Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          e2nxsyhhwVEIsy4eXdMhWr30MVYCuxPSAyYuCTYglJs=
Subject key identifier:   C7:2D:6E:66:57:73:C6:5C:27:CD:81:07:97:E2:07:AD:D2:85:AD:6C
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       01988467FA9909771229541491ECBE7DE7F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          02DE
Signing time:             Thu 07 Aug 2025 12:01:03 +0000
Manifest this update:     Thu 07 Aug 2025 12:01:03 +0000
Manifest next update:     Fri 08 Aug 2025 12:01:03 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: 2APLakFGNXijSqUuW/X93/E/TpkRGsTlDqm8ofhE7oA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:84:67:fa:99:09:77:12:29:54:14:91:ec:be:7d:e7:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Aug  7 12:01:03 2025 GMT
            Not After : Aug  8 12:01:03 2025 GMT
        Subject: CN=c72d6e665773c65c27cd810797e207add285ad6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:83:5e:cb:87:c6:35:5e:ca:de:a6:87:7c:45:
                    0e:78:79:ba:93:ec:c3:3b:07:36:d6:9a:35:93:1c:
                    32:1c:b0:4d:3e:fa:db:5b:e1:4b:c6:03:a6:a8:a2:
                    0c:be:cd:45:5b:2a:f3:e8:b9:96:df:0b:08:f2:b5:
                    98:d5:d6:87:8c:08:4b:0e:02:47:41:69:a4:67:77:
                    1e:97:e6:1d:fb:fd:fa:74:b5:39:9e:e8:56:c1:7d:
                    7a:9f:76:83:88:e8:28:64:fb:21:63:c9:71:0b:2c:
                    37:cd:01:ba:b8:49:cb:ce:93:0b:a7:2a:c2:dd:b5:
                    ce:90:b2:12:ff:a3:27:a4:ea:c0:48:e4:de:ef:ce:
                    32:e9:66:50:58:ef:b4:c1:e3:39:ef:a1:0e:14:9a:
                    8e:11:0c:b6:e8:39:d5:2a:cc:e2:78:79:01:ff:6a:
                    8b:70:38:2a:13:8c:9e:f2:7c:0f:73:3d:0d:63:4d:
                    8b:46:37:6d:63:5e:fd:52:c8:e7:46:c3:33:2f:05:
                    a8:1a:f3:e5:b3:2a:84:d7:99:6d:37:b6:93:fd:b9:
                    e9:65:30:83:2e:52:08:76:01:e6:c3:e3:1c:e7:f8:
                    c3:82:1d:32:3d:95:9d:60:64:7c:51:59:e2:81:e2:
                    57:72:0e:18:cb:22:e3:e1:3d:96:33:9b:2d:cd:b8:
                    38:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2D:6E:66:57:73:C6:5C:27:CD:81:07:97:E2:07:AD:D2:85:AD:6C
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:75:bb:88:a2:2c:a2:42:0c:d2:69:d0:88:5a:41:76:f0:ea:
         a0:59:68:10:a9:3f:fc:c2:8a:0d:c9:16:a2:33:d4:f9:f4:29:
         94:8d:e0:94:37:b8:09:2e:31:7d:e3:ca:61:3e:4a:62:13:02:
         9b:94:de:e3:22:57:5a:c1:53:a9:72:88:96:45:d6:2d:55:ea:
         13:dc:b2:4d:6f:3e:2b:fc:8f:62:fd:e5:ad:b2:3f:3b:3b:00:
         d9:69:df:21:0c:a0:f0:0b:5e:8c:9e:2e:fd:8d:5d:54:b9:0c:
         d0:87:f8:ea:ef:46:d4:de:01:36:f4:87:86:45:3b:4b:52:64:
         2a:c4:ef:e4:76:c3:b7:42:a2:49:77:63:e0:51:ce:c4:0c:00:
         e7:25:9a:7d:72:a2:e4:9c:10:e1:6d:39:f2:28:25:98:03:ce:
         a3:0b:9e:07:a8:8e:08:b8:e8:18:30:7f:da:c7:3d:b5:45:10:
         6c:23:89:7e:2a:c6:96:43:25:4c:54:5b:77:18:16:34:73:dc:
         8c:e1:55:4b:2d:03:c9:d8:fc:fe:a1:75:8c:02:6e:bb:cf:2f:
         fc:4a:c0:1b:f8:da:e1:fe:bd:1f:23:e0:f0:2a:45:5b:43:2d:
         65:09:db:be:33:2a:45:8d:d3:a5:10:6b:80:7c:c7:ce:ef:e8:
         7a:2b:4c:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiEZ/qZCXcSKVQUkey+fef2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwODA3MTIwMTAzWhcNMjUwODA4MTIwMTAzWjAzMTEwLwYDVQQD
EyhjNzJkNmU2NjU3NzNjNjVjMjdjZDgxMDc5N2UyMDdhZGQyODVhZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3INey4fGNV7K3qaHfEUOeHm6k+zD
Owc21po1kxwyHLBNPvrbW+FLxgOmqKIMvs1FWyrz6LmW3wsI8rWY1daHjAhLDgJH
QWmkZ3cel+Yd+/36dLU5nuhWwX16n3aDiOgoZPshY8lxCyw3zQG6uEnLzpMLpyrC
3bXOkLIS/6MnpOrASOTe784y6WZQWO+0weM576EOFJqOEQy26DnVKszieHkB/2qL
cDgqE4ye8nwPcz0NY02LRjdtY179UsjnRsMzLwWoGvPlsyqE15ltN7aT/bnpZTCD
LlIIdgHmw+Mc5/jDgh0yPZWdYGR8UVnigeJXcg4YyyLj4T2WM5stzbg4iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMctbmZXc8ZcJ82BB5fiB63Sha1sMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa3W7iKIs
okIM0mnQiFpBdvDqoFloEKk//MKKDckWojPU+fQplI3glDe4CS4xfePKYT5KYhMC
m5Te4yJXWsFTqXKIlkXWLVXqE9yyTW8+K/yPYv3lrbI/OzsA2WnfIQyg8AtejJ4u
/Y1dVLkM0If46u9G1N4BNvSHhkU7S1JkKsTv5HbDt0KiSXdj4FHOxAwA5yWafXKi
5JwQ4W058iglmAPOowueB6iOCLjoGDB/2sc9tUUQbCOJfirGlkMlTFRbdxgWNHPc
jOFVSy0Dydj8/qF1jAJuu88v/ErAG/ja4f69HyPg8CpFW0MtZQnbvjMqRY3TpRBr
gHzHzu/oeitMtQ==
-----END CERTIFICATE-----