Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
File:                     dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft (raw, json)
Hash identifier:          SxroqNmT18yvKIawVLVLfcuYBsYqUMMzpsqPq3hfXqM=
Subject key identifier:   8E:DC:9C:C4:2C:7F:A5:CA:34:D2:4D:52:8C:B1:AB:37:24:7D:BC:4D
Authority key identifier: 76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66
Certificate issuer:       /CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
Certificate serial:       0198D660171980E29D31C7EBD8DA3359F1DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
Manifest number:          0475
Signing time:             Sat 23 Aug 2025 10:01:18 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:18 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:18 +0000
Files and hashes:         1: dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl (hash: k6ZGs2yMLJGuleTWKOtWGRoUboQaofIjHEdgsRqUOqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:17:19:80:e2:9d:31:c7:eb:d8:da:33:59:f1:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
        Validity
            Not Before: Aug 23 10:01:18 2025 GMT
            Not After : Aug 24 10:01:18 2025 GMT
        Subject: CN=8edc9cc42c7fa5ca34d24d528cb1ab37247dbc4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:71:df:02:7a:59:96:46:9a:c3:0f:b3:21:b4:
                    be:d9:74:0a:a0:c0:23:a8:20:8c:a2:8d:d0:70:7a:
                    91:0c:7c:05:73:46:8e:b2:7b:64:62:d0:ff:39:e6:
                    be:11:75:39:e6:27:05:bb:c9:32:70:dc:60:90:72:
                    fe:cb:d3:e9:58:70:5d:b2:20:c4:97:ac:f8:92:d9:
                    e7:e9:f7:8b:f0:b8:5e:ae:a2:27:cd:03:fb:f5:d5:
                    8d:18:bf:9f:10:89:41:5a:78:7a:4b:fa:a8:8c:6c:
                    f1:8f:f7:3c:7a:c8:09:7a:32:13:f3:b9:67:2b:5c:
                    2a:5a:6d:e9:d1:f6:34:16:df:0c:c2:4b:f6:a5:2d:
                    8f:82:b2:d1:32:1e:a4:54:b5:4b:10:71:2a:68:9a:
                    d7:ed:ce:b8:d6:4a:e1:b2:16:d9:96:81:05:ca:71:
                    d2:8b:cd:f3:7e:8e:1a:66:41:13:e7:cd:c4:03:f1:
                    64:de:b2:f7:4f:c4:a2:aa:75:89:e2:ff:36:ef:9c:
                    f2:11:8a:af:cc:ca:2b:76:c5:dd:ba:98:4c:d3:a0:
                    69:d5:69:a9:1d:0b:76:d0:68:25:77:07:61:fc:13:
                    01:0f:c7:56:72:1a:a7:01:79:c5:bf:73:ed:db:75:
                    ac:02:a1:c0:bc:19:14:ef:4d:e4:b3:e2:66:7f:fe:
                    93:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:DC:9C:C4:2C:7F:A5:CA:34:D2:4D:52:8C:B1:AB:37:24:7D:BC:4D
            X509v3 Authority Key Identifier:
                keyid:76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:99:3b:2c:0a:4d:40:6a:71:50:a5:9f:6c:d9:93:80:80:9e:
         84:19:e9:89:08:b2:4b:7c:f2:9d:3b:79:a6:0e:76:f7:42:08:
         a6:89:93:1e:b5:90:3b:c5:51:ad:1b:56:e6:41:a7:e3:13:81:
         06:b4:65:08:61:4f:be:f1:16:16:41:f6:18:c3:ea:04:de:a1:
         47:78:69:4d:9d:fe:46:94:e0:65:3a:c8:71:af:95:bf:4d:2e:
         cd:f3:49:11:eb:09:c4:19:e8:d3:38:73:be:a5:79:12:bf:58:
         2e:e9:7f:7e:31:13:58:77:92:eb:e5:b6:9e:7f:2a:33:42:71:
         d2:13:ce:11:11:e5:76:33:5a:90:ca:76:ec:c7:4d:1f:10:04:
         3e:23:6c:38:b8:4e:e8:a9:ff:18:62:0d:60:50:02:09:e7:8f:
         a4:3d:7a:c3:4a:7e:e8:14:06:74:7c:63:60:1f:27:68:45:39:
         45:cc:c4:af:03:d2:25:91:af:cf:e9:d1:7d:72:f7:b5:9e:63:
         35:11:cc:dd:d2:19:5e:c0:da:68:fd:ab:02:fc:35:06:5f:ed:
         08:2a:b7:23:c0:56:cd:4a:08:d1:b7:a2:f1:0f:69:8c:58:d4:
         70:53:4e:50:2e:04:6a:e1:3e:30:71:3d:3e:84:60:2b:73:6e:
         f4:36:a6:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYBcZgOKdMcfr2NozWfHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MDdmNjlkZWU0M2FjMDFkN2RmZWFjYTliNzZhMjQwZWE2
ZWYzNjYwHhcNMjUwODIzMTAwMTE4WhcNMjUwODI0MTAwMTE4WjAzMTEwLwYDVQQD
Eyg4ZWRjOWNjNDJjN2ZhNWNhMzRkMjRkNTI4Y2IxYWIzNzI0N2RiYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXHfAnpZlkaaww+zIbS+2XQKoMAj
qCCMoo3QcHqRDHwFc0aOsntkYtD/Oea+EXU55icFu8kycNxgkHL+y9PpWHBdsiDE
l6z4ktnn6feL8LherqInzQP79dWNGL+fEIlBWnh6S/qojGzxj/c8esgJejIT87ln
K1wqWm3p0fY0Ft8Mwkv2pS2PgrLRMh6kVLVLEHEqaJrX7c641krhshbZloEFynHS
i83zfo4aZkET583EA/Fk3rL3T8SiqnWJ4v8275zyEYqvzMordsXduphM06Bp1Wmp
HQt20Ggldwdh/BMBD8dWchqnAXnFv3Pt23WsAqHAvBkU703ks+Jmf/6TSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7cnMQsf6XKNNJNUoyxqzckfbxNMB8GA1UdIwQY
MBaAFHYH9p3uQ6wB19/qypt2okDqbvNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTct
YzAyNDNhM2JkYWZiLzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTctYzAyNDNhM2JkYWZi
LzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg5k7LApN
QGpxUKWfbNmTgICehBnpiQiyS3zynTt5pg5290IIpomTHrWQO8VRrRtW5kGn4xOB
BrRlCGFPvvEWFkH2GMPqBN6hR3hpTZ3+RpTgZTrIca+Vv00uzfNJEesJxBno0zhz
vqV5Er9YLul/fjETWHeS6+W2nn8qM0Jx0hPOERHldjNakMp27MdNHxAEPiNsOLhO
6Kn/GGINYFACCeePpD16w0p+6BQGdHxjYB8naEU5RczErwPSJZGvz+nRfXL3tZ5j
NRHM3dIZXsDaaP2rAvw1Bl/tCCq3I8BWzUoI0bei8Q9pjFjUcFNOUC4EauE+MHE9
PoRgK3Nu9Dam/w==
-----END CERTIFICATE-----