Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          rhbEsQaASp6cRuQuZGkcR5b9kAnibA4MJRO8obyq64o=
Subject key identifier:   AA:82:C4:82:4F:59:ED:46:6A:F7:61:00:1F:F4:13:B3:FE:D4:C9:11
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       0198D660EB24E12AC6C3ED219F40B1AB5DA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          0FB0
Signing time:             Sat 23 Aug 2025 10:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:12 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: HXghnMu0FNVI9rQLzIRjubp6fI6ZI05IsQCGurvQk0s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:eb:24:e1:2a:c6:c3:ed:21:9f:40:b1:ab:5d:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Aug 23 10:02:12 2025 GMT
            Not After : Aug 24 10:02:12 2025 GMT
        Subject: CN=aa82c4824f59ed466af761001ff413b3fed4c911
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:bc:00:72:d6:14:20:8e:fc:e1:47:66:f1:a6:
                    56:66:83:32:8c:9a:77:43:f5:16:93:c2:27:e3:2e:
                    e9:8a:80:99:5f:9d:67:db:5a:30:4a:32:77:80:ac:
                    ee:76:a3:8f:de:7f:24:09:b1:fa:80:f7:2e:a2:a3:
                    e9:de:7b:8a:cd:2a:64:60:91:83:32:5d:a0:b5:03:
                    3f:1b:34:f1:f4:8e:2d:de:95:1a:e4:fb:0e:f8:ab:
                    f7:45:df:e1:91:08:08:44:0d:c1:14:1e:d0:eb:a1:
                    3e:8e:78:2c:79:7d:9c:86:57:03:bf:ad:05:81:98:
                    f5:f4:65:d6:b9:c5:38:be:7c:ba:8d:f7:3f:e5:5c:
                    3d:05:1b:ec:b9:de:da:5a:3b:7b:4c:0f:9e:7d:72:
                    ba:86:31:4f:ac:d3:c9:5f:5e:92:3e:91:0f:73:0b:
                    8b:d3:2b:69:73:4b:45:d7:52:a5:d7:2a:56:d8:84:
                    d9:52:5b:f1:4c:9e:c5:44:09:27:26:4a:0c:5a:d5:
                    e5:4c:06:87:c1:4c:27:20:8f:23:07:48:f7:6c:68:
                    10:49:a4:97:72:5d:b6:4d:2f:68:a9:c5:86:f1:52:
                    b2:6c:b6:40:4f:3c:5c:17:98:73:e4:a1:5e:c6:c8:
                    ab:40:40:cd:c1:12:55:3a:30:cf:fc:fa:32:d2:f7:
                    64:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:82:C4:82:4F:59:ED:46:6A:F7:61:00:1F:F4:13:B3:FE:D4:C9:11
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:85:a8:63:8c:72:2c:dd:0e:99:d7:cd:56:4e:d0:2e:c2:4b:
         88:64:20:93:b0:9b:99:10:b9:ad:bc:e7:32:73:ee:24:93:88:
         17:cc:2d:49:cb:6c:ab:b3:4a:3f:46:15:3e:40:2f:05:f5:5f:
         18:87:1f:26:9d:51:ab:fd:d5:b9:c6:e6:80:d7:3d:1b:56:f7:
         db:c8:91:b0:e2:9c:55:8d:9f:01:da:96:a6:f9:3f:e3:9e:fc:
         fb:7a:a8:1e:28:79:1d:f6:dc:2c:95:1d:b8:79:02:41:72:3a:
         6e:16:c8:aa:f7:cc:c3:e4:8c:57:88:c6:bf:fd:42:7f:a3:2f:
         1b:f6:43:95:e1:63:11:39:f1:9d:1b:d0:82:62:d7:13:3d:0b:
         99:3d:0e:43:b5:58:07:8f:5a:d6:f7:c5:a1:79:b2:07:e8:c0:
         1a:bd:4d:29:f2:c3:08:81:eb:58:28:16:f0:a6:60:a5:44:95:
         9b:48:26:fd:9a:fc:cb:c0:9f:92:89:76:17:48:37:a3:1d:7e:
         f9:4c:04:c0:77:a0:4c:57:fd:5e:6d:9a:17:da:33:86:11:d3:
         18:01:a1:3e:00:a7:44:be:63:39:cd:18:3e:7d:6e:08:78:71:
         70:b5:b7:a1:de:f5:ad:2d:eb:1b:f9:e9:d1:b1:97:15:73:62:
         f0:8b:af:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYOsk4SrGw+0hn0Cxq12lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjUwODIzMTAwMjEyWhcNMjUwODI0MTAwMjEyWjAzMTEwLwYDVQQD
EyhhYTgyYzQ4MjRmNTllZDQ2NmFmNzYxMDAxZmY0MTNiM2ZlZDRjOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLwActYUII784Udm8aZWZoMyjJp3
Q/UWk8In4y7pioCZX51n21owSjJ3gKzudqOP3n8kCbH6gPcuoqPp3nuKzSpkYJGD
Ml2gtQM/GzTx9I4t3pUa5PsO+Kv3Rd/hkQgIRA3BFB7Q66E+jngseX2chlcDv60F
gZj19GXWucU4vny6jfc/5Vw9BRvsud7aWjt7TA+efXK6hjFPrNPJX16SPpEPcwuL
0ytpc0tF11Kl1ypW2ITZUlvxTJ7FRAknJkoMWtXlTAaHwUwnII8jB0j3bGgQSaSX
cl22TS9oqcWG8VKybLZATzxcF5hz5KFexsirQEDNwRJVOjDP/Poy0vdkjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqCxIJPWe1GavdhAB/0E7P+1MkRMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4WoY4xy
LN0OmdfNVk7QLsJLiGQgk7CbmRC5rbznMnPuJJOIF8wtSctsq7NKP0YVPkAvBfVf
GIcfJp1Rq/3VucbmgNc9G1b328iRsOKcVY2fAdqWpvk/4578+3qoHih5HfbcLJUd
uHkCQXI6bhbIqvfMw+SMV4jGv/1Cf6MvG/ZDleFjETnxnRvQgmLXEz0LmT0OQ7VY
B49a1vfFoXmyB+jAGr1NKfLDCIHrWCgW8KZgpUSVm0gm/Zr8y8Cfkol2F0g3ox1+
+UwEwHegTFf9Xm2aF9ozhhHTGAGhPgCnRL5jOc0YPn1uCHhxcLW3od71rS3rG/np
0bGXFXNi8IuvmQ==
-----END CERTIFICATE-----