Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          YTWr/1+QWQS9Q79WOY2sePon7Y9+kOFsSkZcQSmCNMc=
Subject key identifier:   DE:58:3D:C0:79:FC:81:5C:D8:D7:25:3B:A4:94:9C:20:D6:4D:7E:34
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       0198D4733722E0653AEFA5985047C1670C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1112
Signing time:             Sat 23 Aug 2025 01:02:57 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:57 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:57 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: w6RC6sN2r91Dk43ZTptiZNQeNAzWIepPoOChbxRFMtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:37:22:e0:65:3a:ef:a5:98:50:47:c1:67:0c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Aug 23 01:02:57 2025 GMT
            Not After : Aug 24 01:02:57 2025 GMT
        Subject: CN=de583dc079fc815cd8d7253ba4949c20d64d7e34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:61:64:2b:92:26:dd:35:1c:57:73:d0:06:2b:
                    09:f0:52:26:47:1c:9d:a6:4e:63:06:9d:0f:87:ae:
                    1c:58:07:92:13:e3:5b:f9:5a:e4:9a:d4:37:ac:f6:
                    4e:e4:9c:a2:2e:fa:37:3a:5a:6a:59:ce:6e:ad:4f:
                    2b:f4:02:5d:8b:41:d2:93:90:38:44:d4:83:3c:4b:
                    6e:be:c5:31:a0:c5:c6:19:54:78:2a:26:c7:03:fb:
                    d5:ae:58:0b:7a:0a:8c:3e:0e:38:d5:d3:2d:cb:fa:
                    84:a5:e4:de:89:d7:cc:49:ef:bc:83:05:25:4e:1a:
                    64:02:e0:90:3b:3d:e2:12:9f:62:81:ce:dd:ab:3f:
                    1f:47:4f:12:94:03:e9:ac:b6:af:11:0e:6b:58:aa:
                    16:ad:5a:aa:b7:d8:5c:87:dd:ba:f2:2f:62:d3:78:
                    ec:51:97:c2:76:1e:44:e6:98:0a:90:8a:ed:11:0f:
                    20:82:72:35:22:ba:29:c2:a8:09:7e:00:fa:4b:4d:
                    ff:bf:fe:23:f1:4c:99:1b:e8:75:c2:18:58:20:1f:
                    58:05:47:a9:cb:f6:ad:b2:9c:07:23:c4:0c:0a:b1:
                    b6:cd:10:5f:2a:cb:aa:2e:5d:28:20:34:f6:d3:df:
                    b4:f2:3e:92:3c:d4:64:7f:1e:cb:3f:67:ce:8d:3c:
                    14:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:58:3D:C0:79:FC:81:5C:D8:D7:25:3B:A4:94:9C:20:D6:4D:7E:34
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:50:0e:36:c2:90:c5:09:33:7f:36:ef:07:84:e0:f6:19:33:
         ec:f7:f9:c8:4e:22:2e:90:1f:7a:d2:f5:cc:dc:c2:5c:5d:6c:
         53:1c:9c:7d:3f:f8:3a:54:65:ea:77:1e:f1:4b:2d:39:f8:c4:
         69:eb:81:88:c4:04:98:69:08:76:e9:37:78:7c:9c:0d:b3:21:
         ef:81:84:2e:a2:c3:36:45:c6:7d:98:1d:f3:21:77:67:3d:7f:
         2d:ea:9b:04:ac:72:c8:49:46:10:09:c1:76:06:4e:f3:6d:d5:
         e3:69:5c:d3:ea:d0:b3:22:aa:cb:21:bd:a6:f1:0a:13:63:22:
         a5:18:90:20:54:ff:0e:cc:99:d7:20:a8:a9:38:aa:8e:df:3c:
         8e:7f:0f:a0:9e:24:ff:48:16:66:94:8c:03:ad:42:b9:18:1b:
         5a:7f:aa:45:a9:e9:1c:12:32:87:f7:4e:44:54:04:ac:64:81:
         24:26:3f:27:72:74:a8:89:ba:08:e9:3d:aa:9e:ea:01:90:67:
         3c:83:a3:6a:d6:fa:da:68:64:ae:c1:bf:19:61:68:65:ca:57:
         18:55:39:d8:ce:35:a3:bc:62:02:b8:75:f6:5d:48:61:a9:9a:
         ec:7f:d2:df:bd:50:bb:f9:ed:85:ae:1f:68:b5:13:32:12:d9:
         ad:49:42:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUczci4GU676WYUEfBZwyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUwODIzMDEwMjU3WhcNMjUwODI0MDEwMjU3WjAzMTEwLwYDVQQD
EyhkZTU4M2RjMDc5ZmM4MTVjZDhkNzI1M2JhNDk0OWMyMGQ2NGQ3ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GFkK5Im3TUcV3PQBisJ8FImRxyd
pk5jBp0Ph64cWAeSE+Nb+VrkmtQ3rPZO5JyiLvo3OlpqWc5urU8r9AJdi0HSk5A4
RNSDPEtuvsUxoMXGGVR4KibHA/vVrlgLegqMPg441dMty/qEpeTeidfMSe+8gwUl
ThpkAuCQOz3iEp9igc7dqz8fR08SlAPprLavEQ5rWKoWrVqqt9hch9268i9i03js
UZfCdh5E5pgKkIrtEQ8ggnI1IropwqgJfgD6S03/v/4j8UyZG+h1whhYIB9YBUep
y/atspwHI8QMCrG2zRBfKsuqLl0oIDT209+08j6SPNRkfx7LP2fOjTwUnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5YPcB5/IFc2NclO6SUnCDWTX40MB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1AONsKQ
xQkzfzbvB4Tg9hkz7Pf5yE4iLpAfetL1zNzCXF1sUxycfT/4OlRl6nce8UstOfjE
aeuBiMQEmGkIduk3eHycDbMh74GELqLDNkXGfZgd8yF3Zz1/LeqbBKxyyElGEAnB
dgZO823V42lc0+rQsyKqyyG9pvEKE2MipRiQIFT/DsyZ1yCoqTiqjt88jn8PoJ4k
/0gWZpSMA61CuRgbWn+qRanpHBIyh/dORFQErGSBJCY/J3J0qIm6COk9qp7qAZBn
PIOjatb62mhkrsG/GWFoZcpXGFU52M41o7xiArh19l1IYama7H/S371Qu/ntha4f
aLUTMhLZrUlCJA==
-----END CERTIFICATE-----