Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
File:                     dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json)
Hash identifier:          O872eJiPW+0MwBvJUvmxpSl+OyEkqQtE4o/klUpZRz0=
Subject key identifier:   49:54:5A:B9:28:C9:7F:7D:D8:30:F9:E5:9E:53:2B:23:2D:DB:E4:C6
Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C
Certificate issuer:       /CN=74f675a1679816793d5b30ad2f253f56c8e2445c
Certificate serial:       0198D5BBD36DA883F8C1300F607AFEB5AAA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 07:01:53 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:53 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:53 +0000
Files and hashes:         1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: s3UfdokmaPZxpiwk/7wwAz/KG+EAh2M7OKmci14tn94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:d3:6d:a8:83:f8:c1:30:0f:60:7a:fe:b5:aa:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c
        Validity
            Not Before: Aug 23 07:01:53 2025 GMT
            Not After : Aug 24 07:01:53 2025 GMT
        Subject: CN=49545ab928c97f7dd830f9e59e532b232ddbe4c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:63:50:6a:b8:dc:4f:7b:33:fb:c2:e1:21:
                    2d:36:86:2e:29:07:b4:e5:44:26:7b:2d:86:36:99:
                    e2:0e:47:c4:e3:67:b2:f3:c5:ea:a8:17:42:86:ef:
                    0a:ab:a2:6d:73:c7:3e:2e:16:6e:03:5e:14:a7:51:
                    10:79:a7:ac:78:cc:fc:c8:68:70:c2:57:b8:56:d5:
                    a0:7f:5a:50:41:9e:dc:7a:5f:67:a2:1a:4c:0a:7a:
                    0d:e8:c0:ff:3d:af:da:2f:32:15:49:8e:c8:07:3f:
                    15:ce:18:c1:ae:83:6b:a6:f5:37:67:b7:6c:58:c6:
                    a4:fc:04:a4:59:38:e0:73:7c:28:12:14:d8:c4:9a:
                    9f:0e:91:9a:b1:a0:6d:67:42:ca:97:bd:6b:5b:e3:
                    cd:6f:b4:90:ba:34:f5:9a:74:8a:2d:03:df:ed:6c:
                    2e:7d:68:31:3e:fb:73:f7:10:c6:32:56:34:9b:34:
                    7e:b0:a8:9f:90:50:98:9c:5c:7c:cc:bc:04:59:be:
                    50:14:ff:d6:2e:46:59:a2:19:1d:61:8b:e1:ed:c3:
                    0e:14:17:85:75:13:de:f3:92:f5:bc:b5:bf:39:a8:
                    b1:90:64:af:ca:33:8a:db:63:93:67:81:60:b6:d5:
                    3d:ce:e6:b8:71:85:57:62:a7:92:ff:7e:ba:2d:49:
                    ab:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:54:5A:B9:28:C9:7F:7D:D8:30:F9:E5:9E:53:2B:23:2D:DB:E4:C6
            X509v3 Authority Key Identifier:
                keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:9d:b9:98:bb:53:a7:22:f9:c6:c2:c9:2a:39:99:e2:e8:54:
         67:be:eb:85:0f:93:cc:52:af:a9:3d:64:dd:68:27:a1:7e:09:
         93:89:64:3d:29:db:c0:58:0f:5c:44:71:e0:01:5c:7c:a7:8e:
         29:8d:a1:9a:c8:3f:bc:35:64:69:e1:be:65:d1:10:53:06:ad:
         86:47:3e:b8:04:02:ce:7c:ad:ac:dd:5c:e6:0a:06:86:ee:40:
         76:f2:d3:de:92:bb:79:0a:0a:c2:fa:c6:61:76:bd:7b:a5:bc:
         c5:18:1f:18:45:7d:0b:6e:3b:39:87:95:c5:68:dd:ce:5f:bc:
         43:46:47:1d:a6:64:93:f2:8a:a1:0d:39:37:12:a8:a7:6d:e7:
         4f:e8:4e:5e:7a:9e:7d:43:b4:cd:b3:9d:82:af:dd:7d:10:8d:
         b2:c2:b4:6c:80:0d:28:9e:15:15:ca:18:49:2b:16:58:15:b0:
         2c:c4:97:67:30:32:33:0a:f3:22:a9:f9:93:49:cf:99:b7:8d:
         e5:39:07:c8:36:4e:d3:36:b6:f1:a7:c2:ad:73:be:fc:87:a1:
         b0:a0:00:1e:fb:3a:86:7d:db:3f:13:7a:3a:b7:04:a3:6f:a7:
         c1:5e:b1:d1:78:b0:87:67:e6:22:89:c3:cc:d4:ee:f3:08:ae:
         e4:bf:19:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu9NtqIP4wTAPYHr+taqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl
MjQ0NWMwHhcNMjUwODIzMDcwMTUzWhcNMjUwODI0MDcwMTUzWjAzMTEwLwYDVQQD
Eyg0OTU0NWFiOTI4Yzk3ZjdkZDgzMGY5ZTU5ZTUzMmIyMzJkZGJlNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8djUGq43E97M/vC4SEtNoYuKQe0
5UQmey2GNpniDkfE42ey88XqqBdChu8Kq6Jtc8c+LhZuA14Up1EQeaeseMz8yGhw
wle4VtWgf1pQQZ7cel9nohpMCnoN6MD/Pa/aLzIVSY7IBz8VzhjBroNrpvU3Z7ds
WMak/ASkWTjgc3woEhTYxJqfDpGasaBtZ0LKl71rW+PNb7SQujT1mnSKLQPf7Wwu
fWgxPvtz9xDGMlY0mzR+sKifkFCYnFx8zLwEWb5QFP/WLkZZohkdYYvh7cMOFBeF
dRPe85L1vLW/OaixkGSvyjOK22OTZ4FgttU9zua4cYVXYqeS/366LUmr8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElUWrkoyX992DD55Z5TKyMt2+TGMB8GA1UdIwQY
MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt
MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3
LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZ25mLtT
pyL5xsLJKjmZ4uhUZ77rhQ+TzFKvqT1k3WgnoX4Jk4lkPSnbwFgPXERx4AFcfKeO
KY2hmsg/vDVkaeG+ZdEQUwathkc+uAQCznytrN1c5goGhu5AdvLT3pK7eQoKwvrG
YXa9e6W8xRgfGEV9C247OYeVxWjdzl+8Q0ZHHaZkk/KKoQ05NxKop23nT+hOXnqe
fUO0zbOdgq/dfRCNssK0bIANKJ4VFcoYSSsWWBWwLMSXZzAyMwrzIqn5k0nPmbeN
5TkHyDZO0za28afCrXO+/IehsKAAHvs6hn3bPxN6OrcEo2+nwV6x0Xiwh2fmIonD
zNTu8wiu5L8ZCA==
-----END CERTIFICATE-----