Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
File:                     2xjQrivPZ9QUonXLOE8tOWCoN70.mft (raw, json)
Hash identifier:          JjIuvGXwIqpU0Gfb+fSrBhZzWrS3db5C95Vej3UqhXg=
Subject key identifier:   7D:21:C3:65:CE:9D:E1:42:AB:B2:E0:DC:3B:D9:2E:BA:A2:55:D0:E2
Authority key identifier: DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD
Certificate issuer:       /CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
Certificate serial:       0198D4E0097B02C1D01E7404929A3C5150B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
Manifest number:          0DC1
Signing time:             Sat 23 Aug 2025 03:01:48 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:48 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:48 +0000
Files and hashes:         1: 2xjQrivPZ9QUonXLOE8tOWCoN70.crl (hash: 4g8AiN2yi9+bNy9zfhfIFITt98W0ZiZMlSQBdy0Uunc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:09:7b:02:c1:d0:1e:74:04:92:9a:3c:51:50:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
        Validity
            Not Before: Aug 23 03:01:48 2025 GMT
            Not After : Aug 24 03:01:48 2025 GMT
        Subject: CN=7d21c365ce9de142abb2e0dc3bd92ebaa255d0e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:97:26:73:22:b5:87:25:32:ce:cf:ae:ad:e5:
                    eb:c2:a3:29:c6:b2:e1:53:52:ca:e2:37:02:cf:7c:
                    1c:5a:cf:c8:c4:d0:88:cc:d1:f2:7d:4a:9c:a7:b4:
                    66:49:f4:89:cc:0f:f1:69:b4:ec:f4:fb:1b:19:0b:
                    29:b4:b7:14:fc:01:ac:fb:7d:a5:b1:02:58:03:3e:
                    f6:25:d3:0e:d2:d8:bf:1a:ed:f5:e6:7b:21:e4:75:
                    86:61:19:38:47:41:45:00:19:f8:e9:b5:5a:8c:25:
                    26:8c:8b:63:17:f7:ab:fc:63:74:be:b2:94:83:74:
                    7b:c4:63:2b:c0:46:d1:d4:be:33:e0:40:c6:88:b2:
                    08:3a:07:4c:9e:55:20:a6:da:96:f1:fe:e2:cb:58:
                    76:80:b0:3c:43:fd:2f:89:d9:48:c3:12:58:59:b0:
                    48:3e:e1:fd:86:5b:be:f1:cf:f1:2f:51:39:dd:db:
                    10:fc:90:1c:97:76:b7:b5:10:ce:8e:7c:c6:ec:90:
                    e6:ae:84:d7:99:3c:42:6a:a0:1d:eb:11:7a:9f:8c:
                    c4:6b:d6:13:98:d0:c3:9e:d3:ae:86:9a:83:30:b1:
                    99:ad:87:7d:82:ff:9b:93:9e:5a:ad:e2:2f:c0:49:
                    1d:f7:6a:f5:8b:15:55:86:f4:99:12:c9:0e:2e:24:
                    44:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:21:C3:65:CE:9D:E1:42:AB:B2:E0:DC:3B:D9:2E:BA:A2:55:D0:E2
            X509v3 Authority Key Identifier:
                keyid:DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:4a:52:ca:88:34:78:99:4c:34:c7:1b:d4:22:f0:2f:0b:35:
         cb:72:6d:94:9b:90:3f:ee:90:a3:bd:d9:a7:3a:d0:f4:33:a2:
         45:fe:c8:8b:bd:43:7f:f4:a1:b3:3a:86:55:7b:4a:bc:b1:e8:
         fc:e7:93:a4:36:20:4e:cd:2a:3a:88:d6:ad:24:cb:e4:d8:fc:
         5e:97:2c:9b:01:f3:34:01:61:a8:70:d0:55:7e:13:58:23:7c:
         8c:ca:a8:0c:f7:b6:d5:6b:ca:33:b6:7a:9d:01:05:a6:e3:96:
         f1:1b:1b:b0:52:db:1d:eb:88:75:94:7f:3a:9a:cc:ef:dc:b2:
         1b:f5:91:2f:39:11:79:ed:e8:9f:49:dd:2c:5a:67:dc:5e:fc:
         b3:28:b5:43:1f:5b:77:d0:dd:43:6f:87:5b:5c:13:da:86:f0:
         c2:ab:f6:66:3c:23:d6:65:ed:24:63:0c:25:ff:6f:b6:79:dd:
         b3:09:c5:1d:e8:38:e4:8b:b9:a0:b4:b0:b5:2e:b8:da:fb:32:
         29:9c:48:44:d1:fd:4f:1c:70:88:19:d6:4a:8e:4f:36:52:1d:
         fe:91:ec:bb:2d:5b:26:90:f1:23:69:55:24:46:2c:a1:7c:59:
         ef:17:e7:7f:ce:41:a5:cd:3e:c3:d1:dd:65:aa:8b:b9:f5:68:
         ca:88:00:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4Al7AsHQHnQEkpo8UVC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMThkMGFlMmJjZjY3ZDQxNGEyNzVjYjM4NGYyZDM5NjBh
ODM3YmQwHhcNMjUwODIzMDMwMTQ4WhcNMjUwODI0MDMwMTQ4WjAzMTEwLwYDVQQD
Eyg3ZDIxYzM2NWNlOWRlMTQyYWJiMmUwZGMzYmQ5MmViYWEyNTVkMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJcmcyK1hyUyzs+ureXrwqMpxrLh
U1LK4jcCz3wcWs/IxNCIzNHyfUqcp7RmSfSJzA/xabTs9PsbGQsptLcU/AGs+32l
sQJYAz72JdMO0ti/Gu315nsh5HWGYRk4R0FFABn46bVajCUmjItjF/er/GN0vrKU
g3R7xGMrwEbR1L4z4EDGiLIIOgdMnlUgptqW8f7iy1h2gLA8Q/0vidlIwxJYWbBI
PuH9hlu+8c/xL1E53dsQ/JAcl3a3tRDOjnzG7JDmroTXmTxCaqAd6xF6n4zEa9YT
mNDDntOuhpqDMLGZrYd9gv+bk55areIvwEkd92r1ixVVhvSZEskOLiRE8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0hw2XOneFCq7Lg3DvZLrqiVdDiMB8GA1UdIwQY
MBaAFNsY0K4rz2fUFKJ1yzhPLTlgqDe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQt
MGFjZWJhYTY3Yjc5LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQtMGFjZWJhYTY3Yjc5
LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgUpSyog0
eJlMNMcb1CLwLws1y3JtlJuQP+6Qo73ZpzrQ9DOiRf7Ii71Df/ShszqGVXtKvLHo
/OeTpDYgTs0qOojWrSTL5Nj8XpcsmwHzNAFhqHDQVX4TWCN8jMqoDPe21WvKM7Z6
nQEFpuOW8RsbsFLbHeuIdZR/OprM79yyG/WRLzkRee3on0ndLFpn3F78syi1Qx9b
d9DdQ2+HW1wT2obwwqv2Zjwj1mXtJGMMJf9vtnndswnFHeg45Iu5oLSwtS642vsy
KZxIRNH9TxxwiBnWSo5PNlId/pHsuy1bJpDxI2lVJEYsoXxZ7xfnf85Bpc0+w9Hd
ZaqLufVoyogAEw==
-----END CERTIFICATE-----