Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          qFXpeyTwRrhPTRrZh+iWGH5kIZIud10fjdUp4UWU57E=
Subject key identifier:   C2:72:98:A7:9E:2F:E4:A4:A2:B5:F9:16:14:F6:A3:11:63:71:DF:D3
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       019921B070CD9F6B8D7624F58521F5387A5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0DD1
Signing time:             Sun 07 Sep 2025 01:00:35 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:35 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:35 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: Eiz1Mc5DhEU2xt9/gxKOi6GtLHcZX/IQYjJgVWFdXVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:70:cd:9f:6b:8d:76:24:f5:85:21:f5:38:7a:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Sep  7 01:00:35 2025 GMT
            Not After : Sep  8 01:00:35 2025 GMT
        Subject: CN=c27298a79e2fe4a4a2b5f91614f6a3116371dfd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:77:1b:fe:b3:08:d9:ef:c4:4a:be:2b:bd:e3:
                    0e:d6:af:b2:50:db:92:0a:b1:57:db:89:8f:b0:c0:
                    76:b0:9c:19:ab:12:55:88:35:a6:f6:69:c1:05:be:
                    9b:38:56:5e:0b:d6:1c:72:f5:f8:ce:45:a0:54:22:
                    62:2d:d8:73:21:04:0e:05:2b:6d:04:e4:7c:c2:8c:
                    de:34:33:a6:3e:7c:27:3b:22:e8:ad:d1:2d:16:58:
                    bd:f7:29:1d:3d:a3:0a:6d:eb:29:ea:63:b8:c0:0d:
                    a8:58:75:64:e8:a0:ac:80:78:1a:3c:f4:84:4a:f6:
                    9a:57:85:03:6d:23:85:5e:1a:ed:86:79:07:3c:f9:
                    80:56:58:e9:72:0d:79:29:1a:52:09:6c:ed:6f:6e:
                    86:73:f4:dd:47:0a:b5:ec:1c:a4:61:c8:b6:67:ea:
                    49:40:4a:7d:aa:67:a8:b3:e8:3c:5d:f5:3a:3d:9d:
                    aa:a3:57:c8:50:af:30:94:a4:be:8e:75:3e:0c:8a:
                    a6:77:47:8b:aa:ba:76:21:a9:8a:c3:f5:5f:87:00:
                    25:8b:5b:48:4b:62:dd:52:94:48:2f:8a:bd:47:e7:
                    11:48:08:e5:10:56:82:e8:64:51:69:95:51:e2:e7:
                    d6:e9:cf:e4:d5:55:24:1a:6d:b3:48:8f:ae:bf:ef:
                    a9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:72:98:A7:9E:2F:E4:A4:A2:B5:F9:16:14:F6:A3:11:63:71:DF:D3
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a4:ee:72:58:af:57:87:f0:27:49:bb:b7:ae:e6:35:f9:57:
         8d:8d:5a:44:7d:23:f9:61:e3:31:7a:a7:e5:a3:65:1f:60:ea:
         59:7f:67:ca:64:e4:7d:1f:18:0d:ff:d9:65:85:69:74:6a:8d:
         75:ba:0b:a1:71:5e:3c:97:9e:d9:13:62:4c:7b:c4:fe:41:ad:
         1b:ac:59:2d:84:9d:64:12:05:d5:58:b0:12:6f:97:a8:56:a9:
         81:50:99:28:fb:61:b1:b4:7e:75:4a:f4:40:00:9f:5a:0c:f0:
         4e:27:66:ed:50:99:56:67:23:68:e8:82:dc:10:61:9b:cd:77:
         d4:bc:4f:9e:f7:1e:fd:2f:ac:fd:61:f6:fb:6c:fd:a9:d8:9e:
         9c:f7:57:49:f5:c4:7c:07:97:b6:de:ec:50:15:88:81:40:bf:
         aa:ad:3d:9e:80:a9:d8:63:fb:f5:3c:7b:e8:59:40:a9:f0:5d:
         28:52:12:19:60:17:40:3c:60:f7:3b:db:24:64:3f:81:34:b3:
         57:59:9a:5b:21:e9:8a:ce:93:35:a0:a9:5c:47:8e:7f:c6:bd:
         a3:45:a8:ca:c9:31:bb:98:81:96:d0:06:4a:f1:96:90:5f:2e:
         ff:dc:a3:1a:d0:48:ee:8c:74:e1:3c:50:93:03:4c:84:5f:cd:
         ff:dd:c0:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsHDNn2uNdiT1hSH1OHpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjUwOTA3MDEwMDM1WhcNMjUwOTA4MDEwMDM1WjAzMTEwLwYDVQQD
EyhjMjcyOThhNzllMmZlNGE0YTJiNWY5MTYxNGY2YTMxMTYzNzFkZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xcb/rMI2e/ESr4rveMO1q+yUNuS
CrFX24mPsMB2sJwZqxJViDWm9mnBBb6bOFZeC9YccvX4zkWgVCJiLdhzIQQOBStt
BOR8wozeNDOmPnwnOyLordEtFli99ykdPaMKbesp6mO4wA2oWHVk6KCsgHgaPPSE
SvaaV4UDbSOFXhrthnkHPPmAVljpcg15KRpSCWztb26Gc/TdRwq17BykYci2Z+pJ
QEp9qmeos+g8XfU6PZ2qo1fIUK8wlKS+jnU+DIqmd0eLqrp2IamKw/VfhwAli1tI
S2LdUpRIL4q9R+cRSAjlEFaC6GRRaZVR4ufW6c/k1VUkGm2zSI+uv++pjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJymKeeL+SkorX5FhT2oxFjcd/TMB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKTucliv
V4fwJ0m7t67mNflXjY1aRH0j+WHjMXqn5aNlH2DqWX9nymTkfR8YDf/ZZYVpdGqN
dboLoXFePJee2RNiTHvE/kGtG6xZLYSdZBIF1ViwEm+XqFapgVCZKPthsbR+dUr0
QACfWgzwTidm7VCZVmcjaOiC3BBhm8131LxPnvce/S+s/WH2+2z9qdienPdXSfXE
fAeXtt7sUBWIgUC/qq09noCp2GP79Tx76FlAqfBdKFISGWAXQDxg9zvbJGQ/gTSz
V1maWyHpis6TNaCpXEeOf8a9o0Woyskxu5iBltAGSvGWkF8u/9yjGtBI7ox04TxQ
kwNMhF/N/93A+g==
-----END CERTIFICATE-----