Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          uLtlAtzRTLzyGPkvJcEewFR6tYNAFchsF1r0ABhNe0I=
Subject key identifier:   18:93:2E:1E:5C:53:73:5D:88:B4:E6:11:E6:41:DB:31:83:A0:CA:D1
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       0197D39810F16CB3625A0CEF9344935FE68C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          08A5
Signing time:             Fri 04 Jul 2025 04:00:47 +0000
Manifest this update:     Fri 04 Jul 2025 04:00:47 +0000
Manifest next update:     Sat 05 Jul 2025 04:00:47 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: KXZdIafeKmb+VPBOwle2buAFYk2b91XhHgVsgnNIHHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d3:98:10:f1:6c:b3:62:5a:0c:ef:93:44:93:5f:e6:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Jul  4 04:00:47 2025 GMT
            Not After : Jul  5 04:00:47 2025 GMT
        Subject: CN=18932e1e5c53735d88b4e611e641db3183a0cad1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:76:01:f2:5d:ce:77:85:c8:22:53:9d:e1:0a:
                    6d:82:0f:3c:ca:57:63:4a:82:da:ae:5b:4d:c5:81:
                    a9:41:0a:8b:a6:cd:f2:12:1d:71:70:00:25:e7:f1:
                    ab:24:8a:33:9e:d9:b3:a1:a7:ef:4f:3d:26:a0:79:
                    b9:54:d8:37:e6:c8:62:a3:14:af:8d:04:f8:93:d9:
                    90:5a:91:4a:22:24:52:85:28:78:1d:6c:f8:1c:9a:
                    40:55:11:47:55:b7:97:d5:fa:ac:f1:4e:d6:4d:b7:
                    4e:2d:24:b5:d2:08:3a:77:c0:5b:4c:2c:f9:39:0c:
                    60:55:71:bb:28:ef:f5:02:51:c5:05:18:c3:27:30:
                    e7:3b:94:19:f5:7e:f5:4b:50:b7:c0:a6:6d:6d:57:
                    b6:58:8e:1a:34:03:9c:24:ad:a3:47:f4:37:74:83:
                    f5:9c:1b:3c:56:a0:37:ec:48:f3:f3:1c:95:2f:f5:
                    10:00:aa:32:5f:4e:5d:06:b7:79:41:0f:f0:0b:85:
                    23:ef:42:bc:1e:fd:fd:fa:17:d2:54:e6:37:9d:80:
                    e9:09:c5:89:3a:6a:2c:b7:52:ef:e4:ea:1a:30:46:
                    f4:74:a0:84:5b:61:af:1b:32:f9:8c:dc:66:c3:9d:
                    c7:80:39:6d:27:44:b5:62:ae:be:76:bd:06:3f:68:
                    2d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:93:2E:1E:5C:53:73:5D:88:B4:E6:11:E6:41:DB:31:83:A0:CA:D1
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:a2:55:d5:e6:73:dd:18:ec:aa:34:e3:a8:6e:34:07:96:1f:
         e2:a9:a9:ba:7d:4f:f9:ee:f3:a7:ad:ea:21:68:42:cd:e8:19:
         1a:15:32:b5:83:37:93:bc:99:00:51:34:d7:da:da:cb:64:d4:
         a1:40:bc:ae:5d:2b:ca:e0:ea:e6:ec:88:42:09:a7:ee:20:bb:
         bd:c0:e2:4d:14:e5:71:23:65:f6:d9:30:43:3e:1a:bb:90:83:
         4d:0a:66:15:01:ba:2f:df:d4:6f:22:01:5d:28:a6:e0:f2:c5:
         2e:1a:5e:e4:2a:fe:a8:59:8c:9c:22:91:30:0f:3a:4e:62:d0:
         ad:0d:db:52:52:e3:e4:1d:7b:a9:e6:06:58:69:6b:e8:04:55:
         d3:5e:7a:9a:aa:60:d7:3b:e0:6f:e3:79:3f:97:c0:dd:70:d9:
         70:0b:61:63:3f:59:4d:25:fb:2d:3f:af:04:e4:f4:38:53:85:
         56:c2:9b:4f:c0:41:e2:6f:13:e2:b7:71:6c:a4:47:5c:3e:5f:
         f3:a2:10:e5:35:ef:fd:95:f7:c6:45:c6:36:cf:f7:54:af:14:
         8b:27:9b:9c:a8:78:87:df:07:10:55:22:ba:30:10:a4:57:b2:
         e1:05:b3:90:23:5a:b0:68:6e:3a:19:72:44:20:9b:48:58:10:
         c1:b4:3d:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfTmBDxbLNiWgzvk0STX+aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjUwNzA0MDQwMDQ3WhcNMjUwNzA1MDQwMDQ3WjAzMTEwLwYDVQQD
EygxODkzMmUxZTVjNTM3MzVkODhiNGU2MTFlNjQxZGIzMTgzYTBjYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHYB8l3Od4XIIlOd4Qptgg88yldj
SoLarltNxYGpQQqLps3yEh1xcAAl5/GrJIozntmzoafvTz0moHm5VNg35shioxSv
jQT4k9mQWpFKIiRShSh4HWz4HJpAVRFHVbeX1fqs8U7WTbdOLSS10gg6d8BbTCz5
OQxgVXG7KO/1AlHFBRjDJzDnO5QZ9X71S1C3wKZtbVe2WI4aNAOcJK2jR/Q3dIP1
nBs8VqA37Ejz8xyVL/UQAKoyX05dBrd5QQ/wC4Uj70K8Hv39+hfSVOY3nYDpCcWJ
Omost1Lv5OoaMEb0dKCEW2GvGzL5jNxmw53HgDltJ0S1Yq6+dr0GP2gtrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiTLh5cU3NdiLTmEeZB2zGDoMrRMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqJV1eZz
3RjsqjTjqG40B5Yf4qmpun1P+e7zp63qIWhCzegZGhUytYM3k7yZAFE019ray2TU
oUC8rl0ryuDq5uyIQgmn7iC7vcDiTRTlcSNl9tkwQz4au5CDTQpmFQG6L9/UbyIB
XSim4PLFLhpe5Cr+qFmMnCKRMA86TmLQrQ3bUlLj5B17qeYGWGlr6ARV0156mqpg
1zvgb+N5P5fA3XDZcAthYz9ZTSX7LT+vBOT0OFOFVsKbT8BB4m8T4rdxbKRHXD5f
86IQ5TXv/ZX3xkXGNs/3VK8UiyebnKh4h98HEFUiujAQpFey4QWzkCNasGhuOhly
RCCbSFgQwbQ9RQ==
-----END CERTIFICATE-----