Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          3ilY38QUAOwOyiAPuHT8nTvMTixC2STrCWcqKF8hKRc=
Subject key identifier:   B1:0C:53:0C:19:37:7E:18:D5:A7:52:BB:B3:73:BA:82:10:71:1C:E8
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       01992CA2AB45165A6DD993A4C6EB7149A98B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1675
Signing time:             Tue 09 Sep 2025 04:01:22 +0000
Manifest this update:     Tue 09 Sep 2025 04:01:22 +0000
Manifest next update:     Wed 10 Sep 2025 04:01:22 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: bSPCOF5noFfBklsDX+jFkU5/3OVWp56P08XHHIFKwog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 09 Sep 2025 23:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:2c:a2:ab:45:16:5a:6d:d9:93:a4:c6:eb:71:49:a9:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Sep  9 04:01:22 2025 GMT
            Not After : Sep 10 04:01:22 2025 GMT
        Subject: CN=b10c530c19377e18d5a752bbb373ba8210711ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:2f:db:73:83:0c:08:bc:47:cb:0c:4e:f9:67:
                    2e:df:24:ba:cd:4c:43:30:5b:82:58:e2:7a:6c:3c:
                    f3:d7:18:cd:9b:7e:2b:50:0d:0b:e5:a4:be:bc:19:
                    73:c7:6f:94:ae:8a:a4:02:ea:50:9f:5c:06:6b:ea:
                    2a:f8:44:ab:98:88:b7:ba:70:e7:24:55:c6:5b:ce:
                    89:da:c9:f7:da:a0:80:6b:66:c3:b7:a2:dc:63:a6:
                    62:bb:c5:b3:7d:aa:a1:ce:1c:ea:97:24:b1:bc:b0:
                    f6:a2:17:4c:a7:2a:31:52:4d:0e:50:1c:14:d3:f8:
                    27:a6:02:d9:6e:f2:d6:d2:f5:e0:9a:25:9f:78:9e:
                    13:c1:0f:8e:be:fa:f4:0a:91:89:fc:2e:11:b9:f5:
                    14:ad:f9:ca:f8:5c:7d:e2:65:64:ac:23:60:f3:57:
                    4e:46:9f:ca:e0:40:22:76:af:18:3e:d3:f3:85:99:
                    11:9f:bb:e2:d7:a2:79:a7:59:30:04:38:04:5f:3d:
                    46:2b:08:f9:04:fa:80:91:fe:f1:3b:7f:9a:88:5a:
                    c5:67:ed:4e:79:65:53:42:d3:0f:8e:e4:6a:d6:8c:
                    63:c0:a5:ef:c8:79:ac:4e:94:9e:10:ae:a8:95:28:
                    44:a9:24:eb:04:53:c0:41:cb:d1:f1:2e:45:33:25:
                    b1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:0C:53:0C:19:37:7E:18:D5:A7:52:BB:B3:73:BA:82:10:71:1C:E8
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:20:4b:55:b1:b5:9f:ad:93:4c:98:9a:cb:bb:1d:d0:1d:60:
         76:66:10:72:f9:fd:6b:75:d5:ae:1c:3f:f4:8a:2a:8f:85:78:
         05:5e:96:51:01:c8:d3:9d:3a:d1:7e:76:7c:3c:ed:8b:00:a2:
         f5:04:43:3a:38:7b:56:7f:3a:46:c6:44:d0:01:20:0e:d1:73:
         8e:f9:77:90:2b:bc:f4:6b:7d:22:be:ae:7d:f0:58:31:b5:97:
         47:24:a1:20:b9:c2:50:c6:4a:35:ae:38:7e:61:72:fa:dd:02:
         54:fa:c8:fc:24:75:f3:72:2a:48:f1:63:45:f0:1b:1e:1f:c3:
         72:28:86:d0:86:d0:c6:d3:f7:11:e1:46:b2:08:81:5e:71:42:
         39:5e:70:db:3c:04:6d:8f:e8:c3:71:b5:25:28:e9:9a:fb:67:
         3d:86:20:87:42:9a:7e:a9:e8:92:ab:8c:09:59:3d:a3:90:49:
         03:15:b8:c9:99:d1:9b:eb:4c:98:c6:03:e3:ed:ee:62:d9:cc:
         d7:4c:97:8f:92:99:59:b4:ca:7f:1c:8b:6a:7c:ca:ca:7b:10:
         18:8f:77:5f:60:3f:26:60:40:fe:19:c4:01:8b:c2:5d:21:6c:
         af:65:87:f2:5c:77:34:42:c6:9b:51:5a:df:0e:ab:01:0a:fa:
         d7:7c:14:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZksoqtFFlpt2ZOkxutxSamLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwOTA5MDQwMTIyWhcNMjUwOTEwMDQwMTIyWjAzMTEwLwYDVQQD
EyhiMTBjNTMwYzE5Mzc3ZTE4ZDVhNzUyYmJiMzczYmE4MjEwNzExY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+C/bc4MMCLxHywxO+Wcu3yS6zUxD
MFuCWOJ6bDzz1xjNm34rUA0L5aS+vBlzx2+UroqkAupQn1wGa+oq+ESrmIi3unDn
JFXGW86J2sn32qCAa2bDt6LcY6Ziu8WzfaqhzhzqlySxvLD2ohdMpyoxUk0OUBwU
0/gnpgLZbvLW0vXgmiWfeJ4TwQ+Ovvr0CpGJ/C4RufUUrfnK+Fx94mVkrCNg81dO
Rp/K4EAidq8YPtPzhZkRn7vi16J5p1kwBDgEXz1GKwj5BPqAkf7xO3+aiFrFZ+1O
eWVTQtMPjuRq1oxjwKXvyHmsTpSeEK6olShEqSTrBFPAQcvR8S5FMyWxLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEMUwwZN34Y1adSu7NzuoIQcRzoMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCBLVbG1
n62TTJiay7sd0B1gdmYQcvn9a3XVrhw/9Ioqj4V4BV6WUQHI05060X52fDztiwCi
9QRDOjh7Vn86RsZE0AEgDtFzjvl3kCu89Gt9Ir6uffBYMbWXRyShILnCUMZKNa44
fmFy+t0CVPrI/CR183IqSPFjRfAbHh/DciiG0IbQxtP3EeFGsgiBXnFCOV5w2zwE
bY/ow3G1JSjpmvtnPYYgh0KafqnokquMCVk9o5BJAxW4yZnRm+tMmMYD4+3uYtnM
10yXj5KZWbTKfxyLanzKynsQGI93X2A/JmBA/hnEAYvCXSFsr2WH8lx3NELGm1Fa
3w6rAQr613wU6g==
-----END CERTIFICATE-----