Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          Daq1sQOlhRDU2zKJMPE32+tLgY2eqFnWMnNnIEi2qOE=
Subject key identifier:   B0:4D:C5:6C:17:EC:86:98:00:83:D6:8E:69:09:1B:E4:31:65:CF:51
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       01992255CF6520E95F574926A70808C89240
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          15AD
Signing time:             Sun 07 Sep 2025 04:01:12 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:12 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:12 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: 6m8ibwk/4ZxI4RCcRiwuRvw67pN0ZYxACxiv69zemRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:cf:65:20:e9:5f:57:49:26:a7:08:08:c8:92:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Sep  7 04:01:12 2025 GMT
            Not After : Sep  8 04:01:12 2025 GMT
        Subject: CN=b04dc56c17ec86980083d68e69091be43165cf51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e9:21:13:3e:3a:57:8e:b3:5e:ee:3a:ec:49:
                    bf:16:4a:63:13:f4:4c:06:1b:b0:fe:17:09:c1:d7:
                    8d:62:ee:18:11:23:c7:4d:35:cb:39:d9:d0:88:ec:
                    98:cc:37:f8:ca:80:1f:16:92:90:f0:ee:37:36:45:
                    aa:49:b7:58:a5:67:5d:f6:a3:45:f7:05:98:47:2d:
                    a6:d4:15:dc:ce:e5:ed:9a:4e:82:58:6a:66:48:8d:
                    02:93:6f:05:b4:50:42:21:9b:9a:99:2d:89:fa:9d:
                    a6:c1:d2:6f:a9:b8:7e:17:95:a4:90:cd:7b:bc:a9:
                    ee:e2:b4:b2:47:06:98:cf:c5:81:20:63:f7:d8:07:
                    25:01:ba:7f:70:6c:40:85:8f:42:cd:75:ca:4a:73:
                    4b:0e:a8:4e:12:d1:59:3a:28:87:1d:88:47:28:c0:
                    1f:eb:a7:1a:3a:69:38:cf:ef:ab:7b:1a:df:52:aa:
                    80:2d:1c:7f:f2:e2:2e:19:e6:55:6d:a9:da:a0:41:
                    c9:57:5a:fa:87:f7:38:a7:9a:8a:46:4b:42:d6:35:
                    69:79:b9:42:e5:01:0f:f1:59:b5:09:40:69:c0:be:
                    12:b9:40:1c:a3:6b:3f:ab:82:13:30:e1:4f:57:a9:
                    1f:e3:94:f3:fb:0d:24:83:ee:90:91:3c:56:98:c2:
                    a6:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:4D:C5:6C:17:EC:86:98:00:83:D6:8E:69:09:1B:E4:31:65:CF:51
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:12:40:49:9b:be:8a:21:a2:59:ff:cc:96:65:f5:e6:0c:19:
         c0:2d:57:29:46:6f:39:8b:bb:35:39:69:0b:75:2f:a2:a1:89:
         a1:b8:a8:6a:41:50:50:71:c7:cb:ca:4b:eb:b3:9b:85:91:12:
         3b:80:7b:53:89:d6:85:bd:1a:a9:5a:4d:f5:f4:03:95:fe:01:
         c6:ef:93:a7:d9:ac:44:52:a8:c0:fe:25:41:9d:6e:c4:48:8b:
         fe:6a:f8:43:bb:ec:fc:a4:ef:39:53:d6:8b:43:1d:df:fd:73:
         fe:20:0c:f8:8f:7e:9d:28:75:ac:46:fc:2e:76:d9:2e:8f:99:
         ed:30:90:97:b9:43:07:77:a3:25:39:70:7f:3c:24:20:61:3f:
         84:38:0e:c9:ef:14:18:01:e2:0e:9d:ae:91:fc:22:1c:7a:08:
         79:9f:8b:33:ff:61:45:f0:68:4a:5a:d4:f7:03:08:1d:1a:0a:
         6a:16:f4:b0:9e:1b:b2:40:55:4c:14:8c:83:7d:b0:0f:25:d0:
         09:98:f4:5c:f9:49:5f:54:9a:57:6a:08:8f:cc:d7:a1:c2:fa:
         cb:72:b6:a5:cf:da:5f:be:ba:2e:7c:a8:9d:58:38:f2:d9:f9:
         19:47:a8:f2:0d:c4:49:ac:6d:2d:02:61:3f:e5:ba:f4:48:55:
         8c:9f:59:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVc9lIOlfV0kmpwgIyJJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjUwOTA3MDQwMTEyWhcNMjUwOTA4MDQwMTEyWjAzMTEwLwYDVQQD
EyhiMDRkYzU2YzE3ZWM4Njk4MDA4M2Q2OGU2OTA5MWJlNDMxNjVjZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmukhEz46V46zXu467Em/FkpjE/RM
Bhuw/hcJwdeNYu4YESPHTTXLOdnQiOyYzDf4yoAfFpKQ8O43NkWqSbdYpWdd9qNF
9wWYRy2m1BXczuXtmk6CWGpmSI0Ck28FtFBCIZuamS2J+p2mwdJvqbh+F5WkkM17
vKnu4rSyRwaYz8WBIGP32AclAbp/cGxAhY9CzXXKSnNLDqhOEtFZOiiHHYhHKMAf
66caOmk4z++rexrfUqqALRx/8uIuGeZVbanaoEHJV1r6h/c4p5qKRktC1jVpeblC
5QEP8Vm1CUBpwL4SuUAco2s/q4ITMOFPV6kf45Tz+w0kg+6QkTxWmMKmMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBNxWwX7IaYAIPWjmkJG+QxZc9RMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBJASZu+
iiGiWf/MlmX15gwZwC1XKUZvOYu7NTlpC3UvoqGJobioakFQUHHHy8pL67ObhZES
O4B7U4nWhb0aqVpN9fQDlf4Bxu+Tp9msRFKowP4lQZ1uxEiL/mr4Q7vs/KTvOVPW
i0Md3/1z/iAM+I9+nSh1rEb8LnbZLo+Z7TCQl7lDB3ejJTlwfzwkIGE/hDgOye8U
GAHiDp2ukfwiHHoIeZ+LM/9hRfBoSlrU9wMIHRoKahb0sJ4bskBVTBSMg32wDyXQ
CZj0XPlJX1SaV2oIj8zXocL6y3K2pc/aX766LnyonVg48tn5GUeo8g3ESaxtLQJh
P+W69EhVjJ9Z+Q==
-----END CERTIFICATE-----