Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          j0bqvfbmhWhtnA4AzDtSNIUN1g+yHbGE7/bMwBdASA8=
Subject key identifier:   F6:75:86:26:FE:E3:A6:EA:38:07:AB:F3:D9:66:0E:1A:CD:6A:2D:FC
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       01987418B5FF936A374D41A5D7FBFEE32888
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0E97
Signing time:             Mon 04 Aug 2025 08:00:33 +0000
Manifest this update:     Mon 04 Aug 2025 08:00:33 +0000
Manifest next update:     Tue 05 Aug 2025 08:00:33 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: DjnmikvQZqDdkMVte6bffDvllxer413zOrfbBxDy4JM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:18:b5:ff:93:6a:37:4d:41:a5:d7:fb:fe:e3:28:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Aug  4 08:00:33 2025 GMT
            Not After : Aug  5 08:00:33 2025 GMT
        Subject: CN=f6758626fee3a6ea3807abf3d9660e1acd6a2dfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:27:40:52:84:13:61:2f:be:bf:08:c8:12:a4:
                    73:68:7a:d1:84:c3:07:a9:3d:e3:e7:98:30:a9:ba:
                    98:da:4f:cc:de:aa:18:1b:4c:dd:87:14:28:bd:d9:
                    18:dd:65:33:c4:02:4b:4f:69:35:66:c9:eb:5e:0e:
                    32:64:f6:40:8a:ee:ef:9c:f2:07:bd:d7:78:66:7b:
                    b0:9c:c2:c0:a5:b9:c0:48:6b:f6:2b:a8:5a:a5:3d:
                    e7:b9:be:22:9b:75:c2:52:46:01:e1:ef:35:35:c8:
                    7b:78:c3:43:60:35:33:6d:57:75:65:f1:3a:e2:2e:
                    7e:b6:c0:1b:a2:1c:81:cd:86:92:c6:86:64:94:0c:
                    cc:21:a9:bb:70:20:33:8b:31:22:a4:9b:e9:9f:7f:
                    fd:4b:fb:65:e5:3b:8d:d7:b3:84:d9:55:f0:39:44:
                    8d:c4:b9:c9:bf:1a:f2:4a:e0:3e:b3:2a:d6:e9:e8:
                    3d:37:78:f0:55:72:7c:71:d1:db:53:20:80:91:b1:
                    c2:21:ec:00:e4:73:1b:43:f8:28:92:42:c5:7d:9a:
                    cc:72:1d:8f:ac:77:91:48:8e:15:88:10:46:40:99:
                    6e:c2:7f:75:2f:db:a5:d7:ee:f7:a3:b6:17:0e:bf:
                    96:9e:58:3b:ee:a5:ed:58:0f:91:af:b9:e8:f9:fe:
                    32:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:75:86:26:FE:E3:A6:EA:38:07:AB:F3:D9:66:0E:1A:CD:6A:2D:FC
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:65:ff:ed:76:c3:93:93:69:e9:04:9e:37:c3:90:27:e2:d6:
         e4:11:50:6e:a0:6e:38:2b:4e:a8:ee:44:5e:5c:19:3d:02:e6:
         d2:5b:18:b7:b0:e2:1e:e2:69:aa:d0:92:4d:2b:d6:0c:15:00:
         80:d7:2a:cf:7e:69:06:ff:14:b9:b3:4a:63:4b:37:55:78:0d:
         a4:f1:95:ee:f5:97:31:d2:f5:a4:c5:cc:25:8a:a4:5f:fb:b1:
         86:93:03:92:a1:71:05:61:41:bc:c0:60:e8:f2:77:17:f1:73:
         26:a3:98:ad:b4:79:36:35:71:00:00:fa:e6:02:49:c1:dd:80:
         20:95:86:e2:fa:db:48:86:b2:5a:b1:bc:e0:cc:2f:7f:d3:74:
         67:5d:26:33:50:9a:94:8a:d6:a6:b2:67:d8:b8:84:2b:67:d5:
         43:18:50:a6:b2:f7:79:e7:42:39:42:98:da:76:84:c2:3e:1c:
         d6:0b:b8:76:0c:0b:41:ab:b9:9e:4a:d2:0c:a6:83:55:ac:12:
         e2:11:c7:43:78:64:90:18:d2:a5:63:1e:01:97:df:4b:98:0c:
         fc:ee:72:87:89:75:5f:4a:bb:27:36:12:27:89:07:aa:e2:2a:
         6e:df:77:49:32:36:92:21:cf:9e:ea:6c:f1:8b:dd:b5:40:26:
         1e:d1:36:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GLX/k2o3TUGl1/v+4yiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwODA0MDgwMDMzWhcNMjUwODA1MDgwMDMzWjAzMTEwLwYDVQQD
EyhmNjc1ODYyNmZlZTNhNmVhMzgwN2FiZjNkOTY2MGUxYWNkNmEyZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SdAUoQTYS++vwjIEqRzaHrRhMMH
qT3j55gwqbqY2k/M3qoYG0zdhxQovdkY3WUzxAJLT2k1ZsnrXg4yZPZAiu7vnPIH
vdd4ZnuwnMLApbnASGv2K6hapT3nub4im3XCUkYB4e81Nch7eMNDYDUzbVd1ZfE6
4i5+tsAbohyBzYaSxoZklAzMIam7cCAzizEipJvpn3/9S/tl5TuN17OE2VXwOUSN
xLnJvxrySuA+syrW6eg9N3jwVXJ8cdHbUyCAkbHCIewA5HMbQ/gokkLFfZrMch2P
rHeRSI4ViBBGQJluwn91L9ul1+73o7YXDr+Wnlg77qXtWA+Rr7no+f4ywwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZ1hib+46bqOAer89lmDhrNai38MB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmX/7XbD
k5Np6QSeN8OQJ+LW5BFQbqBuOCtOqO5EXlwZPQLm0lsYt7DiHuJpqtCSTSvWDBUA
gNcqz35pBv8UubNKY0s3VXgNpPGV7vWXMdL1pMXMJYqkX/uxhpMDkqFxBWFBvMBg
6PJ3F/FzJqOYrbR5NjVxAAD65gJJwd2AIJWG4vrbSIayWrG84Mwvf9N0Z10mM1Ca
lIrWprJn2LiEK2fVQxhQprL3eedCOUKY2naEwj4c1gu4dgwLQau5nkrSDKaDVawS
4hHHQ3hkkBjSpWMeAZffS5gM/O5yh4l1X0q7JzYSJ4kHquIqbt93STI2kiHPnups
8YvdtUAmHtE2KA==
-----END CERTIFICATE-----