Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          kKDsQCay+Po/9r/9Uynj/9aiIfxm5uWqH6dgTyBv40s=
Subject key identifier:   8C:F0:97:14:82:64:68:70:D5:DB:29:03:40:EE:FF:9D:99:14:D4:29
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       0197B7EAAC0313BB642551121607F281E212
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 19:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:39 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: Qepnv+5PN5K3AvPD0VcQ+tHd5Q1GpKmrR+I/IzbdkXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:ac:03:13:bb:64:25:51:12:16:07:f2:81:e2:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Jun 28 19:01:39 2025 GMT
            Not After : Jun 29 19:01:39 2025 GMT
        Subject: CN=8cf0971482646870d5db290340eeff9d9914d429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:66:a6:8d:57:22:af:81:69:27:6e:46:b5:9c:
                    bb:c7:94:92:fb:0d:03:fa:4d:37:59:23:07:9b:51:
                    0f:07:43:4d:a0:78:c9:2c:6e:ce:0c:cf:ad:a1:be:
                    d3:a3:3d:ee:6d:b9:2a:66:01:72:cc:4d:54:0f:9f:
                    a8:b8:46:1b:00:e9:dc:5c:1b:12:8d:c8:03:13:df:
                    4f:1c:ef:a2:ef:74:5a:3c:1e:05:4b:b2:99:c9:7f:
                    dd:2d:13:08:d0:bc:48:13:86:54:a9:1c:49:09:f4:
                    d9:49:64:9f:b9:92:3f:69:32:b0:79:6f:19:9b:05:
                    1a:b1:11:03:d2:ea:ea:29:84:e6:89:16:d5:2b:e4:
                    4b:26:62:fc:a2:37:9a:66:3a:08:ea:7c:64:ad:90:
                    16:62:5e:66:77:92:87:da:fa:ec:1c:3d:b8:35:1f:
                    c7:95:2b:a5:aa:f8:b1:bc:5f:58:68:1f:96:3a:fc:
                    82:2a:a6:fd:d9:a4:7f:f0:ae:a6:99:26:28:0f:c1:
                    75:0c:35:c2:80:c7:d1:3a:6e:7e:b2:db:cd:ce:0e:
                    06:2a:87:32:23:26:a9:b3:f2:28:58:44:b1:b5:d6:
                    5a:5e:db:3c:bc:17:46:57:31:32:71:91:3d:fa:7e:
                    ac:06:4d:85:cd:1d:57:a2:2d:d1:a3:e6:5c:23:ae:
                    29:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F0:97:14:82:64:68:70:D5:DB:29:03:40:EE:FF:9D:99:14:D4:29
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:5f:53:77:dd:23:33:aa:4b:47:76:bc:0a:6f:b4:23:12:7a:
         af:17:ca:cd:12:63:89:ee:e8:a1:d8:12:d8:11:23:8b:23:dd:
         f8:aa:01:af:4e:8a:95:3a:b9:87:b1:53:5a:82:64:14:b2:8d:
         9b:1f:f1:ad:f7:dd:06:1f:a1:eb:67:0b:01:b4:2d:86:fb:d3:
         df:91:47:d2:e9:6f:12:80:d5:1d:8c:f1:af:6a:28:84:8a:62:
         d8:a1:af:27:e6:fa:f2:81:10:b7:23:3a:0b:96:68:dd:bc:4d:
         3f:b9:5c:8c:93:76:2c:b5:5f:3c:d8:c9:de:50:9c:df:4e:e7:
         68:f2:fa:8a:59:25:b1:db:f0:99:26:f1:8f:12:e5:39:18:77:
         bb:78:08:86:c6:52:c3:e9:22:86:9a:4c:6e:bf:a6:00:ba:a2:
         ac:17:66:d1:33:f7:36:63:69:74:56:00:ea:57:54:76:c4:f3:
         ff:77:3a:4d:42:3b:64:a1:70:3c:e5:ea:e3:8f:28:a0:61:50:
         eb:b7:80:bd:71:da:c9:f9:2f:41:d4:03:eb:f5:a1:b8:0f:c6:
         f6:67:70:f6:fc:08:50:d1:e2:03:ca:55:9a:2c:cb:fa:3e:d6:
         35:d7:f6:1a:71:21:1a:f8:cc:bd:6c:5d:9c:c5:5c:9a:b3:f3:
         58:59:95:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36qwDE7tkJVESFgfygeISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwNjI4MTkwMTM5WhcNMjUwNjI5MTkwMTM5WjAzMTEwLwYDVQQD
Eyg4Y2YwOTcxNDgyNjQ2ODcwZDVkYjI5MDM0MGVlZmY5ZDk5MTRkNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWamjVcir4FpJ25GtZy7x5SS+w0D
+k03WSMHm1EPB0NNoHjJLG7ODM+tob7Toz3ubbkqZgFyzE1UD5+ouEYbAOncXBsS
jcgDE99PHO+i73RaPB4FS7KZyX/dLRMI0LxIE4ZUqRxJCfTZSWSfuZI/aTKweW8Z
mwUasRED0urqKYTmiRbVK+RLJmL8ojeaZjoI6nxkrZAWYl5md5KH2vrsHD24NR/H
lSulqvixvF9YaB+WOvyCKqb92aR/8K6mmSYoD8F1DDXCgMfROm5+stvNzg4GKocy
Iyaps/IoWESxtdZaXts8vBdGVzEycZE9+n6sBk2FzR1Xoi3Ro+ZcI64p4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzwlxSCZGhw1dspA0Du/52ZFNQpMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACl9Td90j
M6pLR3a8Cm+0IxJ6rxfKzRJjie7oodgS2BEjiyPd+KoBr06KlTq5h7FTWoJkFLKN
mx/xrffdBh+h62cLAbQthvvT35FH0ulvEoDVHYzxr2oohIpi2KGvJ+b68oEQtyM6
C5Zo3bxNP7lcjJN2LLVfPNjJ3lCc307naPL6ilklsdvwmSbxjxLlORh3u3gIhsZS
w+kihppMbr+mALqirBdm0TP3NmNpdFYA6ldUdsTz/3c6TUI7ZKFwPOXq448ooGFQ
67eAvXHayfkvQdQD6/WhuA/G9mdw9vwIUNHiA8pVmizL+j7WNdf2GnEhGvjMvWxd
nMVcmrPzWFmVow==
-----END CERTIFICATE-----