Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          cxniVvjWh5XTj3tzoUbRJoyebYxrs//Fu+9JK0qhEPQ=
Subject key identifier:   B9:70:85:DC:96:5A:44:A1:C8:21:E6:47:24:41:8C:74:E5:2E:F8:04
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       0198D472718C0E265EDF8A822CE2488094D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0EFE
Signing time:             Sat 23 Aug 2025 01:02:06 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:06 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:06 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: 5MHtHLsQ0/JqAPkzKEq4AsiKR1JKKeaL3KoODJNm54Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:71:8c:0e:26:5e:df:8a:82:2c:e2:48:80:94:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Aug 23 01:02:06 2025 GMT
            Not After : Aug 24 01:02:06 2025 GMT
        Subject: CN=b97085dc965a44a1c821e64724418c74e52ef804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bc:5e:4f:14:52:ed:79:47:5f:dd:b0:28:c2:
                    38:b6:5e:e0:a4:2e:a0:65:a2:ae:65:f7:97:d9:51:
                    dc:e7:0d:e4:28:1c:2d:89:da:25:34:b8:66:c3:60:
                    0b:56:80:c0:e1:44:01:e3:8c:aa:ee:ec:c3:49:02:
                    28:68:fa:04:a3:38:06:3a:57:86:ca:fb:e4:75:ec:
                    73:b2:96:1c:16:9e:d3:18:63:99:e9:c4:8f:ae:43:
                    2c:d3:d9:b7:51:40:6b:21:89:d6:7b:b5:a5:64:f5:
                    dd:cc:b4:84:56:02:5f:42:96:dc:c4:b6:27:71:8b:
                    41:53:af:67:50:01:78:a0:48:a7:58:b2:cf:bc:d9:
                    50:a6:19:ed:06:8f:00:c2:b8:93:11:7f:a0:77:bc:
                    28:bb:27:2a:bb:07:ac:26:19:24:df:72:56:ef:56:
                    ca:22:4f:04:a0:2f:6f:87:0e:04:ac:2e:c6:32:c2:
                    37:3c:64:11:06:f6:a1:9a:8a:0b:69:48:a5:43:7c:
                    78:ee:b0:e7:34:1f:ef:24:b4:a0:bb:e2:e8:58:a5:
                    f0:79:2e:0f:73:39:5f:8c:95:71:8b:65:06:ed:12:
                    6f:17:af:5b:b4:36:6c:f4:ad:01:5e:a1:dd:be:55:
                    b9:b5:2c:7c:30:74:6f:ab:cd:de:13:69:24:3b:85:
                    e9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:70:85:DC:96:5A:44:A1:C8:21:E6:47:24:41:8C:74:E5:2E:F8:04
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:84:52:43:35:e0:de:0d:b8:c9:af:ba:43:06:78:b6:9d:55:
         e5:4c:68:aa:fe:ed:c1:b8:ea:51:63:40:2e:fd:da:18:01:92:
         97:45:8c:92:06:74:f3:ec:db:f6:d6:8c:ec:33:e8:a3:ec:2e:
         df:99:48:70:b1:b5:f1:d2:8f:3f:d0:65:fc:16:bf:a4:b9:6c:
         96:3b:91:ae:14:c2:2d:f3:5f:05:2e:c0:68:dc:10:a2:fe:af:
         9b:b1:93:8c:46:d3:d6:b0:17:fa:c8:15:35:07:9a:dd:8c:3b:
         87:f3:72:aa:0e:0d:3c:1a:25:5f:8f:16:b6:99:af:c0:94:bb:
         88:2d:46:b1:f7:03:28:a5:51:cb:3d:d0:7d:9c:5e:da:53:51:
         06:a2:66:0e:aa:01:3f:41:cb:d0:1b:bc:5a:50:fc:0b:cd:0e:
         04:1e:be:18:a5:a3:ac:6b:27:d7:ea:17:3e:a4:67:92:03:cb:
         2d:19:9e:62:2d:c0:59:80:c7:f0:9e:6a:82:22:65:b0:68:37:
         59:d4:cc:7f:03:7e:0e:2e:86:a7:f8:8b:e0:b3:ee:0e:89:91:
         46:b7:6a:91:25:96:40:b0:17:8d:43:d2:a2:9b:be:4e:c3:86:
         d7:b9:bb:12:8f:8d:13:2e:3e:a5:38:1c:3f:88:2f:99:86:98:
         8e:0a:5f:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcnGMDiZe34qCLOJIgJTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUwODIzMDEwMjA2WhcNMjUwODI0MDEwMjA2WjAzMTEwLwYDVQQD
EyhiOTcwODVkYzk2NWE0NGExYzgyMWU2NDcyNDQxOGM3NGU1MmVmODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLxeTxRS7XlHX92wKMI4tl7gpC6g
ZaKuZfeX2VHc5w3kKBwtidolNLhmw2ALVoDA4UQB44yq7uzDSQIoaPoEozgGOleG
yvvkdexzspYcFp7TGGOZ6cSPrkMs09m3UUBrIYnWe7WlZPXdzLSEVgJfQpbcxLYn
cYtBU69nUAF4oEinWLLPvNlQphntBo8AwriTEX+gd7wouycquwesJhkk33JW71bK
Ik8EoC9vhw4ErC7GMsI3PGQRBvahmooLaUilQ3x47rDnNB/vJLSgu+LoWKXweS4P
czlfjJVxi2UG7RJvF69btDZs9K0BXqHdvlW5tSx8MHRvq83eE2kkO4XpKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlwhdyWWkShyCHmRyRBjHTlLvgEMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEoRSQzXg
3g24ya+6QwZ4tp1V5Uxoqv7twbjqUWNALv3aGAGSl0WMkgZ08+zb9taM7DPoo+wu
35lIcLG18dKPP9Bl/Ba/pLlsljuRrhTCLfNfBS7AaNwQov6vm7GTjEbT1rAX+sgV
NQea3Yw7h/Nyqg4NPBolX48WtpmvwJS7iC1GsfcDKKVRyz3QfZxe2lNRBqJmDqoB
P0HL0Bu8WlD8C80OBB6+GKWjrGsn1+oXPqRnkgPLLRmeYi3AWYDH8J5qgiJlsGg3
WdTMfwN+Di6Gp/iL4LPuDomRRrdqkSWWQLAXjUPSopu+TsOG17m7Eo+NEy4+pTgc
P4gvmYaYjgpfbw==
-----END CERTIFICATE-----