Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          BED8spcXXbuiubIesMP2496ujCWUhGvl6dgjDdcEx00=
Subject key identifier:   34:1A:34:C1:4A:97:A4:03:42:74:3C:1F:95:E6:5B:F7:21:12:BC:8F
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       0198D5BBC82C9121B14C7B4A2C0F12482107
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          146F
Signing time:             Sat 23 Aug 2025 07:01:50 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:50 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:50 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: uC2pJdMDvTJHvXwHGODPBVUX3PUtRJ4hMEY1RZmPJTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:c8:2c:91:21:b1:4c:7b:4a:2c:0f:12:48:21:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Aug 23 07:01:50 2025 GMT
            Not After : Aug 24 07:01:50 2025 GMT
        Subject: CN=341a34c14a97a40342743c1f95e65bf72112bc8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8e:55:ee:28:55:a6:ae:70:80:2f:75:6b:66:
                    11:88:78:e0:f5:34:d7:27:5e:31:8d:8f:05:02:3e:
                    6b:79:23:4f:ca:34:95:6d:e3:14:65:48:ae:1d:c2:
                    11:f8:05:03:83:09:e9:b6:ed:d4:39:c3:74:1b:95:
                    fb:4c:d6:b4:65:ed:fa:c4:08:60:7e:58:3a:ed:c6:
                    5b:90:d7:f5:9b:5c:c1:cb:d0:b3:4b:e5:5c:b9:53:
                    f9:76:77:b2:bc:42:87:19:27:f9:8c:3a:71:73:37:
                    72:97:b9:cb:86:30:85:ce:d5:f7:99:37:2d:81:44:
                    9e:e4:c8:8a:83:b6:ba:c7:a7:d8:e4:d2:4b:ce:1e:
                    13:c1:8c:e6:e1:90:f5:12:ff:6d:d5:b0:af:89:1a:
                    27:73:7b:3f:21:78:30:ca:eb:6a:76:4b:d6:9d:15:
                    85:78:94:8a:32:54:50:d5:90:50:fd:41:ba:b1:b0:
                    c9:b4:50:c4:75:34:ca:d9:3c:65:75:9c:1f:c3:02:
                    96:79:72:b1:d3:06:f6:04:0e:09:53:49:e0:ad:0b:
                    42:19:66:8b:93:23:30:e8:91:dd:7a:9a:1a:4d:07:
                    19:24:22:a1:46:90:83:66:9e:77:c6:c6:fb:8c:8e:
                    fe:5c:4b:98:b5:8c:a2:46:30:ab:5a:a6:3f:fa:a9:
                    10:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:1A:34:C1:4A:97:A4:03:42:74:3C:1F:95:E6:5B:F7:21:12:BC:8F
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:40:a5:41:a1:de:22:53:1a:d8:24:c6:2d:bf:9f:4f:e1:c2:
         22:ef:41:20:49:8d:82:95:0d:e0:fe:32:f8:a6:4a:0e:68:04:
         13:66:3a:4d:f6:6d:7c:5b:0a:23:55:8e:6e:98:72:f4:2a:f5:
         c4:e0:c9:0a:5c:9c:87:c5:02:31:21:1b:93:1e:13:d5:9a:65:
         9d:58:93:e5:f2:ba:38:5a:72:8a:0a:fa:11:83:e7:4d:a0:bb:
         39:42:8c:d4:86:a5:90:eb:18:86:59:27:79:ef:35:4b:c6:52:
         8a:4b:0d:54:80:5f:d8:dc:f5:50:a8:7e:d6:e1:7b:94:b4:f7:
         df:6b:9f:db:09:e6:28:6d:8c:c2:03:f5:62:08:14:c5:1b:55:
         38:ae:a5:92:7c:33:c8:be:66:41:25:fa:c8:4f:cd:d4:78:98:
         ff:c9:33:d3:e5:0f:7e:6c:4f:30:12:13:a2:b9:af:d4:42:85:
         59:ad:dc:27:cb:91:fa:20:d5:87:fd:1f:42:45:41:e9:f5:05:
         77:03:df:45:75:64:f8:4b:49:78:53:ec:8f:e6:64:9d:02:d8:
         f5:0c:9a:c0:16:a1:da:69:5a:d9:60:33:d3:f4:09:ca:a9:1c:
         39:86:94:87:cd:ad:ee:1e:60:e5:48:b4:94:c2:61:d9:d8:ed:
         47:c1:58:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu8gskSGxTHtKLA8SSCEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwODIzMDcwMTUwWhcNMjUwODI0MDcwMTUwWjAzMTEwLwYDVQQD
EygzNDFhMzRjMTRhOTdhNDAzNDI3NDNjMWY5NWU2NWJmNzIxMTJiYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo5V7ihVpq5wgC91a2YRiHjg9TTX
J14xjY8FAj5reSNPyjSVbeMUZUiuHcIR+AUDgwnptu3UOcN0G5X7TNa0Ze36xAhg
flg67cZbkNf1m1zBy9CzS+VcuVP5dneyvEKHGSf5jDpxczdyl7nLhjCFztX3mTct
gUSe5MiKg7a6x6fY5NJLzh4TwYzm4ZD1Ev9t1bCviRonc3s/IXgwyutqdkvWnRWF
eJSKMlRQ1ZBQ/UG6sbDJtFDEdTTK2TxldZwfwwKWeXKx0wb2BA4JU0ngrQtCGWaL
kyMw6JHdepoaTQcZJCKhRpCDZp53xsb7jI7+XEuYtYyiRjCrWqY/+qkQlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQaNMFKl6QDQnQ8H5XmW/chEryPMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEClQaHe
IlMa2CTGLb+fT+HCIu9BIEmNgpUN4P4y+KZKDmgEE2Y6TfZtfFsKI1WObphy9Cr1
xODJClych8UCMSEbkx4T1ZplnViT5fK6OFpyigr6EYPnTaC7OUKM1IalkOsYhlkn
ee81S8ZSiksNVIBf2Nz1UKh+1uF7lLT332uf2wnmKG2MwgP1YggUxRtVOK6lknwz
yL5mQSX6yE/N1HiY/8kz0+UPfmxPMBITormv1EKFWa3cJ8uR+iDVh/0fQkVB6fUF
dwPfRXVk+EtJeFPsj+ZknQLY9QyawBah2mla2WAz0/QJyqkcOYaUh82t7h5g5Ui0
lMJh2djtR8FYCQ==
-----END CERTIFICATE-----