Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          poAQxOdbFl4zXUD7FW/mTNjC1YA+ol7lrveCgj5OjlA=
Subject key identifier:   5D:49:A0:D2:C5:15:30:9A:4D:9D:69:1F:8B:00:0E:A0:B5:E1:C1:82
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       0198D4DFD9BB55F7114C9D5ACEB01E253856
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 03:01:36 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:36 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:36 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: MdLYs+mEfZTMk/+BBrnaBhMVhv7Wn8Lf9LuNgH5zK/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:d9:bb:55:f7:11:4c:9d:5a:ce:b0:1e:25:38:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Aug 23 03:01:36 2025 GMT
            Not After : Aug 24 03:01:36 2025 GMT
        Subject: CN=5d49a0d2c515309a4d9d691f8b000ea0b5e1c182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fe:91:03:6e:41:4f:5e:20:3b:a4:9e:c0:54:
                    81:ff:c7:7f:16:ff:51:b0:1f:32:59:1f:ad:df:cc:
                    3f:f6:d6:57:50:97:c4:65:26:5c:48:e4:08:c7:f7:
                    f3:bf:67:96:29:44:7f:ce:47:4a:4e:ef:52:bb:83:
                    98:b3:5d:d1:1c:c1:e0:5e:e5:87:a8:28:f7:bf:16:
                    c6:66:ee:df:a6:7e:58:18:24:77:28:e3:d9:a6:8c:
                    01:00:7b:41:4a:46:60:9f:a6:e5:70:b5:cc:49:ab:
                    57:00:d8:24:de:1b:62:f3:2a:d7:06:ed:99:16:35:
                    94:70:6a:ca:19:20:17:5c:e2:e2:43:70:0b:0e:d6:
                    ac:86:35:5f:0b:13:7b:39:f6:c5:f7:3c:5a:2c:9f:
                    69:87:54:2b:7a:1b:8d:71:72:88:68:d5:5d:d0:00:
                    32:76:4a:e5:9b:2f:e5:91:4f:ff:6e:6d:03:33:22:
                    33:b5:d7:3a:8c:7e:ad:bb:6c:2b:d9:98:9a:1c:f1:
                    65:df:18:52:7d:ca:be:af:bc:10:21:f3:82:20:9c:
                    38:0f:9c:86:1c:c8:36:c9:1a:c0:05:b0:84:44:30:
                    9d:de:61:b6:64:d1:8d:97:59:a3:45:4a:9f:16:dd:
                    54:b7:ba:47:f7:52:3d:fd:de:c3:4b:a8:e1:8d:c8:
                    6a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:49:A0:D2:C5:15:30:9A:4D:9D:69:1F:8B:00:0E:A0:B5:E1:C1:82
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:c4:53:44:5f:6f:bf:ea:9b:7b:d5:d2:37:7c:a3:26:e0:0f:
         ee:b8:38:e7:d4:38:19:4f:57:5b:5d:67:5e:37:fa:6c:ec:0c:
         e5:e6:42:9b:25:a4:22:f7:7f:5c:67:ed:7f:3b:9b:23:2a:82:
         9d:25:ea:60:a5:22:26:86:dc:92:c9:61:97:08:88:ef:4a:63:
         82:12:ca:97:d1:60:9c:bf:fa:e0:0e:61:d7:d3:96:7d:10:13:
         2f:32:34:bb:a8:67:44:f9:20:73:76:48:d2:27:4b:92:98:1a:
         e7:6e:a6:e4:ff:73:bd:71:be:e8:1c:27:d6:c8:db:f8:ab:29:
         11:46:b6:fa:a2:ff:de:7c:20:5a:1a:f2:ce:41:2c:2d:9f:0b:
         27:32:8d:2c:d1:37:8b:fe:10:42:72:d2:ed:fd:bf:c4:b5:92:
         80:24:e3:ee:86:23:1d:f3:b0:23:a5:2d:93:7f:21:c5:c9:32:
         d4:90:01:36:35:82:ac:8c:0a:1a:91:70:44:ec:f6:1a:c8:fc:
         73:ef:fc:7c:24:8a:98:3e:d0:79:56:7a:ec:f4:c6:de:12:58:
         9e:5b:7a:a0:77:c9:bd:36:26:86:99:52:46:99:06:4f:57:3b:
         00:e3:43:1f:ce:d9:3c:01:42:00:da:e2:da:c1:ea:db:bc:4a:
         2e:49:80:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU39m7VfcRTJ1azrAeJThWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUwODIzMDMwMTM2WhcNMjUwODI0MDMwMTM2WjAzMTEwLwYDVQQD
Eyg1ZDQ5YTBkMmM1MTUzMDlhNGQ5ZDY5MWY4YjAwMGVhMGI1ZTFjMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/6RA25BT14gO6SewFSB/8d/Fv9R
sB8yWR+t38w/9tZXUJfEZSZcSOQIx/fzv2eWKUR/zkdKTu9Su4OYs13RHMHgXuWH
qCj3vxbGZu7fpn5YGCR3KOPZpowBAHtBSkZgn6blcLXMSatXANgk3hti8yrXBu2Z
FjWUcGrKGSAXXOLiQ3ALDtashjVfCxN7OfbF9zxaLJ9ph1QrehuNcXKIaNVd0AAy
dkrlmy/lkU//bm0DMyIztdc6jH6tu2wr2ZiaHPFl3xhSfcq+r7wQIfOCIJw4D5yG
HMg2yRrABbCERDCd3mG2ZNGNl1mjRUqfFt1Ut7pH91I9/d7DS6jhjchqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1JoNLFFTCaTZ1pH4sADqC14cGCMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsRTRF9v
v+qbe9XSN3yjJuAP7rg459Q4GU9XW11nXjf6bOwM5eZCmyWkIvd/XGftfzubIyqC
nSXqYKUiJobckslhlwiI70pjghLKl9FgnL/64A5h19OWfRATLzI0u6hnRPkgc3ZI
0idLkpga526m5P9zvXG+6Bwn1sjb+KspEUa2+qL/3nwgWhryzkEsLZ8LJzKNLNE3
i/4QQnLS7f2/xLWSgCTj7oYjHfOwI6Utk38hxcky1JABNjWCrIwKGpFwROz2Gsj8
c+/8fCSKmD7QeVZ67PTG3hJYnlt6oHfJvTYmhplSRpkGT1c7AONDH87ZPAFCANri
2sHq27xKLkmACg==
-----END CERTIFICATE-----