Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          vPPDbSUoIvVP8fICXjJ3VW2Kevpq9ASyWKbGeZOXwx8=
Subject key identifier:   E1:F2:EE:72:F6:93:8D:54:91:99:1B:AB:70:30:F1:9A:58:27:24:28
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       01988BB35A4279C37C2EB27D7FACC51F841D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0E12
Signing time:             Fri 08 Aug 2025 22:00:43 +0000
Manifest this update:     Fri 08 Aug 2025 22:00:43 +0000
Manifest next update:     Sat 09 Aug 2025 22:00:43 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: qVGglkqL+9KTc4Nlu29J6ipCVDF3iI5FVTowOUsJQDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:5a:42:79:c3:7c:2e:b2:7d:7f:ac:c5:1f:84:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Aug  8 22:00:43 2025 GMT
            Not After : Aug  9 22:00:43 2025 GMT
        Subject: CN=e1f2ee72f6938d5491991bab7030f19a58272428
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c2:df:6a:da:27:53:2c:1c:56:89:35:7b:a1:
                    97:0d:d1:8b:ee:d5:a8:21:37:86:47:fc:92:cf:c5:
                    b4:68:e9:7f:78:e0:e9:7f:a2:6f:c6:0e:f4:7b:6d:
                    08:08:0e:45:82:d3:c0:d5:91:c8:7b:ca:78:7f:83:
                    52:b7:ce:f1:a9:5e:c2:bb:cf:c6:60:e7:92:29:99:
                    8e:d5:f0:91:8f:8a:50:39:06:81:39:ca:f8:68:ca:
                    4e:da:b3:05:1d:69:c1:ba:1c:5e:6f:e6:55:50:6c:
                    6e:ce:a8:f2:36:86:49:d6:81:5c:ca:b4:34:7e:a8:
                    aa:d8:00:e5:92:e0:89:64:29:d7:ea:16:10:c3:5a:
                    2e:95:49:d6:08:a7:89:06:df:b6:3d:0c:0a:36:46:
                    c1:25:2a:c9:00:b2:66:2b:ab:19:c9:a8:4b:ca:53:
                    4c:da:84:8d:d4:ee:22:0d:1c:6b:a7:8f:e9:5e:a6:
                    1c:fd:f7:c2:4b:9a:cd:b1:16:80:57:56:9a:9d:8f:
                    72:8c:4e:87:3a:53:ae:92:8e:4c:2f:11:f2:05:e3:
                    08:71:1d:25:82:c8:37:6f:e6:bc:02:3d:9f:5f:3c:
                    6b:e8:a5:33:b2:ff:03:33:39:89:d3:11:b5:0e:37:
                    43:2c:b6:28:a6:31:6b:cd:f5:30:6c:a6:56:5c:af:
                    fc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:F2:EE:72:F6:93:8D:54:91:99:1B:AB:70:30:F1:9A:58:27:24:28
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:9b:cb:88:e3:7f:2c:81:e2:64:83:0e:63:e1:13:40:d8:05:
         12:a4:58:60:be:a1:f4:14:84:70:66:f3:fd:34:41:44:fc:4b:
         b0:10:d3:e4:bf:f6:fc:db:3d:d2:2b:ee:2a:81:cf:3a:36:14:
         fd:d2:d0:81:e0:d3:4e:2a:01:6f:74:1c:b4:b3:c5:42:eb:cb:
         3e:e5:e2:9b:24:eb:22:1f:2e:ae:6a:43:e7:f5:fc:66:e7:43:
         c4:4d:3c:4c:8b:08:5f:fd:89:a3:f7:20:54:b2:3c:81:62:66:
         9f:8d:df:e1:49:a8:ef:d4:bb:c0:8b:ed:fd:a6:83:7d:6c:06:
         7d:2a:d8:0a:db:de:21:cf:2b:f5:77:58:28:a9:2a:72:6e:da:
         87:d4:54:06:f5:af:33:1a:5a:ca:7b:c6:78:86:d5:6e:8d:bb:
         b8:7e:be:54:f2:7c:f4:a7:46:25:a8:e8:71:65:f4:0c:a5:60:
         fd:d6:fe:72:18:2b:89:2c:d8:d6:c7:83:6e:4f:f9:1a:a9:d1:
         3e:a5:60:c9:69:74:58:c8:94:f8:b8:57:13:bc:f2:bb:f4:3c:
         36:98:86:cc:2c:b9:5a:61:6f:e6:32:11:e0:f5:17:7e:c0:a7:
         e6:e4:c1:c1:4b:b7:09:c3:1f:b3:9e:17:45:43:40:49:84:ba:
         92:3b:94:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLs1pCecN8LrJ9f6zFH4QdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwODA4MjIwMDQzWhcNMjUwODA5MjIwMDQzWjAzMTEwLwYDVQQD
EyhlMWYyZWU3MmY2OTM4ZDU0OTE5OTFiYWI3MDMwZjE5YTU4MjcyNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8LfatonUywcVok1e6GXDdGL7tWo
ITeGR/ySz8W0aOl/eODpf6Jvxg70e20ICA5FgtPA1ZHIe8p4f4NSt87xqV7Cu8/G
YOeSKZmO1fCRj4pQOQaBOcr4aMpO2rMFHWnBuhxeb+ZVUGxuzqjyNoZJ1oFcyrQ0
fqiq2ADlkuCJZCnX6hYQw1oulUnWCKeJBt+2PQwKNkbBJSrJALJmK6sZyahLylNM
2oSN1O4iDRxrp4/pXqYc/ffCS5rNsRaAV1aanY9yjE6HOlOuko5MLxHyBeMIcR0l
gsg3b+a8Aj2fXzxr6KUzsv8DMzmJ0xG1DjdDLLYopjFrzfUwbKZWXK/8iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHy7nL2k41UkZkbq3Aw8ZpYJyQoMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsJvLiON/
LIHiZIMOY+ETQNgFEqRYYL6h9BSEcGbz/TRBRPxLsBDT5L/2/Ns90ivuKoHPOjYU
/dLQgeDTTioBb3QctLPFQuvLPuXimyTrIh8urmpD5/X8ZudDxE08TIsIX/2Jo/cg
VLI8gWJmn43f4Umo79S7wIvt/aaDfWwGfSrYCtveIc8r9XdYKKkqcm7ah9RUBvWv
MxpaynvGeIbVbo27uH6+VPJ89KdGJajocWX0DKVg/db+chgriSzY1seDbk/5GqnR
PqVgyWl0WMiU+LhXE7zyu/Q8NpiGzCy5WmFv5jIR4PUXfsCn5uTBwUu3CcMfs54X
RUNASYS6kjuUqA==
-----END CERTIFICATE-----