Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
File:                     cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft (raw, json)
Hash identifier:          ucR8itgR+OYNMRH72orC+Tez21SEcd8dS0Djmq8gUes=
Subject key identifier:   1A:AD:04:F6:E6:02:89:0B:5C:4E:3A:FE:FF:24:27:9B:F5:5D:E4:D8
Authority key identifier: 73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6
Certificate issuer:       /CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
Certificate serial:       01984776E548C3F415FA1EE3599CC90BF04B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
Manifest number:          01D4
Signing time:             Sat 26 Jul 2025 16:00:30 +0000
Manifest this update:     Sat 26 Jul 2025 16:00:30 +0000
Manifest next update:     Sun 27 Jul 2025 16:00:30 +0000
Files and hashes:         1: cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl (hash: ayGAY5JocVgyrthGx1xiTMPcRdD4jxYhP/oUhIedov4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 15:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:76:e5:48:c3:f4:15:fa:1e:e3:59:9c:c9:0b:f0:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
        Validity
            Not Before: Jul 26 16:00:30 2025 GMT
            Not After : Jul 27 16:00:30 2025 GMT
        Subject: CN=1aad04f6e602890b5c4e3afeff24279bf55de4d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:46:b0:f5:04:e8:21:c7:26:5f:6d:ce:b2:70:
                    fb:2e:92:ae:f4:a8:e0:b0:8c:b9:ba:de:88:8f:22:
                    6e:eb:15:fb:a1:9e:f2:be:c1:5d:55:49:86:04:5e:
                    b7:8d:18:c8:56:26:9d:7b:c7:58:99:fd:e0:3b:40:
                    d9:97:07:79:c0:73:21:7d:a2:1b:31:2a:59:55:0f:
                    08:20:a5:81:55:b0:c4:ac:45:06:10:41:67:3d:72:
                    48:56:15:ae:c0:58:0b:20:f3:37:ea:3f:4f:7f:e6:
                    ae:04:59:9d:24:80:80:3b:67:94:15:2e:6e:80:74:
                    5b:3a:a9:d4:bd:51:03:12:f7:37:5a:2e:c6:3b:48:
                    60:a6:df:e3:80:9c:b4:ad:1b:cc:62:2d:58:8a:90:
                    1a:7f:1e:ba:79:e3:1f:2c:15:73:a1:32:19:e4:e9:
                    9a:93:26:8c:b3:f4:a6:38:9a:43:91:5e:dd:62:04:
                    03:95:8e:0c:5d:8b:09:fc:70:f4:c9:7a:6b:81:f7:
                    f5:9c:00:2d:7c:cc:2c:e4:da:27:9e:53:01:27:02:
                    06:1a:5c:7c:28:81:de:d9:09:18:dc:34:65:37:ec:
                    b4:e2:9a:8b:d0:18:f9:24:59:00:ad:f5:19:ff:fe:
                    c7:fe:cc:df:da:89:5d:ec:ad:6b:20:7f:b6:aa:45:
                    88:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:AD:04:F6:E6:02:89:0B:5C:4E:3A:FE:FF:24:27:9B:F5:5D:E4:D8
            X509v3 Authority Key Identifier:
                keyid:73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:be:00:6b:52:42:59:b9:49:9b:5e:6f:e2:88:d7:e4:02:58:
         40:0e:a8:57:a7:f9:dd:10:a4:4d:0c:a4:47:a5:18:a0:c8:1e:
         36:1d:fc:be:60:4e:eb:67:c0:67:dd:09:28:19:47:b6:90:13:
         ea:97:4f:fa:28:ee:f0:0b:ac:e4:52:21:cf:7e:3d:67:f7:0a:
         17:fb:90:29:8f:85:0b:6c:89:63:02:cc:68:95:74:7d:d4:78:
         ba:e1:74:e7:a7:c3:71:37:43:ae:dc:26:48:45:0e:70:63:d1:
         ca:8e:9a:83:73:0b:d5:e6:a7:9f:c6:d2:44:61:bd:a4:6b:e4:
         10:29:29:95:1d:78:a1:be:2e:4f:be:bc:f4:5f:01:b0:de:14:
         3c:ef:cd:b2:c8:26:a0:7e:3a:ea:9b:81:72:7b:1d:c9:26:25:
         5d:45:4c:67:f6:f8:28:02:6d:59:62:8d:de:d5:f2:02:2d:aa:
         6a:a9:8a:50:37:b8:ee:8e:01:04:3f:16:48:77:61:82:58:30:
         74:11:74:a8:72:24:37:0e:d8:cb:65:a6:87:f1:2f:df:38:0b:
         f9:fe:b7:f1:f1:a0:55:da:37:d1:7d:aa:a7:17:ad:6b:5b:23:
         db:92:0c:f5:45:bd:8d:28:12:51:92:02:2c:ec:fb:a9:3f:be:
         9d:dc:79:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHduVIw/QV+h7jWZzJC/BLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDM4Y2RjNjI1MjJlNDg0YjA2MTVjNDI0MWM3ZTdhYTgy
MWQ4ZDYwHhcNMjUwNzI2MTYwMDMwWhcNMjUwNzI3MTYwMDMwWjAzMTEwLwYDVQQD
EygxYWFkMDRmNmU2MDI4OTBiNWM0ZTNhZmVmZjI0Mjc5YmY1NWRlNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uaw9QToIccmX23OsnD7LpKu9Kjg
sIy5ut6IjyJu6xX7oZ7yvsFdVUmGBF63jRjIViade8dYmf3gO0DZlwd5wHMhfaIb
MSpZVQ8IIKWBVbDErEUGEEFnPXJIVhWuwFgLIPM36j9Pf+auBFmdJICAO2eUFS5u
gHRbOqnUvVEDEvc3Wi7GO0hgpt/jgJy0rRvMYi1YipAafx66eeMfLBVzoTIZ5Oma
kyaMs/SmOJpDkV7dYgQDlY4MXYsJ/HD0yXprgff1nAAtfMws5NonnlMBJwIGGlx8
KIHe2QkY3DRlN+y04pqL0Bj5JFkArfUZ//7H/szf2old7K1rIH+2qkWIpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqtBPbmAokLXE46/v8kJ5v1XeTYMB8GA1UdIwQY
MBaAFHMDjNxiUi5ISwYVxCQcfnqoIdjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjIt
MjkyOWI5ZjFkMTViLzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjItMjkyOWI5ZjFkMTVi
LzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALr4Aa1JC
WblJm15v4ojX5AJYQA6oV6f53RCkTQykR6UYoMgeNh38vmBO62fAZ90JKBlHtpAT
6pdP+iju8Aus5FIhz349Z/cKF/uQKY+FC2yJYwLMaJV0fdR4uuF056fDcTdDrtwm
SEUOcGPRyo6ag3ML1eann8bSRGG9pGvkECkplR14ob4uT7689F8BsN4UPO/Nssgm
oH466puBcnsdySYlXUVMZ/b4KAJtWWKN3tXyAi2qaqmKUDe47o4BBD8WSHdhglgw
dBF0qHIkNw7Yy2Wmh/Ev3zgL+f638fGgVdo30X2qpxeta1sj25IM9UW9jSgSUZIC
LOz7qT++ndx5lg==
-----END CERTIFICATE-----