Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
File:                     uo1nmL3QsriAXUOzRV92c5uUbx0.mft (raw, json)
Hash identifier:          FvE4M9ptRg27VqH5pB7J8P7ZdJY31y2iiONdlbfy7TY=
Subject key identifier:   D1:10:52:39:1C:A2:82:39:69:7C:3D:1D:98:55:AD:E2:E6:EF:E5:3D
Authority key identifier: BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D
Certificate issuer:       /CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
Certificate serial:       0198D473D6ED29F1CB0317AB31D13F504511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
Manifest number:          15D8
Signing time:             Sat 23 Aug 2025 01:03:38 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:38 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:38 +0000
Files and hashes:         1: uo1nmL3QsriAXUOzRV92c5uUbx0.crl (hash: NExaO2uUOI8clfBXGADeVZemotQ6Ug17nQgKRDPsKTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:d6:ed:29:f1:cb:03:17:ab:31:d1:3f:50:45:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
        Validity
            Not Before: Aug 23 01:03:38 2025 GMT
            Not After : Aug 24 01:03:38 2025 GMT
        Subject: CN=d11052391ca28239697c3d1d9855ade2e6efe53d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:93:52:05:50:3e:ab:76:0b:c1:4d:18:3e:22:
                    0e:42:c6:e5:80:d8:44:45:25:2b:09:37:63:39:b6:
                    d8:9c:bf:7c:ea:16:aa:b3:f4:17:46:30:dd:cf:d6:
                    ee:37:80:16:25:cf:a7:fd:c5:60:a9:e4:d3:5c:ee:
                    1a:4c:55:42:8e:63:26:e4:6c:ea:57:42:9f:35:2a:
                    83:0b:8b:d3:90:75:2e:cb:64:0e:97:ab:95:ee:03:
                    1b:7b:67:39:26:89:d2:56:48:89:7f:20:f1:d2:91:
                    9f:f2:c6:72:48:65:4c:03:22:8e:ea:4d:40:da:30:
                    3a:3c:0c:4e:3e:01:fc:46:d2:20:99:c4:4e:f4:45:
                    60:76:e4:92:af:f7:55:31:80:90:10:6d:29:49:a0:
                    60:70:ce:b7:b9:a5:fe:9e:5f:a4:2b:2e:8e:c1:ad:
                    2a:98:dd:d0:21:be:6a:33:1c:f8:c5:46:af:ce:be:
                    f1:71:ae:80:e9:e8:af:cf:a3:30:34:ea:ee:c3:99:
                    7e:8e:e8:7e:a4:9b:db:cd:83:64:15:88:90:fb:7c:
                    cf:2b:ab:8c:f9:ee:79:07:4d:df:a0:3b:b1:6c:82:
                    49:17:50:41:08:a6:aa:60:cc:ff:27:d4:12:45:d8:
                    71:9a:4f:73:dd:56:7c:89:8c:0e:93:f4:75:61:07:
                    14:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:10:52:39:1C:A2:82:39:69:7C:3D:1D:98:55:AD:E2:E6:EF:E5:3D
            X509v3 Authority Key Identifier:
                keyid:BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:c6:24:b6:6f:67:c3:0a:02:6f:47:a1:4d:b6:d7:0d:53:9f:
         0d:e2:0e:30:25:f7:d9:7b:ac:2a:93:70:df:44:b2:0e:37:e6:
         2b:5d:e3:6d:19:82:67:cc:56:41:49:18:45:fb:fe:50:0e:e6:
         78:1a:e7:61:67:d0:1b:bb:2a:d8:92:d4:a6:e3:58:c1:46:a9:
         78:f4:70:cf:a4:21:e5:8d:54:2a:3b:2e:8b:ed:fe:8d:20:f7:
         fe:d7:09:d6:9f:d3:3c:43:c9:c3:7c:38:60:99:7e:d5:c3:e1:
         b9:47:b7:30:a8:db:2d:1e:1f:6c:e3:6e:a6:3b:4e:47:6b:bc:
         a0:81:8d:1e:90:1a:7b:e3:62:7d:74:8e:c6:b4:5f:ca:52:cf:
         1e:87:ef:be:ea:09:d1:35:0e:c5:9d:77:1d:f3:06:bf:46:c3:
         05:c4:88:25:3c:6a:42:0d:8e:5a:6e:08:19:01:1d:4a:7c:0d:
         5b:8f:0c:da:5a:9b:15:50:64:7d:8c:06:0a:fb:bc:77:6a:72:
         e4:37:e5:52:9d:50:4d:4f:83:a4:f9:0d:c7:b8:03:e2:b0:ba:
         ca:2e:b9:3e:fa:4d:ca:37:d1:db:9e:72:12:50:16:a0:ad:ea:
         50:76:d3:42:7a:97:b8:d0:ce:5f:44:8c:86:71:04:69:1a:42:
         b4:f6:ad:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc9btKfHLAxerMdE/UEURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOGQ2Nzk4YmRkMGIyYjg4MDVkNDNiMzQ1NWY3NjczOWI5
NDZmMWQwHhcNMjUwODIzMDEwMzM4WhcNMjUwODI0MDEwMzM4WjAzMTEwLwYDVQQD
EyhkMTEwNTIzOTFjYTI4MjM5Njk3YzNkMWQ5ODU1YWRlMmU2ZWZlNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpNSBVA+q3YLwU0YPiIOQsblgNhE
RSUrCTdjObbYnL986haqs/QXRjDdz9buN4AWJc+n/cVgqeTTXO4aTFVCjmMm5Gzq
V0KfNSqDC4vTkHUuy2QOl6uV7gMbe2c5JonSVkiJfyDx0pGf8sZySGVMAyKO6k1A
2jA6PAxOPgH8RtIgmcRO9EVgduSSr/dVMYCQEG0pSaBgcM63uaX+nl+kKy6Owa0q
mN3QIb5qMxz4xUavzr7xca6A6eivz6MwNOruw5l+juh+pJvbzYNkFYiQ+3zPK6uM
+e55B03foDuxbIJJF1BBCKaqYMz/J9QSRdhxmk9z3VZ8iYwOk/R1YQcUHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEQUjkcooI5aXw9HZhVreLm7+U9MB8GA1UdIwQY
MBaAFLqNZ5i90LK4gF1Ds0VfdnOblG8dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAt
ZWM1NmMwYjA4MWFlLzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAtZWM1NmMwYjA4MWFl
LzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtMYktm9n
wwoCb0ehTbbXDVOfDeIOMCX32XusKpNw30SyDjfmK13jbRmCZ8xWQUkYRfv+UA7m
eBrnYWfQG7sq2JLUpuNYwUapePRwz6Qh5Y1UKjsui+3+jSD3/tcJ1p/TPEPJw3w4
YJl+1cPhuUe3MKjbLR4fbONupjtOR2u8oIGNHpAae+NifXSOxrRfylLPHofvvuoJ
0TUOxZ13HfMGv0bDBcSIJTxqQg2OWm4IGQEdSnwNW48M2lqbFVBkfYwGCvu8d2py
5DflUp1QTU+DpPkNx7gD4rC6yi65PvpNyjfR255yElAWoK3qUHbTQnqXuNDOX0SM
hnEEaRpCtPat5A==
-----END CERTIFICATE-----