Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          XdNFG4uSO0MaWXDzrNhFANfc14HkItcsMOFLRb28TAs=
Subject key identifier:   32:D1:CF:03:BC:C8:C8:A6:C6:97:DA:FD:26:C5:E4:77:DE:16:38:4C
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       0198D5BBFAE8362540BCC76511E16651CE80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 07:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:03 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: RudIXg9kMItTUoX2H+Gk3sSydApe+iewXy7Qgi03Nls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:fa:e8:36:25:40:bc:c7:65:11:e1:66:51:ce:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Aug 23 07:02:03 2025 GMT
            Not After : Aug 24 07:02:03 2025 GMT
        Subject: CN=32d1cf03bcc8c8a6c697dafd26c5e477de16384c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b7:ac:7e:01:24:4a:3a:14:e1:4a:9b:c0:4b:
                    ef:39:48:92:e6:72:ba:32:d4:cb:aa:ce:97:0d:2e:
                    7a:c9:59:d1:56:df:74:81:7a:7d:92:63:2a:2b:4e:
                    10:8e:6c:3b:21:14:b4:46:4c:21:88:09:23:63:fa:
                    42:e7:9b:7d:2f:f9:a3:b4:38:d6:9f:3d:3b:b2:9a:
                    39:c9:93:05:ec:d2:9d:f8:f3:9b:21:ad:61:13:1f:
                    26:11:b2:1c:07:31:63:d2:2b:bd:d0:f5:0d:b4:17:
                    81:74:59:84:3c:37:b9:a1:b3:d4:d2:1e:1a:97:8d:
                    3a:02:9a:6f:58:d0:ed:80:18:31:45:9e:6d:ac:a2:
                    f3:69:96:5b:84:8d:fa:00:f0:fb:49:af:7a:d2:04:
                    3c:20:d8:b1:5c:6f:e4:e1:4e:19:f5:ee:29:17:ff:
                    1e:02:23:78:e1:0e:8e:d6:20:3d:16:62:8b:ea:c1:
                    7c:61:6f:2b:7b:a1:1f:e9:40:e8:49:6c:28:fd:5e:
                    fe:cc:09:a0:68:4c:58:30:2a:98:8c:75:ae:fa:a5:
                    5a:8a:37:80:bf:64:2c:7a:cb:4f:f6:35:fe:50:a3:
                    5f:d5:ff:f0:76:6c:62:a8:a5:1c:80:ee:d4:9f:2c:
                    1c:fa:64:98:f5:86:0e:d2:c0:2f:5d:a9:7c:cd:64:
                    07:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D1:CF:03:BC:C8:C8:A6:C6:97:DA:FD:26:C5:E4:77:DE:16:38:4C
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:6d:95:0b:f7:2b:5c:7f:94:93:e2:3e:b8:1a:aa:ff:36:ae:
         f6:c0:21:c8:62:bd:97:b4:5f:8c:c4:f7:95:08:80:8f:8c:48:
         85:ec:5a:c8:17:8f:4a:22:d9:7a:7e:12:e9:e4:9d:ac:1d:97:
         a7:53:4a:5d:10:7e:5d:dd:90:3b:23:3b:18:5e:71:d7:49:32:
         de:e0:96:90:83:71:b7:d2:71:68:6f:be:3a:75:a8:05:b5:05:
         ee:85:a1:d5:47:d2:69:3d:12:bc:d2:da:c2:ed:c3:47:d2:1c:
         f5:3e:0f:7e:82:fd:5e:c8:90:db:eb:06:c7:7c:18:b7:b1:c4:
         53:11:23:aa:6f:88:aa:d0:01:33:45:ee:61:5a:21:f5:0c:ee:
         2a:7b:81:bf:a7:6c:cc:17:44:42:be:47:35:03:5e:c6:45:01:
         b6:93:d5:bf:8b:a6:d3:7b:51:04:10:f3:88:65:47:01:25:aa:
         5c:b3:4a:77:68:06:d5:aa:c4:f5:9d:62:c5:49:a5:9f:38:73:
         ba:5d:43:4e:33:82:3b:e9:e0:5c:c8:41:e7:cb:47:81:cc:9a:
         8d:12:39:9c:3f:8d:cd:13:f7:84:d5:84:86:a3:00:66:3a:b3:
         70:13:bf:eb:88:a3:a5:cb:78:37:87:de:1c:49:98:ec:e1:4c:
         12:6f:ca:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/roNiVAvMdlEeFmUc6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwODIzMDcwMjAzWhcNMjUwODI0MDcwMjAzWjAzMTEwLwYDVQQD
EygzMmQxY2YwM2JjYzhjOGE2YzY5N2RhZmQyNmM1ZTQ3N2RlMTYzODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7esfgEkSjoU4UqbwEvvOUiS5nK6
MtTLqs6XDS56yVnRVt90gXp9kmMqK04Qjmw7IRS0RkwhiAkjY/pC55t9L/mjtDjW
nz07spo5yZMF7NKd+PObIa1hEx8mEbIcBzFj0iu90PUNtBeBdFmEPDe5obPU0h4a
l406AppvWNDtgBgxRZ5trKLzaZZbhI36APD7Sa960gQ8INixXG/k4U4Z9e4pF/8e
AiN44Q6O1iA9FmKL6sF8YW8re6Ef6UDoSWwo/V7+zAmgaExYMCqYjHWu+qVaijeA
v2QsestP9jX+UKNf1f/wdmxiqKUcgO7Unywc+mSY9YYO0sAvXal8zWQH1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLRzwO8yMimxpfa/SbF5HfeFjhMMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd22VC/cr
XH+Uk+I+uBqq/zau9sAhyGK9l7RfjMT3lQiAj4xIhexayBePSiLZen4S6eSdrB2X
p1NKXRB+Xd2QOyM7GF5x10ky3uCWkINxt9JxaG++OnWoBbUF7oWh1UfSaT0SvNLa
wu3DR9Ic9T4PfoL9XsiQ2+sGx3wYt7HEUxEjqm+IqtABM0XuYVoh9QzuKnuBv6ds
zBdEQr5HNQNexkUBtpPVv4um03tRBBDziGVHASWqXLNKd2gG1arE9Z1ixUmlnzhz
ul1DTjOCO+ngXMhB58tHgcyajRI5nD+NzRP3hNWEhqMAZjqzcBO/64ijpct4N4fe
HEmY7OFMEm/KuA==
-----END CERTIFICATE-----