Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
File:                     DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft (raw, json)
Hash identifier:          Va4Mk7R4Hs77n2CYf9RRfyQFiCNmZJzvMeBE4YM5Xs0=
Subject key identifier:   71:57:1F:BB:66:C1:20:94:CB:3F:1F:81:EF:1C:4E:C2:DF:81:6C:74
Authority key identifier: 0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B
Certificate issuer:       /CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
Certificate serial:       0198D54E4B18E6C181A1FDB07B32EB96ED0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
Manifest number:          1324
Signing time:             Sat 23 Aug 2025 05:02:14 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:14 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:14 +0000
Files and hashes:         1: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl (hash: J//klPCpBrSOUTD5kM5PgiBcKJ7BR2BltumHJKjQsIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:4b:18:e6:c1:81:a1:fd:b0:7b:32:eb:96:ed:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
        Validity
            Not Before: Aug 23 05:02:14 2025 GMT
            Not After : Aug 24 05:02:14 2025 GMT
        Subject: CN=71571fbb66c12094cb3f1f81ef1c4ec2df816c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:8e:c8:9e:fd:e9:da:d1:c7:53:51:b0:fc:c0:
                    5c:e0:bb:8d:6e:0d:f1:6b:43:37:67:f9:bb:df:f2:
                    fa:10:f8:12:38:8b:b0:f5:05:e2:62:67:ae:c0:6e:
                    b0:18:e2:39:eb:8b:2c:d7:5b:71:20:72:af:04:9d:
                    e1:c9:df:25:fa:17:78:64:8f:f2:07:c5:00:80:c3:
                    e9:c6:65:bd:2a:34:da:88:9e:58:a1:3d:31:70:d7:
                    db:db:de:0e:1f:d3:9b:24:c0:db:b2:14:c4:c5:f5:
                    55:09:ae:95:36:66:00:fc:b7:40:63:84:9c:23:1d:
                    e3:4f:45:55:ae:ac:80:60:08:33:a5:5e:b8:c3:bb:
                    a7:18:52:83:e1:78:2f:58:b6:e5:08:2f:f6:63:36:
                    03:78:f3:87:5b:46:af:cf:1c:b6:40:d3:01:3b:f8:
                    d2:b9:83:b5:b0:97:46:fd:f9:f8:a0:f4:77:bb:8a:
                    d5:46:7e:15:f3:5a:df:a0:7b:ca:7b:4b:1d:7c:b1:
                    be:df:17:bc:9b:df:ba:78:e7:40:1d:2b:4b:12:2c:
                    40:59:aa:aa:b6:55:83:90:ac:59:ea:2a:4b:d2:68:
                    1c:d9:39:8f:fb:84:86:27:1a:01:b8:31:e7:ee:c4:
                    73:6c:30:94:53:b3:bf:08:60:3b:d7:7b:51:5d:11:
                    bc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:57:1F:BB:66:C1:20:94:CB:3F:1F:81:EF:1C:4E:C2:DF:81:6C:74
            X509v3 Authority Key Identifier:
                keyid:0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:9c:ed:e6:bd:94:93:a6:4b:90:86:55:d2:b8:b1:b1:e6:66:
         f1:cd:a0:a1:8c:3c:c4:ee:23:0b:7b:2d:9f:13:32:4a:c1:fa:
         43:cb:7b:43:f0:de:01:3d:65:70:6f:51:63:7c:27:47:7a:d6:
         3b:40:3a:6e:55:48:24:cd:c1:32:aa:66:4f:25:b0:f8:b1:3b:
         6e:76:9a:10:56:64:92:f1:75:0e:76:0e:d9:fc:e7:44:ef:ff:
         5f:11:9c:9f:5a:03:fa:29:48:7d:d8:32:d3:fa:13:4d:0c:6f:
         75:f9:f4:82:05:ee:0f:25:4d:1a:85:52:3f:cd:2e:51:96:04:
         6a:9b:58:ab:52:de:59:5b:fd:4c:83:58:aa:8d:f8:c3:07:d5:
         28:e0:eb:40:68:22:40:fc:ef:5d:6d:a2:60:0a:12:05:2d:56:
         fd:dc:ed:58:6b:9d:6b:16:b9:0f:1f:fe:ea:a4:3c:53:f4:aa:
         7e:ee:5e:d6:56:ef:51:f4:ba:4b:17:e7:6e:ae:5f:96:86:05:
         10:57:a5:26:ee:68:7a:30:eb:63:69:8b:05:d6:98:6d:d2:db:
         e0:5e:a1:a0:bb:a0:9f:cb:e2:d1:f4:bb:c7:7d:41:9d:48:ec:
         71:d0:87:10:d6:a7:9a:82:17:e9:7c:2e:7e:0c:8f:cc:05:53:
         96:35:09:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTksY5sGBof2wezLrlu0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNGYwYjlhNWZlMDM4OWZhZGNiYmZiMWZhMWM0MGM0YTRi
YTBkMmIwHhcNMjUwODIzMDUwMjE0WhcNMjUwODI0MDUwMjE0WjAzMTEwLwYDVQQD
Eyg3MTU3MWZiYjY2YzEyMDk0Y2IzZjFmODFlZjFjNGVjMmRmODE2Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy47Inv3p2tHHU1Gw/MBc4LuNbg3x
a0M3Z/m73/L6EPgSOIuw9QXiYmeuwG6wGOI564ss11txIHKvBJ3hyd8l+hd4ZI/y
B8UAgMPpxmW9KjTaiJ5YoT0xcNfb294OH9ObJMDbshTExfVVCa6VNmYA/LdAY4Sc
Ix3jT0VVrqyAYAgzpV64w7unGFKD4XgvWLblCC/2YzYDePOHW0avzxy2QNMBO/jS
uYO1sJdG/fn4oPR3u4rVRn4V81rfoHvKe0sdfLG+3xe8m9+6eOdAHStLEixAWaqq
tlWDkKxZ6ipL0mgc2TmP+4SGJxoBuDHn7sRzbDCUU7O/CGA713tRXRG8QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFXH7tmwSCUyz8fge8cTsLfgWx0MB8GA1UdIwQY
MBaAFAxPC5pf4Difrcu/sfocQMSkug0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMt
ZjYwNmFjZTRhY2MyLzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMtZjYwNmFjZTRhY2My
LzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZzt5r2U
k6ZLkIZV0rixseZm8c2goYw8xO4jC3stnxMySsH6Q8t7Q/DeAT1lcG9RY3wnR3rW
O0A6blVIJM3BMqpmTyWw+LE7bnaaEFZkkvF1DnYO2fznRO//XxGcn1oD+ilIfdgy
0/oTTQxvdfn0ggXuDyVNGoVSP80uUZYEaptYq1LeWVv9TINYqo34wwfVKODrQGgi
QPzvXW2iYAoSBS1W/dztWGudaxa5Dx/+6qQ8U/Sqfu5e1lbvUfS6Sxfnbq5floYF
EFelJu5oejDrY2mLBdaYbdLb4F6hoLugn8vi0fS7x31BnUjscdCHENanmoIX6Xwu
fgyPzAVTljUJvQ==
-----END CERTIFICATE-----