Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
File:                     jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft (raw, json)
Hash identifier:          2VePM0aI/aXn0URjzYmrUub5rufhiZ495mCqzkPd9QM=
Subject key identifier:   92:98:D0:51:62:3A:10:B2:36:67:78:0F:4C:C7:BE:F3:A4:FE:9E:55
Authority key identifier: 8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F
Certificate issuer:       /CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
Certificate serial:       0198D515A735CE3E3AF266ED257F340B6133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
Manifest number:          0480
Signing time:             Sat 23 Aug 2025 04:00:22 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:22 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:22 +0000
Files and hashes:         1: jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl (hash: YgT5Tmw2SrO9mOYutmQvW3ArD058HGeGbPJaAfi6OIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:a7:35:ce:3e:3a:f2:66:ed:25:7f:34:0b:61:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
        Validity
            Not Before: Aug 23 04:00:22 2025 GMT
            Not After : Aug 24 04:00:22 2025 GMT
        Subject: CN=9298d051623a10b23667780f4cc7bef3a4fe9e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:13:a5:6f:12:9e:ae:13:ab:f7:27:b5:e8:f7:
                    f1:97:89:4b:c7:ab:50:6e:b4:b5:d5:92:01:74:c1:
                    58:80:80:62:36:d9:b2:9c:cf:16:a1:e6:c7:44:64:
                    6f:40:15:1e:e9:b5:9a:be:a5:95:b6:58:a0:fa:e7:
                    8d:cf:91:28:7b:66:4b:fd:1a:5b:55:71:42:58:9f:
                    ce:68:ff:81:0b:79:2b:b5:3d:3b:10:d4:a3:53:37:
                    b9:8e:86:10:27:eb:1f:ea:ba:47:c3:8a:20:5d:98:
                    fa:9b:de:48:2f:2d:08:92:b1:6d:bd:e9:6a:d3:97:
                    b3:08:dc:20:88:6a:11:75:c6:7b:b8:67:79:db:e1:
                    2b:2e:f5:c5:b7:cd:50:62:8f:5f:11:06:99:b1:76:
                    50:6c:0d:1f:31:ac:5f:f1:d7:cb:3c:b2:de:5c:b2:
                    23:66:9d:2b:2c:6a:12:6a:07:7a:1b:fe:b0:da:36:
                    b2:a5:0d:ae:59:fc:b1:23:9e:93:cf:bd:fa:37:8f:
                    67:5d:64:9e:7e:65:f4:42:54:02:c4:d9:1d:ba:22:
                    aa:43:aa:5e:89:90:44:36:2a:18:2b:96:41:ff:7e:
                    8f:e5:38:30:45:f7:1a:73:76:0e:6e:9d:70:9f:d8:
                    a5:15:c3:07:f3:ac:de:cd:36:ae:65:d2:61:d9:28:
                    e9:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:98:D0:51:62:3A:10:B2:36:67:78:0F:4C:C7:BE:F3:A4:FE:9E:55
            X509v3 Authority Key Identifier:
                keyid:8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:3c:d8:8d:0f:f8:55:85:c9:4d:30:b4:61:4e:64:90:f7:26:
         52:44:24:80:24:2a:ad:42:a2:74:1e:6d:c3:23:79:ff:a2:d3:
         a0:ee:cb:04:e0:68:04:c0:e2:ac:c2:03:f1:ae:c7:1e:71:c7:
         59:63:c1:63:08:7a:ab:9b:f1:f1:ea:d6:32:a1:4b:f4:69:e8:
         3e:40:e8:f9:1d:c0:86:b7:85:6b:54:a2:72:79:1d:41:67:ae:
         f1:42:64:9a:51:6a:a9:45:49:aa:2f:75:af:ff:a9:02:12:eb:
         96:06:92:40:03:a4:7a:7d:43:e9:29:58:b2:ab:dc:c5:32:0e:
         d8:69:5c:0c:f8:31:d9:be:e0:69:23:ac:09:3a:c6:d2:75:28:
         cc:2c:70:eb:12:a3:6b:d2:4a:25:59:43:a6:d5:8e:9f:63:88:
         45:80:31:83:cf:e2:75:19:18:4a:3f:f7:8a:78:5b:51:40:63:
         7d:37:9d:ea:e4:73:a5:38:ea:07:d4:c3:3a:78:0e:0a:ae:2b:
         54:8f:76:7a:f0:50:df:db:60:e7:3e:c8:1b:77:67:75:a1:d3:
         3e:ee:48:3c:a5:b5:82:5c:74:4f:cf:84:87:b7:df:b2:32:a4:
         c3:99:a9:99:b0:0c:84:1e:d4:bc:16:f1:98:fd:9a:42:27:1c:
         46:0f:bb:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFac1zj468mbtJX80C2EzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOWMwN2U3ZThkZTg1OGIyZTY4MTNkMDBmOWIzOTkyZGY1
MzgyN2YwHhcNMjUwODIzMDQwMDIyWhcNMjUwODI0MDQwMDIyWjAzMTEwLwYDVQQD
Eyg5Mjk4ZDA1MTYyM2ExMGIyMzY2Nzc4MGY0Y2M3YmVmM2E0ZmU5ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxOlbxKerhOr9ye16Pfxl4lLx6tQ
brS11ZIBdMFYgIBiNtmynM8WoebHRGRvQBUe6bWavqWVtlig+ueNz5Eoe2ZL/Rpb
VXFCWJ/OaP+BC3krtT07ENSjUze5joYQJ+sf6rpHw4ogXZj6m95ILy0IkrFtvelq
05ezCNwgiGoRdcZ7uGd52+ErLvXFt81QYo9fEQaZsXZQbA0fMaxf8dfLPLLeXLIj
Zp0rLGoSagd6G/6w2jaypQ2uWfyxI56Tz736N49nXWSefmX0QlQCxNkduiKqQ6pe
iZBENioYK5ZB/36P5TgwRfcac3YObp1wn9ilFcMH86zezTauZdJh2SjpyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKY0FFiOhCyNmd4D0zHvvOk/p5VMB8GA1UdIwQY
MBaAFI2cB+fo3oWLLmgT0A+bOZLfU4J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYt
ZjM2M2M1MTM4NzAyLzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYtZjM2M2M1MTM4NzAy
LzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDzYjQ/4
VYXJTTC0YU5kkPcmUkQkgCQqrUKidB5twyN5/6LToO7LBOBoBMDirMID8a7HHnHH
WWPBYwh6q5vx8erWMqFL9GnoPkDo+R3AhreFa1SicnkdQWeu8UJkmlFqqUVJqi91
r/+pAhLrlgaSQAOken1D6SlYsqvcxTIO2GlcDPgx2b7gaSOsCTrG0nUozCxw6xKj
a9JKJVlDptWOn2OIRYAxg8/idRkYSj/3inhbUUBjfTed6uRzpTjqB9TDOngOCq4r
VI92evBQ39tg5z7IG3dndaHTPu5IPKW1glx0T8+Eh7ffsjKkw5mpmbAMhB7UvBbx
mP2aQiccRg+7yw==
-----END CERTIFICATE-----