Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          LWvQplukuqbUFwZ/2Y1WmkEgRvBd3nfLeOqzruvqNMQ=
Subject key identifier:   60:63:80:1D:CB:7E:8E:A5:29:C0:58:7F:23:E2:71:1E:B7:71:6F:2D
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       01989F3AEE0B7B73F20AF0D0F13142FCE018
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          07EB
Signing time:             Tue 12 Aug 2025 17:01:35 +0000
Manifest this update:     Tue 12 Aug 2025 17:01:35 +0000
Manifest next update:     Wed 13 Aug 2025 17:01:35 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: gFmavz4XKDN+sC/W1yjaZjeSWLX1xrsoaPdcImyfbP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:ee:0b:7b:73:f2:0a:f0:d0:f1:31:42:fc:e0:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Aug 12 17:01:35 2025 GMT
            Not After : Aug 13 17:01:35 2025 GMT
        Subject: CN=6063801dcb7e8ea529c0587f23e2711eb7716f2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c0:08:e1:c7:f3:96:27:47:48:f5:11:1d:71:
                    81:a4:48:7f:c7:04:cb:08:cf:24:fd:df:e9:dd:f8:
                    a0:5c:ea:e3:6b:b5:aa:87:26:38:ab:a2:ce:eb:15:
                    c0:c0:e4:c2:96:d4:81:10:95:46:cb:e6:42:e2:e2:
                    4f:ee:96:ac:59:cb:81:73:6b:2c:2d:6b:72:78:21:
                    12:7e:25:25:bf:aa:0e:6d:53:ab:12:7f:36:c3:5a:
                    8b:02:3a:97:43:2b:a2:dc:82:69:87:69:f4:bf:65:
                    c2:72:2d:14:2b:90:a0:f5:f2:6b:25:e2:e0:a1:31:
                    cd:17:02:49:07:23:ab:11:ca:2a:a0:e4:56:71:93:
                    2d:3b:62:81:7a:c1:58:0a:fd:52:6f:24:3f:74:30:
                    f6:2d:1e:83:af:c3:e2:22:69:6b:61:9e:e0:88:2f:
                    d6:6b:3b:34:4b:59:87:5b:ac:53:20:f7:4f:24:39:
                    41:e0:4d:5a:53:92:41:b6:91:63:ce:12:33:06:80:
                    dd:7e:c9:2c:80:fa:1c:15:64:33:e7:b0:a4:2f:e7:
                    47:53:b1:9d:25:3f:6c:39:84:2f:e5:ec:a9:82:e3:
                    05:bc:41:23:66:4f:b4:c3:32:1c:ea:95:4e:38:1d:
                    da:dc:84:d8:7b:3c:f2:95:c2:f0:92:ed:2d:02:76:
                    72:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:63:80:1D:CB:7E:8E:A5:29:C0:58:7F:23:E2:71:1E:B7:71:6F:2D
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:6c:50:ce:dc:3d:11:e9:7e:3f:37:3f:c7:5f:63:a9:9d:9b:
         3e:35:0a:ea:c8:d2:05:35:68:30:8c:2f:d1:cf:fd:6f:12:a9:
         bc:1b:45:f0:60:3d:15:df:8e:3e:89:2a:f1:f3:87:0c:36:59:
         b1:2c:8f:9b:b9:58:5b:0a:4a:bf:81:36:07:08:81:bc:c5:b0:
         5e:01:92:9f:62:f5:b8:a0:76:c0:56:a6:41:7f:26:dc:7b:a9:
         c9:cf:2a:d8:39:98:de:b4:5e:ac:3d:5a:40:ea:42:99:d2:08:
         77:80:26:6e:42:f3:ff:ff:39:c3:8c:a0:c9:ff:84:ba:f8:28:
         88:89:90:3b:6b:cb:45:ed:91:09:02:a9:cc:63:18:15:08:79:
         ef:cb:62:0e:8c:c2:fc:1a:db:69:35:9e:22:30:a8:1f:45:c6:
         fe:7e:8f:93:26:d2:14:a3:26:53:f5:e4:25:c7:c8:d7:be:da:
         80:ff:fe:d3:d8:d9:64:cc:32:1a:3f:fd:57:c4:f2:9e:e8:a7:
         e0:59:09:c9:a0:f4:97:9a:e0:ed:1c:fa:cf:a2:6a:e0:88:be:
         d2:c6:3b:76:20:b4:f0:0e:fb:80:ed:32:ef:3d:0d:2b:12:77:
         63:8f:a1:d5:2f:d1:5c:65:bd:0b:52:4f:dd:56:ce:d9:35:4b:
         22:26:d7:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOu4Le3PyCvDQ8TFC/OAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUwODEyMTcwMTM1WhcNMjUwODEzMTcwMTM1WjAzMTEwLwYDVQQD
Eyg2MDYzODAxZGNiN2U4ZWE1MjljMDU4N2YyM2UyNzExZWI3NzE2ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMAI4cfzlidHSPURHXGBpEh/xwTL
CM8k/d/p3figXOrja7WqhyY4q6LO6xXAwOTCltSBEJVGy+ZC4uJP7pasWcuBc2ss
LWtyeCESfiUlv6oObVOrEn82w1qLAjqXQyui3IJph2n0v2XCci0UK5Cg9fJrJeLg
oTHNFwJJByOrEcoqoORWcZMtO2KBesFYCv1SbyQ/dDD2LR6Dr8PiImlrYZ7giC/W
azs0S1mHW6xTIPdPJDlB4E1aU5JBtpFjzhIzBoDdfsksgPocFWQz57CkL+dHU7Gd
JT9sOYQv5eypguMFvEEjZk+0wzIc6pVOOB3a3ITYezzylcLwku0tAnZyDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBjgB3Lfo6lKcBYfyPicR63cW8tMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmxQztw9
Eel+Pzc/x19jqZ2bPjUK6sjSBTVoMIwv0c/9bxKpvBtF8GA9Fd+OPokq8fOHDDZZ
sSyPm7lYWwpKv4E2BwiBvMWwXgGSn2L1uKB2wFamQX8m3Hupyc8q2DmY3rRerD1a
QOpCmdIId4AmbkLz//85w4ygyf+EuvgoiImQO2vLRe2RCQKpzGMYFQh578tiDozC
/BrbaTWeIjCoH0XG/n6PkybSFKMmU/XkJcfI177agP/+09jZZMwyGj/9V8Tynuin
4FkJyaD0l5rg7Rz6z6Jq4Ii+0sY7diC08A77gO0y7z0NKxJ3Y4+h1S/RXGW9C1JP
3VbO2TVLIibX/g==
-----END CERTIFICATE-----