Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
File:                     ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft (raw, json)
Hash identifier:          sfPCByjhDJHZd/tShEL2uvjzOYJWfwRneczuo9GcwOo=
Subject key identifier:   34:24:2E:2D:1A:BF:45:3E:3F:74:06:48:92:91:91:A9:EC:E4:99:03
Authority key identifier: 64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9
Certificate issuer:       /CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
Certificate serial:       0198D474571753A9EBC3C4181598D710A075
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
Manifest number:          15D7
Signing time:             Sat 23 Aug 2025 01:04:10 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:10 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:10 +0000
Files and hashes:         1: ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl (hash: umkxQpdShy686wl9IY5nuLI5UrdmWsgvJGPEWgzh2w0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:57:17:53:a9:eb:c3:c4:18:15:98:d7:10:a0:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
        Validity
            Not Before: Aug 23 01:04:10 2025 GMT
            Not After : Aug 24 01:04:10 2025 GMT
        Subject: CN=34242e2d1abf453e3f740648929191a9ece49903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:bb:cb:48:d8:1f:bf:5b:a2:b9:e3:2a:10:ff:
                    77:d8:1d:6b:53:34:8d:d0:63:e6:c6:25:77:db:89:
                    c7:50:43:71:ba:de:36:a9:a5:dd:e7:74:49:8e:88:
                    ca:d5:97:62:2b:41:47:02:30:f9:d7:60:34:b8:2c:
                    1a:8e:d7:31:85:be:1b:80:5e:3a:4e:68:bb:4b:5a:
                    de:99:1c:75:eb:97:c3:0d:47:c1:5d:b2:46:13:bb:
                    b4:a0:2c:b8:62:c4:b5:a4:40:b9:42:1b:6a:db:87:
                    0d:21:9b:98:55:3a:f8:f0:e1:ce:51:2b:c3:73:59:
                    e1:5c:04:38:9e:bf:24:01:64:68:d1:f1:5a:3d:6b:
                    44:9a:49:23:02:2b:74:83:bc:fa:66:cb:cc:5a:4d:
                    77:53:fb:34:72:5d:0d:9d:7e:85:f3:88:5a:fb:63:
                    42:56:7c:f2:e1:b7:3b:09:f6:b5:92:96:6a:f3:4b:
                    01:30:96:d9:6c:d3:60:d2:05:b7:1a:de:a2:48:87:
                    ae:31:0e:04:a5:70:79:a1:6f:98:3b:78:4f:e7:09:
                    f0:b5:82:93:f9:a7:62:96:cc:b1:94:df:97:64:b4:
                    31:df:c7:cd:29:aa:55:99:7c:c9:d8:d4:b7:9a:73:
                    ff:18:0e:81:d3:e3:18:e9:b3:22:1f:57:f0:1a:b1:
                    85:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:24:2E:2D:1A:BF:45:3E:3F:74:06:48:92:91:91:A9:EC:E4:99:03
            X509v3 Authority Key Identifier:
                keyid:64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:83:39:bb:8e:27:66:b2:45:95:70:80:54:ac:0d:86:b5:b7:
         9d:bf:ba:77:75:66:b0:a1:b6:1f:57:2f:90:72:3d:c5:ba:77:
         2a:5e:b5:99:b5:00:fe:7b:be:e5:2c:29:49:69:7b:cd:34:c1:
         ad:d5:ce:20:b2:55:d1:5d:16:73:ff:27:03:d1:f4:c0:ae:6d:
         f6:7e:bb:db:33:df:a1:26:4d:27:ff:20:70:64:aa:cc:be:35:
         fd:93:d7:c6:50:65:f7:bb:cb:5b:db:c8:e8:da:68:d7:d7:43:
         0c:d8:bb:7b:b2:17:27:a2:dd:c6:fb:27:d6:c0:07:55:5c:ae:
         00:f1:ce:f3:d2:71:88:c9:cd:6b:ef:e2:d9:bb:23:16:1b:c4:
         96:88:f9:64:09:cd:fd:fa:a9:8a:73:4b:0e:b9:73:1f:9e:69:
         cb:87:32:2a:13:1e:26:bc:a6:14:3b:7f:06:0c:37:9b:be:f7:
         20:28:95:58:d0:0e:9c:cf:9f:8c:83:16:98:fe:72:36:cf:43:
         27:a0:f1:a8:02:08:2f:90:c3:4e:59:e7:b6:07:88:76:13:10:
         71:27:98:8f:84:30:f0:eb:bc:af:46:a6:ea:3f:07:ff:86:64:
         5b:37:23:e6:08:8a:c5:0f:98:1e:69:a0:39:79:53:5d:51:1d:
         d9:50:0d:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdFcXU6nrw8QYFZjXEKB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFlYWUyOGE0MWZjNzQwMTBkMGJmYjgzZmQ4MGNhMzQ1
YzU3ZjkwHhcNMjUwODIzMDEwNDEwWhcNMjUwODI0MDEwNDEwWjAzMTEwLwYDVQQD
EygzNDI0MmUyZDFhYmY0NTNlM2Y3NDA2NDg5MjkxOTFhOWVjZTQ5OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrvLSNgfv1uiueMqEP932B1rUzSN
0GPmxiV324nHUENxut42qaXd53RJjojK1ZdiK0FHAjD512A0uCwajtcxhb4bgF46
Tmi7S1remRx165fDDUfBXbJGE7u0oCy4YsS1pEC5Qhtq24cNIZuYVTr48OHOUSvD
c1nhXAQ4nr8kAWRo0fFaPWtEmkkjAit0g7z6ZsvMWk13U/s0cl0NnX6F84ha+2NC
Vnzy4bc7Cfa1kpZq80sBMJbZbNNg0gW3Gt6iSIeuMQ4EpXB5oW+YO3hP5wnwtYKT
+adilsyxlN+XZLQx38fNKapVmXzJ2NS3mnP/GA6B0+MY6bMiH1fwGrGF0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQkLi0av0U+P3QGSJKRkans5JkDMB8GA1UdIwQY
MBaAFGTa6uKKQfx0AQ0L+4P9gMo0XFf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYt
NjVhMjQyMDAyMjcwLzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYtNjVhMjQyMDAyMjcw
LzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIM5u44n
ZrJFlXCAVKwNhrW3nb+6d3VmsKG2H1cvkHI9xbp3Kl61mbUA/nu+5SwpSWl7zTTB
rdXOILJV0V0Wc/8nA9H0wK5t9n672zPfoSZNJ/8gcGSqzL41/ZPXxlBl97vLW9vI
6Npo19dDDNi7e7IXJ6Ldxvsn1sAHVVyuAPHO89JxiMnNa+/i2bsjFhvEloj5ZAnN
/fqpinNLDrlzH55py4cyKhMeJrymFDt/Bgw3m773ICiVWNAOnM+fjIMWmP5yNs9D
J6DxqAIIL5DDTlnntgeIdhMQcSeYj4Qw8Ou8r0am6j8H/4ZkWzcj5giKxQ+YHmmg
OXlTXVEd2VANIQ==
-----END CERTIFICATE-----