Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
File:                     Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json)
Hash identifier:          LY81mSdssAgP9wWjngxgnAEN6bQfGUKcrhBZagmV5KM=
Subject key identifier:   B8:13:92:36:A2:5C:E9:23:A9:B5:E5:09:8C:E6:9E:36:28:FA:D8:02
Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E
Certificate issuer:       /CN=31afb771a4b9110b114aa807afb7086b1a65379e
Certificate serial:       0198D472A8C6B586ECEAE8742A0FF0B2AB72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
Manifest number:          0405
Signing time:             Sat 23 Aug 2025 01:02:20 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:20 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:20 +0000
Files and hashes:         1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: cZZfLy+ApJidIv8G7NjeyPxDrQckmHQL7i2foR+QaZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:a8:c6:b5:86:ec:ea:e8:74:2a:0f:f0:b2:ab:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e
        Validity
            Not Before: Aug 23 01:02:20 2025 GMT
            Not After : Aug 24 01:02:20 2025 GMT
        Subject: CN=b8139236a25ce923a9b5e5098ce69e3628fad802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c5:da:2f:77:1f:c0:b1:13:0f:d0:23:fe:43:
                    80:b7:53:95:89:9d:8d:4e:dd:4f:3d:b4:02:5c:1b:
                    d8:e1:24:a4:ce:b3:0e:81:ae:3e:39:c4:26:6f:8d:
                    c5:1b:cc:20:af:13:e4:00:d2:79:c9:03:e3:76:9c:
                    fc:e0:25:22:1f:41:8c:76:90:b1:d5:8e:40:9c:08:
                    20:05:7a:48:52:90:54:b8:c1:97:00:ce:cb:ee:4a:
                    1d:d2:41:cf:95:de:ee:e3:41:b0:fe:ab:42:98:8d:
                    9e:0d:68:76:e5:13:d6:6a:8a:e3:56:74:d7:e1:1c:
                    06:d8:a1:9b:a3:a3:35:92:a0:00:4c:cd:31:c2:98:
                    b2:98:3c:ca:3f:d8:9e:5b:a6:3e:73:eb:de:68:30:
                    54:ee:85:fa:73:99:5b:3e:06:0c:4d:a2:eb:6d:2e:
                    39:3f:92:f0:ae:85:f7:0a:b6:e1:e0:7d:e8:9f:db:
                    cb:78:3f:f7:92:f8:c4:bb:39:0a:31:65:2c:19:9f:
                    63:1d:c2:5e:1c:6b:b7:f6:77:ff:c6:04:d8:d3:af:
                    1b:f6:87:95:0b:27:a0:76:1f:9c:e9:60:df:38:95:
                    a2:de:b6:31:76:38:67:99:c8:a9:c6:8b:e8:6e:80:
                    b3:ed:63:a5:ad:6f:6c:76:48:c9:94:92:b8:7a:86:
                    d0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:13:92:36:A2:5C:E9:23:A9:B5:E5:09:8C:E6:9E:36:28:FA:D8:02
            X509v3 Authority Key Identifier:
                keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:30:72:0e:6f:80:fb:1a:95:d0:a8:e5:e5:fe:0f:06:4d:9a:
         f2:d5:ea:7c:aa:da:63:73:44:13:dc:49:99:67:a1:52:90:eb:
         22:41:f7:64:4a:e7:50:69:f0:a0:a9:9c:ae:88:b9:41:fe:fc:
         84:65:40:88:58:2e:86:16:f2:31:dc:08:be:e7:00:96:82:4e:
         74:22:cd:74:44:ea:b8:76:cd:68:32:c2:22:a5:85:41:77:45:
         9f:b3:09:40:07:56:a2:b2:8a:35:b0:c5:17:45:20:f8:03:29:
         29:73:fd:2c:ff:36:56:96:4e:e2:7c:6e:62:7d:3a:61:3c:30:
         e0:40:64:7d:41:20:7c:ad:f4:da:c3:55:37:65:fb:ea:f4:f4:
         d0:eb:08:c4:79:37:af:c7:0d:fd:3c:13:a3:76:c7:15:b3:e4:
         83:5b:1a:83:24:39:a1:1e:a0:b4:7e:6b:8b:bd:55:1c:72:b9:
         0a:75:69:96:e1:d0:b0:d2:2b:47:af:9f:34:26:be:ea:80:c2:
         46:6d:6e:45:d0:60:3b:da:d3:3f:15:45:c2:37:46:a9:ce:28:
         f3:99:ac:55:cf:1b:02:9f:32:30:95:7d:2a:c6:65:e4:16:68:
         63:e6:b1:c4:aa:34:6d:ba:bd:96:99:13:0b:f2:e2:b5:5e:e9:
         76:e5:28:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcqjGtYbs6uh0Kg/wsqtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2
NTM3OWUwHhcNMjUwODIzMDEwMjIwWhcNMjUwODI0MDEwMjIwWjAzMTEwLwYDVQQD
EyhiODEzOTIzNmEyNWNlOTIzYTliNWU1MDk4Y2U2OWUzNjI4ZmFkODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucXaL3cfwLETD9Aj/kOAt1OViZ2N
Tt1PPbQCXBvY4SSkzrMOga4+OcQmb43FG8wgrxPkANJ5yQPjdpz84CUiH0GMdpCx
1Y5AnAggBXpIUpBUuMGXAM7L7kod0kHPld7u40Gw/qtCmI2eDWh25RPWaorjVnTX
4RwG2KGbo6M1kqAATM0xwpiymDzKP9ieW6Y+c+veaDBU7oX6c5lbPgYMTaLrbS45
P5LwroX3Crbh4H3on9vLeD/3kvjEuzkKMWUsGZ9jHcJeHGu39nf/xgTY068b9oeV
Cyegdh+c6WDfOJWi3rYxdjhnmcipxovoboCz7WOlrW9sdkjJlJK4eobQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgTkjaiXOkjqbXlCYzmnjYo+tgCMB8GA1UdIwQY
MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It
YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3
LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoDByDm+A
+xqV0Kjl5f4PBk2a8tXqfKraY3NEE9xJmWehUpDrIkH3ZErnUGnwoKmcroi5Qf78
hGVAiFguhhbyMdwIvucAloJOdCLNdETquHbNaDLCIqWFQXdFn7MJQAdWorKKNbDF
F0Ug+AMpKXP9LP82VpZO4nxuYn06YTww4EBkfUEgfK302sNVN2X76vT00OsIxHk3
r8cN/TwTo3bHFbPkg1sagyQ5oR6gtH5ri71VHHK5CnVpluHQsNIrR6+fNCa+6oDC
Rm1uRdBgO9rTPxVFwjdGqc4o85msVc8bAp8yMJV9KsZl5BZoY+axxKo0bbq9lpkT
C/LitV7pduUokg==
-----END CERTIFICATE-----