Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File:                     dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier:          OVE05IeDYGiZ1DT2zw3Tew7GsHPv+z9OV2GSExoi7x0=
Subject key identifier:   D0:21:A4:89:95:5C:D9:8D:58:4B:72:CF:89:66:CD:49:44:F5:FF:80
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer:       /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial:       0198D65F102053C7B58AD91B552A0A6E51FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:10 +0000
Files and hashes:         1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: nX2hFVHHroNrH3VD4e9dq5eNWg68vXqJWS7SXtBCAgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:10:20:53:c7:b5:8a:d9:1b:55:2a:0a:6e:51:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
        Validity
            Not Before: Aug 23 10:00:10 2025 GMT
            Not After : Aug 24 10:00:10 2025 GMT
        Subject: CN=d021a489955cd98d584b72cf8966cd4944f5ff80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:39:c7:cc:43:65:ea:e5:d6:0b:8a:b2:d3:b5:
                    e5:af:04:94:88:89:6c:2e:77:5e:c0:54:b4:92:1a:
                    37:2c:7d:1c:a6:91:17:c9:5d:35:57:bc:8f:db:ed:
                    a3:e2:20:99:18:8c:40:12:b8:5f:28:39:48:20:0b:
                    a2:0a:80:db:60:c9:ff:06:19:c1:5a:34:7e:a9:fb:
                    c4:3c:ee:c1:fe:d3:b7:29:64:88:7a:76:4b:ef:8c:
                    56:46:42:19:df:5a:2c:6b:26:e3:47:59:33:63:66:
                    44:ca:d7:53:f4:ca:0b:6a:f8:33:4c:45:0e:a3:e4:
                    7a:53:a5:8e:dd:5b:79:e0:18:8c:78:99:8f:93:26:
                    89:78:15:c4:42:bb:6c:0c:f0:ac:6e:29:47:76:70:
                    a5:16:24:05:4e:f6:ce:d5:b9:93:d1:cb:7b:ee:54:
                    1a:96:d0:ba:79:07:24:0d:eb:5f:d6:9a:bd:2d:eb:
                    b0:5c:a9:97:29:d0:76:f6:87:c6:d0:89:bc:15:5b:
                    35:d4:31:11:3b:cb:16:54:16:9f:40:41:fe:c7:7e:
                    4b:96:9a:a9:16:37:78:07:1a:1b:bd:4e:02:28:0b:
                    4e:30:6b:42:f2:79:30:c4:60:b9:b3:eb:71:35:9f:
                    60:fe:bd:e6:c9:01:c7:7f:79:5c:88:91:23:61:a1:
                    6e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:21:A4:89:95:5C:D9:8D:58:4B:72:CF:89:66:CD:49:44:F5:FF:80
            X509v3 Authority Key Identifier:
                keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:34:ea:36:4d:f4:39:56:a8:2e:53:dd:b7:c1:34:f5:01:f8:
         51:b6:f7:98:c8:77:a7:c3:9b:48:86:10:70:6f:dd:33:10:69:
         13:60:5a:18:4f:20:f3:b0:ba:1e:cf:7a:0e:fa:b5:35:da:1e:
         8b:9e:5e:42:4c:89:f5:29:eb:46:4f:3e:3d:2d:89:62:d8:47:
         11:d0:de:80:67:b9:b4:44:f3:bb:d7:b3:6e:45:54:61:71:2f:
         d1:64:d7:07:3c:2f:4d:21:b8:d5:6d:34:6b:99:e2:91:14:e8:
         d6:b1:d8:6c:d7:a4:95:7f:0d:6d:c9:f5:f2:49:4a:ca:31:aa:
         75:f9:9a:a2:da:9b:bd:94:6c:b4:4d:c7:5b:43:27:69:f9:97:
         ba:f5:68:53:2a:d9:f4:af:6f:91:ad:f4:49:5f:93:2c:a9:b4:
         07:2c:91:e7:f9:a2:f1:b6:08:a8:66:90:0a:be:ad:ec:54:4a:
         04:f3:5c:2e:54:2a:32:e3:7a:36:2e:6c:4b:25:5a:6b:f5:c4:
         8a:eb:70:57:0b:f0:34:ba:59:c7:3c:db:d8:ac:cc:30:7e:f5:
         78:6e:4d:ea:f1:0c:72:73:b0:fc:e5:6e:58:be:90:c3:00:b7:
         25:a7:ee:7e:d9:56:af:1d:6e:b6:47:71:4e:6c:76:10:4b:3f:
         5c:94:8b:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXxAgU8e1itkbVSoKblH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjUwODIzMTAwMDEwWhcNMjUwODI0MTAwMDEwWjAzMTEwLwYDVQQD
EyhkMDIxYTQ4OTk1NWNkOThkNTg0YjcyY2Y4OTY2Y2Q0OTQ0ZjVmZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjnHzENl6uXWC4qy07XlrwSUiIls
LndewFS0kho3LH0cppEXyV01V7yP2+2j4iCZGIxAErhfKDlIIAuiCoDbYMn/BhnB
WjR+qfvEPO7B/tO3KWSIenZL74xWRkIZ31osaybjR1kzY2ZEytdT9MoLavgzTEUO
o+R6U6WO3Vt54BiMeJmPkyaJeBXEQrtsDPCsbilHdnClFiQFTvbO1bmT0ct77lQa
ltC6eQckDetf1pq9LeuwXKmXKdB29ofG0Im8FVs11DERO8sWVBafQEH+x35Llpqp
Fjd4BxobvU4CKAtOMGtC8nkwxGC5s+txNZ9g/r3myQHHf3lciJEjYaFu+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAhpImVXNmNWEtyz4lmzUlE9f+AMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWjTqNk30
OVaoLlPdt8E09QH4Ubb3mMh3p8ObSIYQcG/dMxBpE2BaGE8g87C6Hs96Dvq1Ndoe
i55eQkyJ9SnrRk8+PS2JYthHEdDegGe5tETzu9ezbkVUYXEv0WTXBzwvTSG41W00
a5nikRTo1rHYbNeklX8Nbcn18klKyjGqdfmaotqbvZRstE3HW0MnafmXuvVoUyrZ
9K9vka30SV+TLKm0ByyR5/mi8bYIqGaQCr6t7FRKBPNcLlQqMuN6Ni5sSyVaa/XE
iutwVwvwNLpZxzzb2KzMMH71eG5N6vEMcnOw/OVuWL6QwwC3JafuftlWrx1utkdx
Tmx2EEs/XJSLRg==
-----END CERTIFICATE-----