Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          7rA8kWNGmKZdv5OLwJK7hzIarcD0vXVMoQGVFxYpPCU=
Subject key identifier:   FD:21:1B:A9:E6:C1:2B:54:ED:6E:A2:B4:28:07:57:9A:59:67:96:59
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       0198D660D346363899AF0C48EA383D53014B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          10E7
Signing time:             Sat 23 Aug 2025 10:02:06 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:06 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:06 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: smTsC74Mzkdriue5lvkU049sTvrjoJIQpe3w17OStlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:d3:46:36:38:99:af:0c:48:ea:38:3d:53:01:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Aug 23 10:02:06 2025 GMT
            Not After : Aug 24 10:02:06 2025 GMT
        Subject: CN=fd211ba9e6c12b54ed6ea2b42807579a59679659
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:29:3f:95:c4:b2:46:0d:8e:9a:16:81:40:e0:
                    91:d5:e1:3e:67:44:95:47:9b:88:6a:3a:23:61:40:
                    df:ae:85:bf:81:45:d3:59:b5:88:1a:a8:97:b2:6c:
                    2d:d2:75:ed:ca:4f:c8:48:d2:a3:35:49:57:7e:6e:
                    b2:6d:36:2a:dd:18:23:7e:c8:d4:90:3b:b5:b6:17:
                    f1:17:7b:83:aa:9b:38:68:04:a1:96:3b:2a:4c:bd:
                    e6:60:df:8c:c4:f9:1e:13:df:ee:9e:56:5c:6c:2f:
                    e2:8f:2b:24:48:51:05:a9:b0:fc:e0:c3:2f:1a:c3:
                    11:ca:70:05:e1:b9:18:26:dc:79:e5:34:b5:27:75:
                    f4:84:ab:80:4d:ff:71:0f:02:b0:52:77:cb:db:ad:
                    15:52:ff:64:95:f8:8e:81:70:17:8e:2f:8f:21:c8:
                    0c:85:5f:7c:c5:1a:e7:47:96:ad:a1:b3:c8:13:fe:
                    bd:a7:b2:ad:54:5a:09:5f:18:92:16:9f:cb:9d:75:
                    64:e5:c6:87:87:2d:3c:be:a4:7e:f7:a9:03:07:4c:
                    59:65:42:e4:59:80:36:1b:ea:81:10:d0:ff:32:76:
                    86:c5:4a:14:0d:29:0e:91:42:52:49:ef:4c:c7:fd:
                    e2:05:d5:3c:2c:21:87:2d:03:65:04:ea:b2:98:0a:
                    08:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:21:1B:A9:E6:C1:2B:54:ED:6E:A2:B4:28:07:57:9A:59:67:96:59
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:65:17:ba:c8:0c:97:7a:ea:79:58:0d:57:8f:cd:19:42:b9:
         25:bc:65:96:cd:16:c9:ad:34:46:73:9e:6c:c4:e0:b2:d8:ec:
         b8:55:a5:c7:9a:c2:31:06:ae:c1:d8:cd:1f:0f:1b:aa:27:f7:
         b6:03:f1:0b:b0:45:57:c8:83:1e:59:01:3f:1c:26:1d:eb:67:
         03:cc:72:79:1c:6c:5e:90:d9:2f:77:f3:ff:89:dc:c5:c8:2c:
         2a:ce:0a:d9:c7:a3:4a:35:bc:34:01:10:a2:cc:ed:1a:89:ee:
         d8:5e:91:eb:6a:fd:f6:c7:2a:ad:a6:3d:b8:4e:18:51:66:77:
         29:a2:9a:dd:04:27:6d:e7:c2:70:70:3b:0e:d8:98:cc:ec:92:
         e7:6b:f5:fe:e0:96:03:8f:2e:bf:c2:dd:59:26:a4:04:ea:92:
         eb:2f:42:bb:bf:71:64:c3:da:61:fe:7f:c4:47:03:85:53:8b:
         7a:5c:e2:92:fe:66:60:1e:90:5b:9e:a6:55:25:a8:16:cd:6b:
         90:96:fb:1c:16:19:4e:09:52:a4:ba:71:d2:09:c0:16:5e:34:
         e2:a3:b8:9c:9b:a3:ec:a9:b2:d1:2a:06:a5:d2:bd:f8:09:79:
         a5:52:12:58:4d:25:37:a0:ee:1c:28:b3:35:ce:d7:7a:7f:21:
         45:d9:31:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYNNGNjiZrwxI6jg9UwFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjUwODIzMTAwMjA2WhcNMjUwODI0MTAwMjA2WjAzMTEwLwYDVQQD
EyhmZDIxMWJhOWU2YzEyYjU0ZWQ2ZWEyYjQyODA3NTc5YTU5Njc5NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCk/lcSyRg2OmhaBQOCR1eE+Z0SV
R5uIajojYUDfroW/gUXTWbWIGqiXsmwt0nXtyk/ISNKjNUlXfm6ybTYq3RgjfsjU
kDu1thfxF3uDqps4aAShljsqTL3mYN+MxPkeE9/unlZcbC/ijyskSFEFqbD84MMv
GsMRynAF4bkYJtx55TS1J3X0hKuATf9xDwKwUnfL260VUv9klfiOgXAXji+PIcgM
hV98xRrnR5atobPIE/69p7KtVFoJXxiSFp/LnXVk5caHhy08vqR+96kDB0xZZULk
WYA2G+qBEND/MnaGxUoUDSkOkUJSSe9Mx/3iBdU8LCGHLQNlBOqymAoIDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0hG6nmwStU7W6itCgHV5pZZ5ZZMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq2UXusgM
l3rqeVgNV4/NGUK5Jbxlls0Wya00RnOebMTgstjsuFWlx5rCMQauwdjNHw8bqif3
tgPxC7BFV8iDHlkBPxwmHetnA8xyeRxsXpDZL3fz/4ncxcgsKs4K2cejSjW8NAEQ
osztGonu2F6R62r99scqraY9uE4YUWZ3KaKa3QQnbefCcHA7DtiYzOyS52v1/uCW
A48uv8LdWSakBOqS6y9Cu79xZMPaYf5/xEcDhVOLelzikv5mYB6QW56mVSWoFs1r
kJb7HBYZTglSpLpx0gnAFl404qO4nJuj7Kmy0SoGpdK9+Al5pVISWE0lN6DuHCiz
Nc7Xen8hRdkxJg==
-----END CERTIFICATE-----