Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          ReJt2HhAaZXDCrGYIP70J91oy82+x0R5sRp084QQST4=
Subject key identifier:   11:D4:FC:26:AB:B0:E8:9D:E2:90:72:25:27:7D:22:84:05:FC:FC:0C
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       019922C3204B6F03C5C871BA75C739834797
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          0330
Signing time:             Sun 07 Sep 2025 06:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:37 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: tFRrRc48+VsH65Y7JwunNLgU8jBb432gUQBZFJfPvtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:20:4b:6f:03:c5:c8:71:ba:75:c7:39:83:47:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Sep  7 06:00:37 2025 GMT
            Not After : Sep  8 06:00:37 2025 GMT
        Subject: CN=11d4fc26abb0e89de2907225277d228405fcfc0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bd:9b:93:22:b4:18:a4:2e:90:60:24:09:8a:
                    ad:45:46:93:3b:d1:84:1d:e4:26:ac:fc:ee:c7:3c:
                    6b:e0:36:3c:d2:97:5c:17:66:5b:22:f4:7b:29:87:
                    12:8b:d6:fa:a9:08:41:40:57:50:4d:67:b4:f8:67:
                    bc:b5:93:fa:e3:84:1e:e9:3b:34:19:82:cf:df:59:
                    a0:bc:c3:85:5c:7c:5d:19:c5:ff:18:32:14:96:be:
                    92:f2:4f:c8:4f:71:cc:ce:85:e5:58:23:8c:e8:44:
                    af:e3:ac:a3:5d:b3:33:99:a2:fd:9f:cb:05:56:7d:
                    85:2d:a1:fe:de:3c:91:9f:a4:65:f2:9e:6b:0e:25:
                    8e:b4:54:28:7a:ef:5e:1a:0c:18:6c:0b:e5:b3:69:
                    f6:f4:64:82:13:2a:65:8f:bd:29:3a:57:aa:80:31:
                    67:9d:c7:ed:92:70:72:5a:a4:d9:ab:30:e1:17:ab:
                    56:be:67:23:f6:9e:30:11:03:35:25:50:27:4a:12:
                    a2:2a:b7:0f:99:75:51:e5:a4:59:47:38:3f:19:64:
                    15:4b:76:62:92:e8:98:d7:bd:75:f4:d4:47:bb:73:
                    f5:6b:c1:e2:98:28:57:6f:63:a8:85:df:1f:ea:0b:
                    ed:81:29:c0:fa:7e:c7:3b:dd:62:23:1e:25:cb:5a:
                    24:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D4:FC:26:AB:B0:E8:9D:E2:90:72:25:27:7D:22:84:05:FC:FC:0C
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:d4:fe:3a:f1:57:0e:8f:d4:59:cb:b7:87:86:5f:d6:92:89:
         f1:2e:bf:56:5d:f1:a9:fb:4c:ee:2d:08:14:4c:04:b1:76:41:
         c6:0b:be:ed:34:52:ef:9c:07:25:00:1f:41:2f:70:c9:4b:1a:
         b2:72:ea:bd:49:24:dc:bc:b1:89:9f:15:18:d3:91:d8:ed:6e:
         11:38:d0:c6:7f:b7:b9:cd:44:d1:5e:92:c7:99:99:88:ec:18:
         70:08:1a:17:51:a5:23:4b:7b:00:da:6b:72:4f:90:1b:5a:10:
         f8:e3:9f:e4:f2:10:9b:ba:c8:04:12:e9:4d:a8:ca:a3:99:c9:
         51:a0:3a:c0:a5:d1:ba:e4:e6:3a:60:52:85:1a:f2:f3:6c:41:
         32:e7:9d:df:05:1d:ee:4d:ba:74:3d:07:38:d1:03:d3:a1:99:
         d9:b2:37:bc:3e:03:d1:47:f0:dc:35:87:76:d8:04:60:b1:2a:
         aa:4e:08:ff:58:3a:aa:49:6f:04:e9:33:d6:d2:b7:1d:f3:bd:
         d2:e1:98:0d:25:d1:e6:3f:87:c3:be:6e:92:0f:d7:1c:8d:f9:
         18:cf:58:e8:5c:ed:09:5d:49:7c:b6:0d:95:4b:f6:c1:4f:02:
         7a:3b:75:f0:89:04:2b:87:f4:ce:94:ad:dd:94:7c:83:f7:ca:
         bf:f1:d4:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwyBLbwPFyHG6dcc5g0eXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwOTA3MDYwMDM3WhcNMjUwOTA4MDYwMDM3WjAzMTEwLwYDVQQD
EygxMWQ0ZmMyNmFiYjBlODlkZTI5MDcyMjUyNzdkMjI4NDA1ZmNmYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl72bkyK0GKQukGAkCYqtRUaTO9GE
HeQmrPzuxzxr4DY80pdcF2ZbIvR7KYcSi9b6qQhBQFdQTWe0+Ge8tZP644Qe6Ts0
GYLP31mgvMOFXHxdGcX/GDIUlr6S8k/IT3HMzoXlWCOM6ESv46yjXbMzmaL9n8sF
Vn2FLaH+3jyRn6Rl8p5rDiWOtFQoeu9eGgwYbAvls2n29GSCEyplj70pOleqgDFn
ncftknByWqTZqzDhF6tWvmcj9p4wEQM1JVAnShKiKrcPmXVR5aRZRzg/GWQVS3Zi
kuiY17119NRHu3P1a8HimChXb2Oohd8f6gvtgSnA+n7HO91iIx4ly1ok2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHU/CarsOid4pByJSd9IoQF/PwMMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANdT+OvFX
Do/UWcu3h4Zf1pKJ8S6/Vl3xqftM7i0IFEwEsXZBxgu+7TRS75wHJQAfQS9wyUsa
snLqvUkk3LyxiZ8VGNOR2O1uETjQxn+3uc1E0V6Sx5mZiOwYcAgaF1GlI0t7ANpr
ck+QG1oQ+OOf5PIQm7rIBBLpTajKo5nJUaA6wKXRuuTmOmBShRry82xBMued3wUd
7k26dD0HONED06GZ2bI3vD4D0Ufw3DWHdtgEYLEqqk4I/1g6qklvBOkz1tK3HfO9
0uGYDSXR5j+Hw75ukg/XHI35GM9Y6FztCV1JfLYNlUv2wU8Cejt18IkEK4f0zpSt
3ZR8g/fKv/HUXQ==
-----END CERTIFICATE-----