Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          +umGoQGyR+aclbmWN+JoyALZ8pQ+J3oQTrJLswurJwA=
Subject key identifier:   2A:25:08:1C:51:4F:88:86:95:1F:3B:37:58:93:D0:6F:7B:84:2F:43
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       0198D65F6C9500894C010B2F910DD171243A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          05C6
Signing time:             Sat 23 Aug 2025 10:00:34 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:34 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:34 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: sLA/CNsHeHYjQTuTNyKMqlYSxIqjMr2AeRYK26lNBrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:6c:95:00:89:4c:01:0b:2f:91:0d:d1:71:24:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Aug 23 10:00:34 2025 GMT
            Not After : Aug 24 10:00:34 2025 GMT
        Subject: CN=2a25081c514f8886951f3b375893d06f7b842f43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4a:de:0c:2b:91:b8:6a:12:ba:31:e5:15:19:
                    72:32:36:21:6f:e4:6d:91:09:19:6e:9d:92:92:9c:
                    a4:fc:c2:b6:b2:d0:7c:bb:8b:66:cf:97:3a:73:8f:
                    0d:b4:99:24:e4:56:77:72:df:34:a2:e3:cb:5f:47:
                    61:7e:67:fb:14:13:00:d7:d5:f4:23:ea:2b:5a:84:
                    12:f4:db:9a:05:ce:08:16:16:a5:46:36:60:26:5e:
                    82:8e:e6:69:c7:0b:82:f5:e9:42:4b:2b:21:d9:cc:
                    4b:b7:80:70:49:4e:75:81:e3:f8:2c:a1:21:83:01:
                    5e:16:8f:90:ac:b4:68:ef:5f:9c:51:22:68:60:4e:
                    15:ae:e8:72:92:a7:80:05:2d:5b:fe:25:1f:f7:a6:
                    07:d1:25:3e:e5:4a:4b:7e:46:a7:4d:bf:9b:50:04:
                    2d:06:b8:b9:26:d7:6f:01:f4:fc:81:8c:96:01:86:
                    82:52:01:74:02:e4:02:76:4c:fb:a4:9b:b3:77:92:
                    8d:43:c9:97:38:04:c1:25:27:1c:2f:f0:c0:b2:67:
                    65:56:dc:55:06:aa:f7:d1:d3:66:9e:61:0c:57:48:
                    02:42:59:02:9d:6a:95:f7:56:90:04:c8:27:db:1f:
                    db:ca:29:35:96:f6:62:58:24:e7:dd:ae:a5:b0:5f:
                    54:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:25:08:1C:51:4F:88:86:95:1F:3B:37:58:93:D0:6F:7B:84:2F:43
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:37:30:4f:45:9c:2a:a9:59:d1:48:f3:06:62:37:92:ee:6b:
         fe:39:c3:aa:bc:1e:d6:7a:94:f9:8c:0a:ae:01:08:e4:fc:e8:
         b1:80:68:cd:e6:64:50:3e:ce:33:6d:49:3a:ca:74:a2:5c:53:
         c6:72:2f:52:38:f0:8e:8b:50:ea:31:a4:39:44:ce:cb:e4:21:
         55:b0:92:75:ad:42:64:dd:7f:5a:30:19:e8:ba:ab:ea:07:6b:
         33:ad:c8:58:8e:d0:92:07:f1:2d:5d:60:43:c5:f7:8c:dd:ce:
         7a:c2:e5:65:26:8d:45:ad:95:2e:68:e7:96:82:a2:fa:80:f5:
         81:01:ec:67:5f:29:dd:3b:1a:c1:0e:ba:8b:2c:93:1e:69:c2:
         67:fe:06:86:03:3c:58:27:ac:ac:76:da:c8:1d:e3:e7:60:82:
         7b:7d:48:12:f8:03:ef:9f:c7:41:de:40:4d:13:9b:c5:6a:86:
         1a:b9:f7:1d:f1:fa:48:76:21:5c:a1:67:3a:8f:4f:80:2b:31:
         9d:ff:53:2a:23:e8:cc:d8:1d:46:d5:0d:5e:8f:1b:3e:cf:65:
         56:6e:5e:a4:ad:ac:56:a7:78:71:92:57:a6:e7:15:da:4d:4a:
         7c:0e:59:f4:ad:3a:35:af:b0:4d:d4:e4:c4:ec:40:46:b4:20:
         a4:99:4e:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX2yVAIlMAQsvkQ3RcSQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjUwODIzMTAwMDM0WhcNMjUwODI0MTAwMDM0WjAzMTEwLwYDVQQD
EygyYTI1MDgxYzUxNGY4ODg2OTUxZjNiMzc1ODkzZDA2ZjdiODQyZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUreDCuRuGoSujHlFRlyMjYhb+Rt
kQkZbp2Skpyk/MK2stB8u4tmz5c6c48NtJkk5FZ3ct80ouPLX0dhfmf7FBMA19X0
I+orWoQS9NuaBc4IFhalRjZgJl6CjuZpxwuC9elCSysh2cxLt4BwSU51geP4LKEh
gwFeFo+QrLRo71+cUSJoYE4VruhykqeABS1b/iUf96YH0SU+5UpLfkanTb+bUAQt
Bri5JtdvAfT8gYyWAYaCUgF0AuQCdkz7pJuzd5KNQ8mXOATBJSccL/DAsmdlVtxV
Bqr30dNmnmEMV0gCQlkCnWqV91aQBMgn2x/byik1lvZiWCTn3a6lsF9URwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFColCBxRT4iGlR87N1iT0G97hC9DMB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjcwT0Wc
KqlZ0UjzBmI3ku5r/jnDqrwe1nqU+YwKrgEI5PzosYBozeZkUD7OM21JOsp0olxT
xnIvUjjwjotQ6jGkOUTOy+QhVbCSda1CZN1/WjAZ6Lqr6gdrM63IWI7QkgfxLV1g
Q8X3jN3OesLlZSaNRa2VLmjnloKi+oD1gQHsZ18p3TsawQ66iyyTHmnCZ/4GhgM8
WCesrHbayB3j52CCe31IEvgD75/HQd5ATRObxWqGGrn3HfH6SHYhXKFnOo9PgCsx
nf9TKiPozNgdRtUNXo8bPs9lVm5epK2sVqd4cZJXpucV2k1KfA5Z9K06Na+wTdTk
xOxARrQgpJlO6w==
-----END CERTIFICATE-----