Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
File:                     rrlJQmajhxkETYKaSgqPF6QHBOg.mft (raw, json)
Hash identifier:          FMIbWP5MG4CTj1I4U5dNtgCEq2pabaoJa6zzKVGTmOE=
Subject key identifier:   A5:D4:A8:83:B5:2B:E7:80:F0:F5:2A:AC:FF:73:37:56:7A:04:94:0B
Authority key identifier: AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8
Certificate issuer:       /CN=aeb9494266a38719044d829a4a0a8f17a40704e8
Certificate serial:       0198D472C91D98506903F654C8618D6E031E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:02:29 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:29 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:29 +0000
Files and hashes:         1: rrlJQmajhxkETYKaSgqPF6QHBOg.crl (hash: SuXWbo2iCQsp21Wp7PhnrZFHjTUXux0M0f6SfsluV6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:c9:1d:98:50:69:03:f6:54:c8:61:8d:6e:03:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb9494266a38719044d829a4a0a8f17a40704e8
        Validity
            Not Before: Aug 23 01:02:29 2025 GMT
            Not After : Aug 24 01:02:29 2025 GMT
        Subject: CN=a5d4a883b52be780f0f52aacff7337567a04940b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:43:e8:b3:60:5f:26:13:d4:09:a7:84:d1:39:
                    ce:6c:21:c5:2b:66:e1:3d:62:85:66:a3:78:de:85:
                    68:49:3a:ab:c1:51:63:a8:87:17:c1:5b:2f:b4:67:
                    17:76:30:80:9b:6e:37:73:94:9e:1c:bf:ee:f0:23:
                    5f:1a:f0:01:65:64:e6:2c:72:1c:3c:97:60:b4:9a:
                    b5:48:39:37:6f:25:c0:11:fa:54:31:21:94:f5:bf:
                    8f:f4:a5:d8:a8:da:c9:0f:d7:1e:d5:fc:c0:8d:c5:
                    d6:df:4d:82:8d:a5:6f:7c:a2:8d:67:72:8b:42:3e:
                    84:7b:db:a7:44:d1:e2:23:4c:82:c0:0a:aa:d2:5a:
                    47:26:a0:5d:33:c8:ea:c4:b3:9b:a3:fe:0b:dc:5f:
                    d7:a6:08:5f:7d:d8:8d:4b:f5:d4:57:a2:66:ef:88:
                    51:88:33:d6:25:5a:67:53:8e:59:1e:c3:49:64:8f:
                    44:9d:0f:3e:0d:79:1b:ff:44:ce:c3:6f:da:c1:02:
                    54:78:e8:98:79:05:92:63:6e:98:d2:a5:af:d1:f1:
                    d0:c8:94:7d:b8:a8:b7:15:fd:a0:de:a2:33:66:37:
                    d5:ab:79:d5:1a:69:76:3d:19:01:fb:f8:c6:ab:d5:
                    f7:08:15:3c:ca:7f:9c:97:15:2c:3f:ee:d0:53:45:
                    31:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D4:A8:83:B5:2B:E7:80:F0:F5:2A:AC:FF:73:37:56:7A:04:94:0B
            X509v3 Authority Key Identifier:
                keyid:AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:a8:9e:40:8b:b3:64:43:83:d5:5a:cf:3b:4f:85:00:aa:2d:
         1e:62:7a:74:39:6b:81:59:84:29:a4:8d:76:7f:e2:75:16:fd:
         f9:69:6e:a1:83:17:93:8e:68:6e:e0:f4:33:78:fd:24:58:c2:
         20:35:8a:bc:33:8c:bf:52:21:95:7d:c2:ce:04:a4:e1:38:15:
         b7:37:9e:52:28:f1:ec:c0:9f:ab:fa:77:c1:79:e1:b8:b1:36:
         37:29:d7:b6:78:54:94:2b:09:b4:eb:fc:80:e8:6a:f2:73:54:
         53:4c:f8:99:d1:0b:fd:d1:81:78:15:5a:8b:e2:c3:e1:02:33:
         99:dd:9f:20:a4:ab:5c:11:74:02:9c:5a:1a:23:b7:14:bc:d6:
         85:fc:77:d4:d7:52:f7:09:b4:3f:dd:62:cd:63:fa:39:fb:27:
         ca:6d:75:35:df:21:03:10:04:80:6b:af:fa:4b:20:4a:b6:04:
         5d:8c:c3:bb:24:98:28:4e:a8:7d:65:9a:78:8c:e5:d7:85:4a:
         08:25:42:9c:8e:62:bb:76:da:cd:73:82:74:95:73:9f:b5:e4:
         88:12:a1:ff:fe:88:21:c5:b2:dc:83:7a:88:7f:b9:7c:05:4b:
         7c:5b:d1:8a:d4:f7:c9:89:3f:d8:5f:5c:5c:29:dd:87:06:33:
         27:90:f1:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcskdmFBpA/ZUyGGNbgMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjk0OTQyNjZhMzg3MTkwNDRkODI5YTRhMGE4ZjE3YTQw
NzA0ZTgwHhcNMjUwODIzMDEwMjI5WhcNMjUwODI0MDEwMjI5WjAzMTEwLwYDVQQD
EyhhNWQ0YTg4M2I1MmJlNzgwZjBmNTJhYWNmZjczMzc1NjdhMDQ5NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EPos2BfJhPUCaeE0TnObCHFK2bh
PWKFZqN43oVoSTqrwVFjqIcXwVsvtGcXdjCAm243c5SeHL/u8CNfGvABZWTmLHIc
PJdgtJq1SDk3byXAEfpUMSGU9b+P9KXYqNrJD9ce1fzAjcXW302CjaVvfKKNZ3KL
Qj6Ee9unRNHiI0yCwAqq0lpHJqBdM8jqxLObo/4L3F/XpghffdiNS/XUV6Jm74hR
iDPWJVpnU45ZHsNJZI9EnQ8+DXkb/0TOw2/awQJUeOiYeQWSY26Y0qWv0fHQyJR9
uKi3Ff2g3qIzZjfVq3nVGml2PRkB+/jGq9X3CBU8yn+clxUsP+7QU0Ux6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXUqIO1K+eA8PUqrP9zN1Z6BJQLMB8GA1UdIwQY
MBaAFK65SUJmo4cZBE2CmkoKjxekBwToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUt
MmE3YjU4YmRmOTQ1LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUtMmE3YjU4YmRmOTQ1
LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6ieQIuz
ZEOD1VrPO0+FAKotHmJ6dDlrgVmEKaSNdn/idRb9+WluoYMXk45obuD0M3j9JFjC
IDWKvDOMv1IhlX3CzgSk4TgVtzeeUijx7MCfq/p3wXnhuLE2NynXtnhUlCsJtOv8
gOhq8nNUU0z4mdEL/dGBeBVai+LD4QIzmd2fIKSrXBF0ApxaGiO3FLzWhfx31NdS
9wm0P91izWP6Ofsnym11Nd8hAxAEgGuv+ksgSrYEXYzDuySYKE6ofWWaeIzl14VK
CCVCnI5iu3bazXOCdJVzn7XkiBKh//6IIcWy3IN6iH+5fAVLfFvRitT3yYk/2F9c
XCndhwYzJ5DxIw==
-----END CERTIFICATE-----