Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
File:                     5BCXLMRZVogEu0t5HXwTz7IoOIM.mft (raw, json)
Hash identifier:          LVnoTchSpBJmLmvSMo6q/dxI0iX2Z09iZsFgzL/7a+k=
Subject key identifier:   DD:8B:B1:D9:AE:88:3E:0F:2A:DC:45:C3:7C:52:A8:A1:14:89:A9:1C
Authority key identifier: E4:10:97:2C:C4:59:56:88:04:BB:4B:79:1D:7C:13:CF:B2:28:38:83
Certificate issuer:       /CN=e410972cc459568804bb4b791d7c13cfb2283883
Certificate serial:       0198D92B0F1EDD181B4BF9A3217C3553AAD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
Manifest number:          141A
Signing time:             Sat 23 Aug 2025 23:02:14 +0000
Manifest this update:     Sat 23 Aug 2025 23:02:14 +0000
Manifest next update:     Sun 24 Aug 2025 23:02:14 +0000
Files and hashes:         1: 5BCXLMRZVogEu0t5HXwTz7IoOIM.crl (hash: TqouaDAcqGQ/g3sOEUdE75oxJ6NOwdWqDhrYFZaj2IY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 23:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d9:2b:0f:1e:dd:18:1b:4b:f9:a3:21:7c:35:53:aa:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e410972cc459568804bb4b791d7c13cfb2283883
        Validity
            Not Before: Aug 23 23:02:14 2025 GMT
            Not After : Aug 24 23:02:14 2025 GMT
        Subject: CN=dd8bb1d9ae883e0f2adc45c37c52a8a11489a91c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:75:b2:f1:8d:f0:98:0a:65:22:c9:50:cc:b0:
                    36:de:5c:72:5b:b5:49:ef:8e:51:c2:9a:b7:67:17:
                    bb:39:4a:29:8b:ed:62:5c:66:ef:bb:bd:bd:d9:7e:
                    c0:d4:93:f7:5b:f0:6e:c0:c7:15:c4:cf:e6:04:48:
                    16:00:38:42:f8:60:22:02:63:a2:2e:63:43:7b:a8:
                    87:2e:41:74:1f:e9:d3:2c:81:e7:75:db:1e:51:fb:
                    5a:43:0b:8c:05:f9:64:84:c0:a4:aa:98:dd:a7:aa:
                    31:e5:28:be:d1:af:d3:32:08:be:14:99:8c:ed:e9:
                    c7:67:6d:ee:eb:fd:8c:c6:cc:15:ed:25:99:eb:03:
                    28:0a:47:42:83:8a:af:47:54:f9:75:be:ce:3f:49:
                    4d:8e:bd:20:6f:74:24:5c:ea:86:96:29:31:66:ad:
                    09:28:12:18:1e:f9:79:4e:64:4d:6b:67:6f:0c:92:
                    6f:e9:22:a8:9d:a9:f2:1b:19:ca:ae:f3:64:ad:7c:
                    a2:c1:00:17:37:56:32:ef:89:b6:50:7f:72:a2:cc:
                    1b:a4:94:d3:88:f1:22:2b:bb:11:4b:55:29:26:20:
                    e9:86:48:e9:62:56:5c:bf:1a:3a:62:f9:50:24:ee:
                    c4:0b:b8:1d:a4:24:f3:0b:08:80:cd:f7:37:01:da:
                    9a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:8B:B1:D9:AE:88:3E:0F:2A:DC:45:C3:7C:52:A8:A1:14:89:A9:1C
            X509v3 Authority Key Identifier:
                keyid:E4:10:97:2C:C4:59:56:88:04:BB:4B:79:1D:7C:13:CF:B2:28:38:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:0e:19:65:91:d5:77:f7:75:80:a4:a7:85:d1:14:af:6a:f2:
         4a:e1:cb:f3:c5:a2:3a:0b:f8:fc:ab:ce:21:b1:27:fd:dc:d7:
         2e:8c:a3:7d:e9:a0:80:d3:57:a8:4e:b8:83:de:07:86:12:3f:
         4d:d3:2f:76:e1:6c:b2:4e:1b:41:2a:9f:58:78:3c:fc:c4:69:
         07:ae:f2:f2:ed:e5:00:ce:0d:c4:78:a0:41:4d:ff:89:3d:e5:
         5b:46:91:c4:cd:0e:3e:57:e8:d9:fb:a1:08:54:7b:a9:46:06:
         f8:f0:8c:8a:c5:09:1a:62:62:4c:fc:6f:76:75:23:23:8f:5f:
         66:48:87:b4:76:07:d5:bf:a4:72:a6:3a:dc:1d:bd:f1:87:09:
         3f:e1:94:0f:04:7e:f3:94:a5:dd:39:55:44:bf:09:bf:3d:34:
         0f:06:d5:9e:37:8f:17:34:73:35:e0:eb:1c:f8:74:09:53:19:
         07:54:d7:32:ac:73:07:46:88:a5:d3:c0:0a:02:2e:aa:3a:2a:
         63:53:11:70:5d:c3:c8:23:72:49:8b:d5:32:28:6d:4b:63:ec:
         b3:07:c4:3e:df:fe:9d:0b:a2:6d:72:bf:30:5c:f7:6a:27:e5:
         34:c0:e4:42:87:e7:dd:35:1a:b0:e3:05:62:d6:bd:3b:3b:98:
         07:6c:eb:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjZKw8e3RgbS/mjIXw1U6rSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MTA5NzJjYzQ1OTU2ODgwNGJiNGI3OTFkN2MxM2NmYjIy
ODM4ODMwHhcNMjUwODIzMjMwMjE0WhcNMjUwODI0MjMwMjE0WjAzMTEwLwYDVQQD
EyhkZDhiYjFkOWFlODgzZTBmMmFkYzQ1YzM3YzUyYThhMTE0ODlhOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHWy8Y3wmAplIslQzLA23lxyW7VJ
745Rwpq3Zxe7OUopi+1iXGbvu7292X7A1JP3W/BuwMcVxM/mBEgWADhC+GAiAmOi
LmNDe6iHLkF0H+nTLIHnddseUftaQwuMBflkhMCkqpjdp6ox5Si+0a/TMgi+FJmM
7enHZ23u6/2MxswV7SWZ6wMoCkdCg4qvR1T5db7OP0lNjr0gb3QkXOqGlikxZq0J
KBIYHvl5TmRNa2dvDJJv6SKonanyGxnKrvNkrXyiwQAXN1Yy74m2UH9yoswbpJTT
iPEiK7sRS1UpJiDphkjpYlZcvxo6YvlQJO7EC7gdpCTzCwiAzfc3AdqaNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2LsdmuiD4PKtxFw3xSqKEUiakcMB8GA1UdIwQY
MBaAFOQQlyzEWVaIBLtLeR18E8+yKDiDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMDZlNjItZTU4NC00OTJhLWJmNDYt
ZjI3Y2VmNGJhMjI0LzEvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMDZlNjItZTU4NC00OTJhLWJmNDYtZjI3Y2VmNGJhMjI0
LzEvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXA4ZZZHV
d/d1gKSnhdEUr2rySuHL88WiOgv4/KvOIbEn/dzXLoyjfemggNNXqE64g94HhhI/
TdMvduFssk4bQSqfWHg8/MRpB67y8u3lAM4NxHigQU3/iT3lW0aRxM0OPlfo2fuh
CFR7qUYG+PCMisUJGmJiTPxvdnUjI49fZkiHtHYH1b+kcqY63B298YcJP+GUDwR+
85Sl3TlVRL8Jvz00DwbVnjePFzRzNeDrHPh0CVMZB1TXMqxzB0aIpdPACgIuqjoq
Y1MRcF3DyCNySYvVMihtS2PsswfEPt/+nQuibXK/MFz3aiflNMDkQofn3TUasOMF
Yta9OzuYB2zrhw==
-----END CERTIFICATE-----