Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          eOz5mXeBOUwNW4KctbKTW57+MHw8utoTzbLsm9BS+D4=
Subject key identifier:   8A:CD:7F:43:9B:F3:3B:2F:A2:EA:56:F4:CE:0F:38:D3:D0:76:E6:81
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       0198D7A9934CB5324103B511F1A66173F2F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 16:01:11 +0000
Manifest this update:     Sat 23 Aug 2025 16:01:11 +0000
Manifest next update:     Sun 24 Aug 2025 16:01:11 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: kZqhltmkCFNoQtBdHqLIhmtGdNbgRIpV5wTT6lF+uLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:93:4c:b5:32:41:03:b5:11:f1:a6:61:73:f2:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Aug 23 16:01:11 2025 GMT
            Not After : Aug 24 16:01:11 2025 GMT
        Subject: CN=8acd7f439bf33b2fa2ea56f4ce0f38d3d076e681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:11:46:c4:19:d5:b5:6f:aa:6e:2a:7e:a2:dc:
                    f5:23:08:2c:be:ab:27:9e:2b:34:14:79:16:fd:b8:
                    c0:d9:d2:71:68:f7:c2:f9:84:5e:34:fb:a0:68:1c:
                    1f:85:85:1c:6c:59:c4:06:36:14:86:b0:3e:6c:1b:
                    f2:d6:77:90:7b:06:ba:3b:de:35:4c:2e:c4:02:5f:
                    1c:c5:71:6c:e9:78:e9:7f:90:96:06:28:5f:cc:75:
                    0b:b6:98:14:fe:17:1b:d7:61:0e:e2:7b:83:b1:73:
                    02:61:46:18:0b:3c:82:72:57:4a:32:3f:57:ca:97:
                    e2:0e:f8:f6:f6:43:a8:10:25:ed:d4:b7:d3:2e:3f:
                    51:b2:d8:ce:1b:6a:d0:c1:e4:98:e4:0a:6f:19:13:
                    82:de:08:04:0b:31:e5:f6:c6:bf:f4:0c:9d:ef:b2:
                    75:ec:4a:df:50:b2:8a:7e:c5:c3:fd:12:77:26:4d:
                    aa:8b:57:88:76:22:e8:82:1d:2d:b1:25:b6:4d:a3:
                    d3:a5:ca:9c:4b:2b:9c:f1:fa:1f:df:97:13:c5:a9:
                    6d:4f:9e:76:f7:d5:20:81:cc:45:44:7e:5f:8e:f3:
                    64:a1:d6:c1:27:16:55:61:f8:c7:cf:3d:84:91:7f:
                    4b:1b:be:90:a0:92:2e:6f:a2:cb:2f:4f:ca:ed:4c:
                    c5:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:CD:7F:43:9B:F3:3B:2F:A2:EA:56:F4:CE:0F:38:D3:D0:76:E6:81
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:1b:17:19:09:93:2f:4a:66:f4:b8:f0:fb:88:02:33:ff:3d:
         ef:8f:93:1d:c2:46:39:7c:2c:d3:9f:cc:18:62:27:d8:73:f3:
         9c:62:4e:0e:a6:da:be:fe:6f:93:d7:dc:b1:32:8c:ca:55:10:
         e6:b5:14:46:9c:1f:0d:e0:bf:00:62:d4:bc:c9:43:ff:ad:9e:
         5f:dc:d8:3b:34:f0:94:3e:7a:02:d3:24:64:9b:ad:d3:7d:96:
         57:b1:fc:9c:45:78:1b:54:72:7f:81:5b:f8:7d:62:aa:ab:5f:
         a7:2c:e9:d8:fc:60:87:0e:0e:11:06:e5:56:f2:fa:93:e7:86:
         ba:3e:d0:14:f3:6e:e1:9c:e7:4a:23:b1:c4:59:c4:a9:aa:da:
         92:58:d6:32:58:c7:f4:2a:41:1d:71:36:6d:ef:e3:1d:3f:8f:
         60:ea:3a:27:c9:13:10:f1:b7:0b:87:fd:31:f5:a6:45:ce:31:
         79:58:02:f2:fe:16:b1:0e:89:36:71:4f:37:ff:65:60:23:f6:
         38:56:ee:48:c3:20:ae:ac:ea:e4:11:30:cf:21:d4:a3:11:1d:
         8c:c3:9d:a0:53:d8:9e:c2:4d:7e:47:a6:bc:83:3c:c7:77:e7:
         b4:42:51:f6:79:79:9e:a8:a1:d0:06:47:42:37:44:2b:3b:02:
         d0:be:a5:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqZNMtTJBA7UR8aZhc/L3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwODIzMTYwMTExWhcNMjUwODI0MTYwMTExWjAzMTEwLwYDVQQD
Eyg4YWNkN2Y0MzliZjMzYjJmYTJlYTU2ZjRjZTBmMzhkM2QwNzZlNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBFGxBnVtW+qbip+otz1Iwgsvqsn
nis0FHkW/bjA2dJxaPfC+YReNPugaBwfhYUcbFnEBjYUhrA+bBvy1neQewa6O941
TC7EAl8cxXFs6Xjpf5CWBihfzHULtpgU/hcb12EO4nuDsXMCYUYYCzyCcldKMj9X
ypfiDvj29kOoECXt1LfTLj9RstjOG2rQweSY5ApvGROC3ggECzHl9sa/9Ayd77J1
7ErfULKKfsXD/RJ3Jk2qi1eIdiLogh0tsSW2TaPTpcqcSyuc8fof35cTxaltT552
99UggcxFRH5fjvNkodbBJxZVYfjHzz2EkX9LG76QoJIub6LLL0/K7UzFlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrNf0Ob8zsvoupW9M4PONPQduaBMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBsXGQmT
L0pm9Ljw+4gCM/8974+THcJGOXws05/MGGIn2HPznGJODqbavv5vk9fcsTKMylUQ
5rUURpwfDeC/AGLUvMlD/62eX9zYOzTwlD56AtMkZJut032WV7H8nEV4G1Ryf4Fb
+H1iqqtfpyzp2Pxghw4OEQblVvL6k+eGuj7QFPNu4ZznSiOxxFnEqarakljWMljH
9CpBHXE2be/jHT+PYOo6J8kTEPG3C4f9MfWmRc4xeVgC8v4WsQ6JNnFPN/9lYCP2
OFbuSMMgrqzq5BEwzyHUoxEdjMOdoFPYnsJNfkemvIM8x3fntEJR9nl5nqih0AZH
QjdEKzsC0L6l+g==
-----END CERTIFICATE-----