7:a9:8e:54:7b:2a:e6:e4:ed:9c:f4:
         37:e2:92:5d:51:ac:01:1c:1e:3b:e6:88:3e:51:17:06:14:42:
         a1:48:61:fd:5b:77:65:c3:90:a5:34:12:6f:66:de:c3:5f:3a:
         2a:66:ec:7f:80:b7:8b:b3:62:9c:30:7d:e5:b8:10:66:c7:c0:
         2d:77:f2:7b:65:5d:5a:20:d6:fe:92:9d:48:86:2d:02:b6:a1:
         9a:2b:18:96:af:81:12:d6:51:62:17:53:f1:4a:f3:2a:b9:b3:
         25:e9:c4:38:3e:8f:24:54:9a:8e:69:c0:ef:27:5e:ec:42:99:
         0e:97:bb:7e:9e:13:ab:ec:92:56:fc:7a:c4:fa:3e:dd:c8:98:
         36:eb:66:a9:1f:34:a5:a2:28:d2:65:5b:7a:10:42:5a:3f:dc:
         f5:5e:8a:54:6b:a3:52:ba:5b:c9:88:c1:80:33:21:f0:bf:c0:
         e4:db:18:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFakgkG/cBeiGxcpPfHX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwODIzMDQwMDIzWhcNMjUwODI0MDQwMDIzWjAzMTEwLwYDVQQD
EyhjZGU0MDVkNDhhYWZiMGNjYmRmODg4ODU2YzQ4MzdiNTZmY2RjYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDmRP1i/3Q8MgObtXSGle7wsDun4
4Sb3mP9Ax9zzQHH5Pbop1rlE4ZzkiTw0wHR+BJ1cHqpuT8sKnpsVeUTXXeCTGfSm
zJVNruDbq4VdOaUJEBgRZaJ4IO6yMpyRMWwvtu+6MqRy78I8BPCVTCEQWcxySD+P
vYuCOIral2HUkTuwl/4lla9rfaaAD/KqtVa38Vtxvc8ejy29SZdkgzalBenmcGu0
iv6KRHsXI0Ny4FdM43DOAV/AWiIK4bOZPa0lDRuifra5cqpGT5zB6ikN8uBtVdLj
3Nw+Bn5SVCajtn4VXvPm+fZgriQhK6QnmUu/bDcdNMsqJAw9tDI1X/Z8IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3kBdSKr7DMvfiIhWxIN7VvzctgMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhiVag8E
rghUczaTmNYj8ejFs2/Dl/B8EPokntigRssmQlNI8vxnKFobb+QlKKCbi9iNx9UJ
X1vqsfBjew8CiwzyPIvEqstokazUBWB5mqepjlR7Kubk7Zz0N+KSXVGsARweO+aI
PlEXBhRCoUhh/Vt3ZcOQpTQSb2bew186Kmbsf4C3i7NinDB95bgQZsfALXfye2Vd
WiDW/pKdSIYtArahmisYlq+BEtZRYhdT8UrzKrmzJenEOD6PJFSajmnA7yde7EKZ
Dpe7fp4Tq+ySVvx6xPo+3ciYNutmqR80paIo0mVbehBCWj/c9V6KVGujUrpbyYjB
gDMh8L/A5NsY/Q==
-----END CERTIFICATE-----