Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          zcElA8H/tY4Y83l6MCJ/A76JRV8g5tQe2VpSQSERsX4=
Subject key identifier:   32:D7:20:62:AA:EF:EE:2C:53:54:B4:89:B3:29:FE:BD:A0:65:DD:DF
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       0198D472F4CA4436AB1B5210CB79A246C4E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0800
Signing time:             Sat 23 Aug 2025 01:02:40 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:40 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:40 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: 4S/yS8mwWA4PuA23lTtHVTTJA92mc27zeXZsPFh6qtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:f4:ca:44:36:ab:1b:52:10:cb:79:a2:46:c4:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Aug 23 01:02:40 2025 GMT
            Not After : Aug 24 01:02:40 2025 GMT
        Subject: CN=32d72062aaefee2c5354b489b329febda065dddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a9:d9:4e:2b:6d:c7:57:31:f0:bf:94:99:88:
                    b8:da:5c:b1:30:6c:b5:9b:5c:bd:9b:aa:5f:69:e5:
                    75:da:3f:3f:80:00:30:c7:39:f3:74:b1:b8:0d:7e:
                    3f:47:61:c2:6e:1f:8b:d2:ae:2a:ae:29:a1:3a:8a:
                    ef:62:f0:00:65:48:dc:ee:5b:a4:72:3c:44:b7:4d:
                    1b:bc:05:3f:fa:da:4a:31:40:e5:a7:68:b2:55:9d:
                    46:39:31:8e:c4:c9:ed:6d:a1:6c:98:cc:cf:ed:b8:
                    c1:23:a0:8e:46:1c:22:f9:ce:5e:29:4d:80:62:4d:
                    29:f2:c6:73:92:d8:51:4c:f2:2d:7b:70:8d:e3:5e:
                    ea:2c:5d:0c:ac:6d:46:ee:9a:98:5c:fe:c9:f7:af:
                    82:ee:f2:5c:d0:43:00:e8:b3:59:92:fc:d5:07:7d:
                    2a:81:3a:2a:13:f2:88:c7:a2:93:4b:f1:0d:12:39:
                    c2:c0:28:65:d1:de:27:9d:24:1e:a7:26:a4:75:11:
                    a1:a9:1f:ee:d4:a9:d3:04:97:ec:15:b1:e1:f1:14:
                    17:53:4c:18:19:4b:8b:11:8d:30:9c:c4:31:dc:92:
                    93:35:48:03:8d:49:a0:10:50:bc:38:a4:47:82:86:
                    d0:c0:cb:0b:ec:b1:42:1e:39:56:6e:dd:9c:81:4e:
                    17:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D7:20:62:AA:EF:EE:2C:53:54:B4:89:B3:29:FE:BD:A0:65:DD:DF
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:14:e7:53:9c:e5:90:72:2d:3b:c3:02:b4:6f:d1:14:d9:96:
         25:33:fd:4b:77:37:86:0f:12:fd:73:39:21:70:7b:f6:d7:6c:
         05:75:51:10:14:7a:58:90:15:89:a5:98:f2:2f:b2:44:de:29:
         96:f4:a8:a9:9c:2a:4d:5b:1f:2f:ec:b7:82:a4:18:e5:f5:92:
         f5:c9:c3:2f:95:7a:e6:3e:5b:22:b6:7b:6a:cc:70:e4:cd:e1:
         71:7c:fe:1d:88:be:7f:28:9d:38:b6:60:96:4a:bb:c8:53:42:
         3b:06:7f:5c:a9:3a:b0:12:4f:ae:e1:39:2c:2d:80:8f:74:52:
         5b:f7:6d:fc:b3:05:bd:89:c3:d9:e1:8a:0b:cd:af:0e:9d:83:
         ee:28:aa:27:eb:15:b8:1a:5d:7c:6d:c0:e8:db:fc:f8:80:d7:
         47:60:94:8a:70:d9:7d:6a:6c:0c:3f:62:f9:c6:17:8c:f6:95:
         30:dc:5a:1c:5e:eb:02:d1:ac:34:b9:17:03:67:02:86:ec:71:
         bc:3a:76:af:1f:12:44:ab:42:cb:8f:d4:0a:aa:d6:1b:0e:cb:
         77:ad:47:df:01:1d:07:fa:47:1a:a8:1e:05:20:08:89:fa:0d:
         52:3d:a3:4b:3d:15:22:ad:f8:8d:78:90:20:5e:f3:aa:cf:f3:
         93:3d:04:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcvTKRDarG1IQy3miRsThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUwODIzMDEwMjQwWhcNMjUwODI0MDEwMjQwWjAzMTEwLwYDVQQD
EygzMmQ3MjA2MmFhZWZlZTJjNTM1NGI0ODliMzI5ZmViZGEwNjVkZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqnZTittx1cx8L+UmYi42lyxMGy1
m1y9m6pfaeV12j8/gAAwxznzdLG4DX4/R2HCbh+L0q4qrimhOorvYvAAZUjc7luk
cjxEt00bvAU/+tpKMUDlp2iyVZ1GOTGOxMntbaFsmMzP7bjBI6CORhwi+c5eKU2A
Yk0p8sZzkthRTPIte3CN417qLF0MrG1G7pqYXP7J96+C7vJc0EMA6LNZkvzVB30q
gToqE/KIx6KTS/ENEjnCwChl0d4nnSQepyakdRGhqR/u1KnTBJfsFbHh8RQXU0wY
GUuLEY0wnMQx3JKTNUgDjUmgEFC8OKRHgobQwMsL7LFCHjlWbt2cgU4XEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLXIGKq7+4sU1S0ibMp/r2gZd3fMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPRTnU5zl
kHItO8MCtG/RFNmWJTP9S3c3hg8S/XM5IXB79tdsBXVREBR6WJAViaWY8i+yRN4p
lvSoqZwqTVsfL+y3gqQY5fWS9cnDL5V65j5bIrZ7asxw5M3hcXz+HYi+fyidOLZg
lkq7yFNCOwZ/XKk6sBJPruE5LC2Aj3RSW/dt/LMFvYnD2eGKC82vDp2D7iiqJ+sV
uBpdfG3A6Nv8+IDXR2CUinDZfWpsDD9i+cYXjPaVMNxaHF7rAtGsNLkXA2cChuxx
vDp2rx8SRKtCy4/UCqrWGw7Ld61H3wEdB/pHGqgeBSAIifoNUj2jSz0VIq34jXiQ
IF7zqs/zkz0EyA==
-----END CERTIFICATE-----