Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
File:                     rWbePns_OvDgZAZ70c52RUNYL18.mft (raw, json)
Hash identifier:          yXRLkPvmwF5h9R3YxcuAuuIu5qJ02Q8oSrt/Ruc9Bf8=
Subject key identifier:   0D:66:D6:6C:34:7B:A2:37:96:4D:F6:AF:6D:FA:13:11:71:13:63:6E
Authority key identifier: AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F
Certificate issuer:       /CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
Certificate serial:       0198D8501A4675C3C97B1DE4EE4EDA844CE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
Manifest number:          12FC
Signing time:             Sat 23 Aug 2025 19:03:04 +0000
Manifest this update:     Sat 23 Aug 2025 19:03:04 +0000
Manifest next update:     Sun 24 Aug 2025 19:03:04 +0000
Files and hashes:         1: rWbePns_OvDgZAZ70c52RUNYL18.crl (hash: 6lvB0NPeVLn1SLRZgIz9DKJNWJ/WAxo0GZvEC9xaW58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 19:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:1a:46:75:c3:c9:7b:1d:e4:ee:4e:da:84:4c:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
        Validity
            Not Before: Aug 23 19:03:04 2025 GMT
            Not After : Aug 24 19:03:04 2025 GMT
        Subject: CN=0d66d66c347ba237964df6af6dfa13117113636e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:da:bf:fb:20:ef:97:ee:bb:0b:1b:2f:59:0e:
                    47:c5:a3:20:da:a8:9c:15:57:b2:86:ef:9d:50:7c:
                    38:db:87:d6:91:c3:39:5e:aa:20:ad:c4:69:88:d1:
                    6a:3b:48:bf:80:ae:35:22:29:bc:9c:ae:41:0b:71:
                    c2:d9:60:e3:4c:2f:3f:bd:06:15:7f:36:6a:6b:cb:
                    54:41:fc:d9:01:9f:c6:45:b1:f4:d4:6b:bf:08:61:
                    99:d7:1c:ad:fc:71:2b:b5:a2:86:14:2e:88:57:37:
                    da:ca:31:52:91:e1:05:c2:f8:9e:87:fc:3b:0e:55:
                    b3:6f:73:c1:b1:08:e9:e0:e4:c6:61:c7:06:5f:0b:
                    df:20:da:5f:cc:f5:b4:ce:e3:8b:9a:c6:fc:03:5d:
                    db:ff:60:02:24:7f:41:06:24:8e:ba:94:22:09:bc:
                    89:a4:dd:1c:f2:c8:5d:d2:72:bf:1f:da:4d:68:39:
                    0c:10:ba:8c:7e:18:e8:50:a6:52:e4:ce:6b:d5:7d:
                    9a:b7:5d:14:1f:29:38:9c:f2:9e:8e:ee:61:dd:2a:
                    4f:56:b6:ba:cc:ab:79:2f:10:33:28:7a:41:08:72:
                    d2:41:32:a7:23:ed:bc:a6:37:1f:a3:b8:7e:9f:85:
                    60:e7:55:24:c2:b7:d2:3e:fb:84:08:b0:75:52:08:
                    91:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:66:D6:6C:34:7B:A2:37:96:4D:F6:AF:6D:FA:13:11:71:13:63:6E
            X509v3 Authority Key Identifier:
                keyid:AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:55:d4:5e:1c:b9:9b:d0:ee:99:cd:10:85:69:29:62:e3:05:
         36:2a:22:75:bb:f7:6b:0f:8f:da:48:4d:a9:2b:da:19:52:d9:
         38:cc:6a:45:d5:72:fe:96:76:8c:9d:cb:30:4b:3c:3d:64:ef:
         fa:57:49:72:0c:1c:31:7c:56:3c:c6:92:aa:68:77:8a:8e:42:
         d3:61:8b:1b:62:89:5f:1c:18:d8:2a:61:12:3f:23:9b:f8:24:
         81:81:a9:e4:06:24:ad:4c:0d:47:73:21:38:87:46:73:47:82:
         2a:80:fd:75:75:1d:2a:92:03:2a:7a:29:37:41:04:f1:87:f6:
         56:6a:17:58:eb:29:d5:d8:5e:4e:c3:3c:50:2a:8f:13:9c:e3:
         e5:44:1d:58:75:da:4b:85:2b:a9:87:a3:35:55:8d:5e:63:39:
         e6:cc:c3:17:16:4d:4f:0e:35:70:b9:17:c9:c8:0e:93:f2:b6:
         f0:7f:86:34:82:40:ff:91:78:90:ca:19:f8:96:69:2c:5d:40:
         62:9b:ee:60:9f:72:4e:ae:ec:9a:31:eb:b1:82:2e:e5:ea:80:
         bb:13:1c:10:87:cd:b5:ca:2e:51:a6:ef:32:e2:69:5a:39:d0:
         68:c6:c7:d9:22:95:07:61:0c:62:31:15:a3:7d:99:6a:28:30:
         8d:f6:58:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUBpGdcPJex3k7k7ahEziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNjZkZTNlN2IzZjNhZjBlMDY0MDY3YmQxY2U3NjQ1NDM1
ODJmNWYwHhcNMjUwODIzMTkwMzA0WhcNMjUwODI0MTkwMzA0WjAzMTEwLwYDVQQD
EygwZDY2ZDY2YzM0N2JhMjM3OTY0ZGY2YWY2ZGZhMTMxMTcxMTM2MzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNq/+yDvl+67CxsvWQ5HxaMg2qic
FVeyhu+dUHw424fWkcM5XqogrcRpiNFqO0i/gK41Iim8nK5BC3HC2WDjTC8/vQYV
fzZqa8tUQfzZAZ/GRbH01Gu/CGGZ1xyt/HErtaKGFC6IVzfayjFSkeEFwvieh/w7
DlWzb3PBsQjp4OTGYccGXwvfINpfzPW0zuOLmsb8A13b/2ACJH9BBiSOupQiCbyJ
pN0c8shd0nK/H9pNaDkMELqMfhjoUKZS5M5r1X2at10UHyk4nPKeju5h3SpPVra6
zKt5LxAzKHpBCHLSQTKnI+28pjcfo7h+n4Vg51UkwrfSPvuECLB1UgiRVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1m1mw0e6I3lk32r236ExFxE2NuMB8GA1UdIwQY
MBaAFK1m3j57Pzrw4GQGe9HOdkVDWC9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQt
NzFlZjQ5Nzk5YmQ5LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQtNzFlZjQ5Nzk5YmQ5
LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1XUXhy5
m9Dumc0QhWkpYuMFNioidbv3aw+P2khNqSvaGVLZOMxqRdVy/pZ2jJ3LMEs8PWTv
+ldJcgwcMXxWPMaSqmh3io5C02GLG2KJXxwY2CphEj8jm/gkgYGp5AYkrUwNR3Mh
OIdGc0eCKoD9dXUdKpIDKnopN0EE8Yf2VmoXWOsp1dheTsM8UCqPE5zj5UQdWHXa
S4UrqYejNVWNXmM55szDFxZNTw41cLkXycgOk/K28H+GNIJA/5F4kMoZ+JZpLF1A
YpvuYJ9yTq7smjHrsYIu5eqAuxMcEIfNtcouUabvMuJpWjnQaMbH2SKVB2EMYjEV
o32ZaigwjfZYMA==
-----END CERTIFICATE-----