Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          ebVSrzi2DWKXCisbDPmidWZJtvUOG4LMxpkECvbW4Aw=
Subject key identifier:   DF:4B:CF:94:C3:CE:48:3D:5E:55:C9:E7:92:27:18:18:E1:31:64:47
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       01989F03475F7E20FB7D56E1FD2EEE2F4D5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          1569
Signing time:             Tue 12 Aug 2025 16:00:48 +0000
Manifest this update:     Tue 12 Aug 2025 16:00:48 +0000
Manifest next update:     Wed 13 Aug 2025 16:00:48 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: iQNLtp6tF0ZfcN4D775x/xO9088/8xAo8je6LODiQQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:03:47:5f:7e:20:fb:7d:56:e1:fd:2e:ee:2f:4d:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Aug 12 16:00:48 2025 GMT
            Not After : Aug 13 16:00:48 2025 GMT
        Subject: CN=df4bcf94c3ce483d5e55c9e792271818e1316447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dd:c4:73:3a:b9:a3:b3:3a:77:9e:74:5c:ac:
                    85:3e:82:cf:35:9b:49:c8:8e:dc:52:e0:77:2e:a9:
                    62:4d:30:13:34:f6:ed:77:e0:7d:8a:52:b6:c2:5d:
                    09:80:1f:00:34:41:1a:f8:f5:ee:7e:85:5f:76:88:
                    a3:44:28:48:62:88:91:f2:1b:5f:a4:51:4c:86:1f:
                    f3:3d:62:54:11:d1:5a:7b:ee:8b:8c:0d:6a:3e:18:
                    36:a3:bb:80:86:51:31:86:4a:a8:a0:63:fb:01:de:
                    c3:3b:c9:4e:da:0f:44:c8:04:d0:81:eb:ab:a1:1d:
                    91:c4:43:9a:eb:e8:99:4e:eb:81:84:58:49:fe:93:
                    fa:83:9c:bc:f2:0b:ca:6f:da:86:ce:e1:5c:b7:fd:
                    3c:9f:85:a6:6e:70:de:1d:46:2b:59:13:a4:bb:5c:
                    d8:b3:1a:c5:79:ca:8f:db:4b:a7:bc:79:94:ac:f9:
                    2a:33:c1:c3:cc:87:c0:f5:3a:18:28:87:02:38:ac:
                    9b:a7:c1:56:85:57:71:63:29:a2:b1:47:23:af:25:
                    b0:e2:f1:be:87:b7:b8:62:50:22:f0:d5:3f:a1:49:
                    d2:9e:da:47:bd:83:60:80:ad:02:c1:96:af:f8:fa:
                    13:8a:62:85:32:e2:a9:ea:64:c2:69:50:cc:50:30:
                    54:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:4B:CF:94:C3:CE:48:3D:5E:55:C9:E7:92:27:18:18:E1:31:64:47
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:09:a1:20:01:71:a2:61:cc:ba:0c:4f:5c:31:9b:4a:09:24:
         22:67:a2:1c:75:f4:5f:83:62:11:b9:44:46:91:9a:6d:3d:89:
         0e:d7:05:9e:68:9e:ee:db:5b:71:e3:c9:9b:b3:d6:32:55:9d:
         55:e8:9c:81:7c:c8:1e:19:ad:b2:3c:fb:fb:53:38:ab:c4:fc:
         f6:35:9b:f3:fb:76:c1:77:6d:f0:2d:b3:f1:a6:bf:5a:16:82:
         80:de:68:b2:37:ed:da:eb:4f:1f:68:3a:0b:8c:8b:95:c8:f7:
         98:01:05:de:50:79:ef:c7:04:4a:18:56:2f:82:0f:93:2d:8a:
         02:6e:c6:c3:95:39:b6:9d:46:bd:5b:4f:12:b8:47:05:48:8a:
         8a:63:88:cc:05:f4:2e:55:4d:94:a8:a3:f7:93:9a:4a:17:f5:
         24:dd:50:ed:59:2f:38:a1:2a:48:0e:64:36:2d:aa:b5:cf:91:
         99:53:12:d8:53:64:1c:09:b7:83:b3:a8:6f:50:fe:bb:71:e3:
         10:35:a6:03:af:88:53:12:91:10:71:23:a2:46:9e:70:01:a8:
         6a:7f:a6:fe:42:34:89:a7:8e:c1:b2:69:f4:55:b9:38:70:6f:
         af:56:5d:92:cb:f0:80:95:5d:e6:a3:c6:19:f6:8f:e1:11:89:
         fa:ae:43:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifA0dffiD7fVbh/S7uL01eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjUwODEyMTYwMDQ4WhcNMjUwODEzMTYwMDQ4WjAzMTEwLwYDVQQD
EyhkZjRiY2Y5NGMzY2U0ODNkNWU1NWM5ZTc5MjI3MTgxOGUxMzE2NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN3Eczq5o7M6d550XKyFPoLPNZtJ
yI7cUuB3LqliTTATNPbtd+B9ilK2wl0JgB8ANEEa+PXufoVfdoijRChIYoiR8htf
pFFMhh/zPWJUEdFae+6LjA1qPhg2o7uAhlExhkqooGP7Ad7DO8lO2g9EyATQgeur
oR2RxEOa6+iZTuuBhFhJ/pP6g5y88gvKb9qGzuFct/08n4WmbnDeHUYrWROku1zY
sxrFecqP20unvHmUrPkqM8HDzIfA9ToYKIcCOKybp8FWhVdxYymisUcjryWw4vG+
h7e4YlAi8NU/oUnSntpHvYNggK0CwZav+PoTimKFMuKp6mTCaVDMUDBUxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9Lz5TDzkg9XlXJ55InGBjhMWRHMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQmhIAFx
omHMugxPXDGbSgkkImeiHHX0X4NiEblERpGabT2JDtcFnmie7ttbcePJm7PWMlWd
VeicgXzIHhmtsjz7+1M4q8T89jWb8/t2wXdt8C2z8aa/WhaCgN5osjft2utPH2g6
C4yLlcj3mAEF3lB578cEShhWL4IPky2KAm7Gw5U5tp1GvVtPErhHBUiKimOIzAX0
LlVNlKij95OaShf1JN1Q7VkvOKEqSA5kNi2qtc+RmVMS2FNkHAm3g7Oob1D+u3Hj
EDWmA6+IUxKREHEjokaecAGoan+m/kI0iaeOwbJp9FW5OHBvr1ZdksvwgJVd5qPG
GfaP4RGJ+q5D5g==
-----END CERTIFICATE-----