Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          ar1l5jg+tJkMSqUBL4jM/A+fG0rUeAx7YnmDPrub7uI=
Subject key identifier:   D6:96:01:0A:E7:6B:68:9C:58:77:AA:8B:69:31:36:9C:3D:81:FE:C8
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       0198D660350F39C992BCD1BEC25500B791F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          C3
Signing time:             Sat 23 Aug 2025 10:01:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:25 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: nRorXwuWKdoswW4Y1lDDkTFhTTPp0w16iLyUpdc85r8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:35:0f:39:c9:92:bc:d1:be:c2:55:00:b7:91:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Aug 23 10:01:25 2025 GMT
            Not After : Aug 24 10:01:25 2025 GMT
        Subject: CN=d696010ae76b689c5877aa8b6931369c3d81fec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3e:d4:cf:da:d4:ee:3a:bc:93:c9:9d:cd:33:
                    bd:01:00:f0:f9:cb:28:a3:65:b5:02:a4:7d:7d:6f:
                    0e:ad:e6:8b:4d:58:ad:2b:df:4a:17:26:bd:e7:65:
                    e0:fd:77:47:7f:62:c1:01:3c:31:b4:eb:c1:a4:b4:
                    51:87:46:e3:aa:4a:78:43:12:c2:b3:37:c6:fb:a6:
                    04:c4:31:29:51:b6:b4:8b:de:b2:77:60:c5:57:93:
                    dc:36:2d:9c:6d:16:8c:78:20:6e:7f:dc:ae:64:22:
                    3b:c2:7d:35:a9:f7:3c:84:16:e1:71:55:c9:6b:36:
                    6b:df:42:fb:31:7e:cd:5a:66:7f:34:f3:21:9a:30:
                    47:ba:17:2d:2f:c3:2e:0d:c5:ab:27:30:41:0d:22:
                    d1:e9:df:d2:67:e5:af:4a:9f:be:48:78:d0:29:64:
                    4f:28:da:fb:4a:77:01:b1:7a:6f:70:10:9f:5e:89:
                    dc:f4:6d:89:62:5d:73:42:70:c2:58:ff:4b:31:b5:
                    c5:36:08:49:c7:d7:b4:56:78:8a:ab:06:e7:49:f2:
                    61:50:22:39:d7:6a:b4:b3:45:94:56:56:a3:bd:d3:
                    21:24:e8:09:7a:6f:1a:f6:16:4a:5a:56:04:25:c6:
                    b4:79:8e:94:ba:bc:24:b2:16:64:c0:06:40:80:04:
                    c3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:96:01:0A:E7:6B:68:9C:58:77:AA:8B:69:31:36:9C:3D:81:FE:C8
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:3d:f9:82:ed:04:50:9b:f6:44:8d:10:5a:58:1b:49:e8:81:
         8b:c0:56:6a:d5:3f:88:40:29:1b:85:25:c8:cf:c2:ae:16:a8:
         7d:f2:9a:f0:ea:c6:bf:56:99:77:38:bb:1a:b4:87:28:c8:9f:
         0e:39:13:b9:26:62:63:9a:3f:cb:75:1e:56:13:18:a8:14:07:
         2e:65:32:83:f0:1b:18:45:f9:2c:f5:7f:ed:0b:97:74:9d:cc:
         d7:22:63:48:6a:ad:c6:fa:5d:c9:b0:6e:39:05:b7:52:d4:35:
         48:d6:e9:7a:bc:76:93:e7:45:7f:3c:81:70:bd:32:92:1f:1f:
         a8:b7:1f:85:8b:ab:e1:bd:04:36:0a:86:03:23:67:98:6c:ed:
         3e:c2:f6:27:32:ae:06:4c:85:5b:6b:4c:fb:1f:08:a7:01:3c:
         4f:a8:9c:b2:9a:b1:7e:c9:cc:4f:77:89:b4:18:dc:06:38:85:
         78:c3:af:0b:1d:b2:0a:1d:61:8e:5c:ef:cb:84:1c:23:c6:a9:
         b8:4d:8b:97:93:c0:97:2d:e1:d2:70:1b:9a:98:7f:59:16:a4:
         4a:78:57:8c:56:a3:ac:c6:be:7c:85:33:a4:49:7d:61:51:ce:
         f0:c1:7d:d9:07:b1:73:23:04:60:0b:88:62:68:93:48:fa:11:
         fa:95:d4:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDUPOcmSvNG+wlUAt5H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjUwODIzMTAwMTI1WhcNMjUwODI0MTAwMTI1WjAzMTEwLwYDVQQD
EyhkNjk2MDEwYWU3NmI2ODljNTg3N2FhOGI2OTMxMzY5YzNkODFmZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz7Uz9rU7jq8k8mdzTO9AQDw+cso
o2W1AqR9fW8OreaLTVitK99KFya952Xg/XdHf2LBATwxtOvBpLRRh0bjqkp4QxLC
szfG+6YExDEpUba0i96yd2DFV5PcNi2cbRaMeCBuf9yuZCI7wn01qfc8hBbhcVXJ
azZr30L7MX7NWmZ/NPMhmjBHuhctL8MuDcWrJzBBDSLR6d/SZ+WvSp++SHjQKWRP
KNr7SncBsXpvcBCfXonc9G2JYl1zQnDCWP9LMbXFNghJx9e0VniKqwbnSfJhUCI5
12q0s0WUVlajvdMhJOgJem8a9hZKWlYEJca0eY6UurwkshZkwAZAgATDGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaWAQrna2icWHeqi2kxNpw9gf7IMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWj35gu0E
UJv2RI0QWlgbSeiBi8BWatU/iEApG4UlyM/CrhaoffKa8OrGv1aZdzi7GrSHKMif
DjkTuSZiY5o/y3UeVhMYqBQHLmUyg/AbGEX5LPV/7QuXdJ3M1yJjSGqtxvpdybBu
OQW3UtQ1SNbperx2k+dFfzyBcL0ykh8fqLcfhYur4b0ENgqGAyNnmGztPsL2JzKu
BkyFW2tM+x8IpwE8T6icspqxfsnMT3eJtBjcBjiFeMOvCx2yCh1hjlzvy4QcI8ap
uE2Ll5PAly3h0nAbmph/WRakSnhXjFajrMa+fIUzpEl9YVHO8MF92QexcyMEYAuI
YmiTSPoR+pXU3w==
-----END CERTIFICATE-----