Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
File:                     1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft (raw, json)
Hash identifier:          2hmF3H0QPj2/mcqou7YO4bM97MWzUiRkK/P4mf3uSYE=
Subject key identifier:   CD:AE:73:6C:EC:7E:F9:48:27:33:FA:51:D3:C7:DB:53:46:F9:33:19
Authority key identifier: D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4
Certificate issuer:       /CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
Certificate serial:       0198D5BBEE0A1F65582FCD17046DF16CA5C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
Manifest number:          0D95
Signing time:             Sat 23 Aug 2025 07:01:59 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:59 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:59 +0000
Files and hashes:         1: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl (hash: gxFL4RWQYlsM+8heOxHogIglPQJkLQtCgnq49mUHhms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ee:0a:1f:65:58:2f:cd:17:04:6d:f1:6c:a5:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
        Validity
            Not Before: Aug 23 07:01:59 2025 GMT
            Not After : Aug 24 07:01:59 2025 GMT
        Subject: CN=cdae736cec7ef9482733fa51d3c7db5346f93319
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7e:18:8c:35:15:42:e1:b6:45:d1:92:dc:85:
                    44:01:14:5a:ae:30:a1:f2:a2:b1:05:a7:80:d3:5f:
                    bc:09:f5:28:65:f8:a4:ad:eb:aa:44:d3:35:1c:5a:
                    30:bb:e5:cc:a0:1f:11:c7:54:81:3f:41:4e:2a:56:
                    18:37:37:e4:bf:4a:2e:53:1b:26:3f:da:36:7c:15:
                    04:cd:eb:c1:33:ec:1b:2f:e7:9d:7f:b4:f3:d6:5a:
                    2d:67:a1:88:7d:25:6d:bf:65:3b:8a:22:64:7e:47:
                    44:86:d7:51:79:15:01:1e:30:07:91:67:26:3b:50:
                    16:5a:11:4a:87:9a:c5:41:c6:69:60:56:8c:75:bb:
                    50:1e:7a:97:09:59:c3:10:f5:f8:38:0c:0e:39:ec:
                    d4:c6:95:08:8c:b0:0f:70:a8:d3:a6:f9:c7:a3:d3:
                    05:22:15:25:e2:fe:42:55:41:a4:f2:ec:10:25:cd:
                    58:39:5a:2e:cc:70:f3:8a:67:8c:67:4e:5f:dc:17:
                    0a:48:b0:11:f6:fe:9c:9d:d9:5f:a9:70:57:e4:fe:
                    fb:c9:2d:fc:23:94:43:c0:31:5e:2e:71:1a:f2:01:
                    3e:ff:7d:bf:9e:90:d2:63:0d:a4:92:ac:e0:32:7d:
                    05:b1:6d:5d:c4:34:23:a0:1c:9d:4a:73:e6:0c:85:
                    07:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:AE:73:6C:EC:7E:F9:48:27:33:FA:51:D3:C7:DB:53:46:F9:33:19
            X509v3 Authority Key Identifier:
                keyid:D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:7b:38:25:02:7f:4a:58:01:88:0d:f8:8d:61:45:87:56:e0:
         36:b4:0b:23:72:04:6b:c6:08:cf:9e:b3:96:c1:71:0b:54:6c:
         18:8d:55:1c:80:c4:59:73:72:9c:9c:30:2f:fb:78:1a:95:9c:
         76:36:e1:dc:92:8c:ff:49:b2:6d:e0:35:1f:3f:db:a7:f6:bf:
         85:6a:c0:27:dd:1b:4e:87:38:d4:e7:6d:a3:39:e5:c9:74:90:
         31:e3:4f:7b:3f:e6:26:e5:cf:41:40:ef:c9:2a:75:90:f5:91:
         a1:75:19:b5:0a:da:b3:08:c6:ba:12:bc:f0:47:78:e7:ef:7a:
         7f:35:ab:96:14:c5:87:34:b7:f7:e2:3e:ec:35:55:98:ff:ea:
         75:37:c5:f6:e4:bd:16:79:f8:57:c5:17:08:2b:9d:ac:b7:96:
         20:ee:c5:74:a2:13:e7:28:07:3d:82:ef:e3:18:fc:f4:93:c3:
         29:fe:b0:84:af:df:15:1f:62:11:0b:4c:49:80:d7:a5:ff:bf:
         a5:36:03:6c:ba:13:73:93:98:a2:4c:d5:8e:eb:e8:af:a8:a4:
         d2:c5:de:95:43:55:30:d5:1a:32:35:58:8f:3f:43:e0:59:e1:
         12:b0:cd:43:b6:82:1a:02:61:21:27:35:2b:24:27:fc:9c:7f:
         6a:3e:0a:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+4KH2VYL80XBG3xbKXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Y4ZTQyZmI4NDQyYTQ4YTdkNDdlZjRjMGI2ZTE0NzUx
NGJmYzQwHhcNMjUwODIzMDcwMTU5WhcNMjUwODI0MDcwMTU5WjAzMTEwLwYDVQQD
EyhjZGFlNzM2Y2VjN2VmOTQ4MjczM2ZhNTFkM2M3ZGI1MzQ2ZjkzMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn4YjDUVQuG2RdGS3IVEARRarjCh
8qKxBaeA01+8CfUoZfikreuqRNM1HFowu+XMoB8Rx1SBP0FOKlYYNzfkv0ouUxsm
P9o2fBUEzevBM+wbL+edf7Tz1lotZ6GIfSVtv2U7iiJkfkdEhtdReRUBHjAHkWcm
O1AWWhFKh5rFQcZpYFaMdbtQHnqXCVnDEPX4OAwOOezUxpUIjLAPcKjTpvnHo9MF
IhUl4v5CVUGk8uwQJc1YOVouzHDzimeMZ05f3BcKSLAR9v6cndlfqXBX5P77yS38
I5RDwDFeLnEa8gE+/32/npDSYw2kkqzgMn0FsW1dxDQjoBydSnPmDIUHeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2uc2zsfvlIJzP6UdPH21NG+TMZMB8GA1UdIwQY
MBaAFNY/jkL7hEKkin1H70wLbhR1FL/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODct
MmVkN2E3MTVmOGQ3LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODctMmVkN2E3MTVmOGQ3
LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHs4JQJ/
SlgBiA34jWFFh1bgNrQLI3IEa8YIz56zlsFxC1RsGI1VHIDEWXNynJwwL/t4GpWc
djbh3JKM/0mybeA1Hz/bp/a/hWrAJ90bToc41OdtoznlyXSQMeNPez/mJuXPQUDv
ySp1kPWRoXUZtQraswjGuhK88Ed45+96fzWrlhTFhzS39+I+7DVVmP/qdTfF9uS9
Fnn4V8UXCCudrLeWIO7FdKIT5ygHPYLv4xj89JPDKf6whK/fFR9iEQtMSYDXpf+/
pTYDbLoTc5OYokzVjuvor6ik0sXelUNVMNUaMjVYjz9D4FnhErDNQ7aCGgJhISc1
KyQn/Jx/aj4KuQ==
-----END CERTIFICATE-----