Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          xY9rrRAxr2AxlPBckuJrpJ0Aiu0rcEZWEj1cVg3kHt0=
Subject key identifier:   EB:A6:F5:BE:4D:5D:3C:6A:B8:7F:91:AA:00:24:D6:15:94:C3:25:CC
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       0198D4DFEC1D55872C2F910D77862867ACC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          15D8
Signing time:             Sat 23 Aug 2025 03:01:41 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:41 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:41 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: cQ4W4aB5FeMKUW2S0XsAbsaRtKS1nIghbGvCjlMBhqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:ec:1d:55:87:2c:2f:91:0d:77:86:28:67:ac:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Aug 23 03:01:41 2025 GMT
            Not After : Aug 24 03:01:41 2025 GMT
        Subject: CN=eba6f5be4d5d3c6ab87f91aa0024d61594c325cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3f:08:d0:c3:3f:f1:e4:db:dd:64:7b:66:ce:
                    03:d9:55:e5:a0:e7:16:ac:01:67:e3:48:b2:1a:ee:
                    26:9e:e9:8f:2b:9a:46:89:4d:b6:66:5f:bd:4c:41:
                    27:2b:e7:5f:5f:80:1e:02:4d:82:ef:60:f2:36:d2:
                    76:4d:8e:4f:6f:8a:59:a8:7a:21:95:1c:1f:1b:53:
                    5a:08:7b:4b:6e:36:dc:5f:11:b2:6f:82:fd:ec:d1:
                    d4:07:3a:a2:78:4f:f1:48:c5:63:9e:69:09:c6:d6:
                    bd:5c:39:8f:5e:34:07:d2:72:53:24:48:1a:45:09:
                    01:97:a1:d9:78:88:22:40:88:c4:6f:7b:e5:c4:78:
                    a6:9f:a6:fa:71:60:0f:a2:4c:d4:d7:c9:78:8c:7c:
                    bb:5a:c8:6a:6e:61:c8:7f:eb:06:39:5c:6b:4d:ed:
                    f0:a1:d5:25:a7:67:bf:11:a5:92:d5:ab:1c:43:30:
                    78:55:72:4d:9c:86:c2:c8:8f:94:e9:18:0d:ee:c9:
                    19:17:8a:03:3c:5f:8b:cb:ff:69:e7:8a:b2:7c:d0:
                    66:fc:0e:9f:a2:e7:35:04:db:03:32:2f:47:d8:c2:
                    df:dc:a4:b3:ac:90:18:fa:75:64:1a:7e:c9:1b:56:
                    05:fc:df:a7:ca:9c:0e:4f:a3:2b:86:d3:4b:41:76:
                    f9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:A6:F5:BE:4D:5D:3C:6A:B8:7F:91:AA:00:24:D6:15:94:C3:25:CC
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:7d:b2:7d:97:c9:e3:d7:67:20:39:89:b9:c5:88:12:65:be:
         ef:af:b4:13:e7:7b:82:33:29:b7:82:10:64:1c:dc:03:12:f8:
         85:12:cd:04:c6:d4:96:c1:6a:d9:78:45:ac:5a:31:47:ed:fa:
         d5:cc:41:34:29:38:53:20:3b:69:e5:9b:e6:45:ff:ff:97:42:
         ff:e7:02:1f:96:28:4b:4e:96:71:34:31:12:d3:e3:51:e6:ba:
         67:5a:1f:41:92:e2:ea:50:67:a2:70:c1:db:83:58:69:2f:28:
         8e:d3:b9:ec:68:6b:a8:29:93:67:fb:c6:a1:fa:42:bd:71:c3:
         3e:a2:90:63:d9:38:f9:d1:28:97:2a:ef:ff:5d:30:dc:97:d6:
         c7:ab:92:66:a5:bc:2c:51:03:a6:1f:4f:df:15:16:12:1f:59:
         58:d3:cb:2c:2a:fc:63:78:68:51:e7:bf:6b:7e:c4:4a:57:ac:
         b9:ae:73:28:45:4d:95:66:e7:5b:6f:76:88:47:d5:85:d9:d9:
         3c:0f:7a:39:13:7d:ca:e7:5a:5e:47:c0:d3:15:bd:a6:f7:6d:
         d1:44:8f:37:7c:71:de:ae:51:90:d6:45:b4:1c:48:74:cf:6a:
         9b:0b:a8:df:8e:2f:f5:d2:59:00:ea:4d:ea:29:1d:f3:d0:fc:
         ea:42:d1:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+wdVYcsL5ENd4YoZ6zHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjUwODIzMDMwMTQxWhcNMjUwODI0MDMwMTQxWjAzMTEwLwYDVQQD
EyhlYmE2ZjViZTRkNWQzYzZhYjg3ZjkxYWEwMDI0ZDYxNTk0YzMyNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD8I0MM/8eTb3WR7Zs4D2VXloOcW
rAFn40iyGu4mnumPK5pGiU22Zl+9TEEnK+dfX4AeAk2C72DyNtJ2TY5Pb4pZqHoh
lRwfG1NaCHtLbjbcXxGyb4L97NHUBzqieE/xSMVjnmkJxta9XDmPXjQH0nJTJEga
RQkBl6HZeIgiQIjEb3vlxHimn6b6cWAPokzU18l4jHy7WshqbmHIf+sGOVxrTe3w
odUlp2e/EaWS1ascQzB4VXJNnIbCyI+U6RgN7skZF4oDPF+Ly/9p54qyfNBm/A6f
ouc1BNsDMi9H2MLf3KSzrJAY+nVkGn7JG1YF/N+nypwOT6MrhtNLQXb56wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOum9b5NXTxquH+RqgAk1hWUwyXMMB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGX2yfZfJ
49dnIDmJucWIEmW+76+0E+d7gjMpt4IQZBzcAxL4hRLNBMbUlsFq2XhFrFoxR+36
1cxBNCk4UyA7aeWb5kX//5dC/+cCH5YoS06WcTQxEtPjUea6Z1ofQZLi6lBnonDB
24NYaS8ojtO57GhrqCmTZ/vGofpCvXHDPqKQY9k4+dEolyrv/10w3JfWx6uSZqW8
LFEDph9P3xUWEh9ZWNPLLCr8Y3hoUee/a37ESlesua5zKEVNlWbnW292iEfVhdnZ
PA96ORN9yudaXkfA0xW9pvdt0USPN3xx3q5RkNZFtBxIdM9qmwuo344v9dJZAOpN
6ikd89D86kLRxA==
-----END CERTIFICATE-----