Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          sFPcsjoakQ2MKWTv0wCytl1R10mL37J3jZgc8YCrcAs=
Subject key identifier:   01:38:F7:46:66:8C:1A:B2:AA:FE:17:ED:B1:A7:BB:83:50:B2:AC:B4
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       0198A04E9A44121388E9DFCCE887804A6EEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1629
Signing time:             Tue 12 Aug 2025 22:02:42 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:42 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:42 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: TTi6focm+ZK1Z8JAzUlKYZq/rl7XWD3/mWwin4okGKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:9a:44:12:13:88:e9:df:cc:e8:87:80:4a:6e:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Aug 12 22:02:42 2025 GMT
            Not After : Aug 13 22:02:42 2025 GMT
        Subject: CN=0138f746668c1ab2aafe17edb1a7bb8350b2acb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1b:8d:42:96:0a:a8:a4:8c:af:7b:b3:4b:6b:
                    64:ea:e8:3c:44:5d:e1:a5:ab:53:14:69:ca:bf:f9:
                    e1:b2:62:0a:79:2a:7c:f9:3a:d6:c5:ba:ad:6c:97:
                    9b:74:6b:67:ed:9b:dc:de:68:8a:42:c5:32:19:73:
                    91:df:a3:cf:9b:48:f9:e3:b2:2f:9e:1a:46:e9:9b:
                    a8:94:b7:86:06:16:24:1e:68:ef:e7:07:b9:ad:77:
                    b8:88:bd:60:e8:4d:04:bc:57:d4:da:ea:c2:b5:15:
                    da:63:10:cf:0f:72:0f:f5:92:47:0a:8c:ee:44:f5:
                    4a:0b:33:92:df:b0:e2:ca:f4:e3:f0:e2:7a:ef:5a:
                    b3:e8:ed:12:20:45:ad:d1:1b:fd:af:de:d6:ea:c6:
                    e9:42:65:3e:97:a0:7f:83:91:cc:78:1b:f4:da:52:
                    93:1b:99:06:20:73:33:66:50:87:bb:4e:72:55:dd:
                    38:29:aa:ea:e2:3e:73:67:57:8a:71:50:5d:1b:d4:
                    6d:11:d1:c8:86:1a:e4:10:33:25:0b:37:48:3e:31:
                    c7:85:c4:b6:6f:61:f2:bf:b9:3b:bc:da:88:fc:e6:
                    db:88:92:29:08:46:6b:d3:e1:91:41:90:76:3b:5c:
                    56:5d:e0:a3:c2:41:08:91:cd:70:6c:62:2b:d6:1e:
                    92:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:38:F7:46:66:8C:1A:B2:AA:FE:17:ED:B1:A7:BB:83:50:B2:AC:B4
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:20:6a:6e:72:60:86:14:44:0e:34:86:3f:c9:cb:34:ef:3c:
         9b:2b:8e:c2:c4:83:93:ec:cd:56:bd:47:2a:c6:65:57:7f:93:
         52:f5:85:fc:e6:b9:fe:8e:1f:27:80:f8:2b:90:fd:af:7c:39:
         71:7a:33:43:2d:34:48:bf:ae:36:11:ce:d1:42:57:52:2e:ed:
         6c:01:18:6a:d2:59:89:61:f2:e7:f2:7d:e8:3d:03:30:65:54:
         41:dc:69:54:c1:d1:c0:1e:fa:c4:e2:17:c5:e0:47:9c:13:a3:
         a3:2e:c0:bb:e3:64:33:03:c8:25:e3:95:a4:3b:fe:5f:ad:68:
         39:22:5c:3e:e1:2d:c6:94:31:44:67:a2:19:bb:27:83:01:ae:
         5c:0d:a3:83:d7:4c:5c:e1:77:c8:21:7a:53:48:ff:38:ad:3e:
         23:67:d7:dc:d9:c6:6a:a8:cc:35:5f:68:a0:a2:e5:a2:e2:cd:
         e9:27:ee:94:b8:18:da:ac:29:6c:b7:c5:82:c5:be:84:10:c7:
         54:d8:83:2a:52:a9:87:4d:5e:cc:e2:b3:eb:bb:ed:bb:d5:b8:
         ef:aa:3e:b1:be:7a:53:d6:c1:7f:96:31:6e:d4:17:01:91:b2:
         ea:40:58:6b:98:2b:7a:a6:d8:41:c3:55:34:7f:c8:99:5d:74:
         c5:42:3d:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTppEEhOI6d/M6IeASm7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwODEyMjIwMjQyWhcNMjUwODEzMjIwMjQyWjAzMTEwLwYDVQQD
EygwMTM4Zjc0NjY2OGMxYWIyYWFmZTE3ZWRiMWE3YmI4MzUwYjJhY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxuNQpYKqKSMr3uzS2tk6ug8RF3h
patTFGnKv/nhsmIKeSp8+TrWxbqtbJebdGtn7Zvc3miKQsUyGXOR36PPm0j547Iv
nhpG6ZuolLeGBhYkHmjv5we5rXe4iL1g6E0EvFfU2urCtRXaYxDPD3IP9ZJHCozu
RPVKCzOS37DiyvTj8OJ671qz6O0SIEWt0Rv9r97W6sbpQmU+l6B/g5HMeBv02lKT
G5kGIHMzZlCHu05yVd04Karq4j5zZ1eKcVBdG9RtEdHIhhrkEDMlCzdIPjHHhcS2
b2Hyv7k7vNqI/ObbiJIpCEZr0+GRQZB2O1xWXeCjwkEIkc1wbGIr1h6STwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAE490ZmjBqyqv4X7bGnu4NQsqy0MB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtiBqbnJg
hhREDjSGP8nLNO88myuOwsSDk+zNVr1HKsZlV3+TUvWF/Oa5/o4fJ4D4K5D9r3w5
cXozQy00SL+uNhHO0UJXUi7tbAEYatJZiWHy5/J96D0DMGVUQdxpVMHRwB76xOIX
xeBHnBOjoy7Au+NkMwPIJeOVpDv+X61oOSJcPuEtxpQxRGeiGbsngwGuXA2jg9dM
XOF3yCF6U0j/OK0+I2fX3NnGaqjMNV9ooKLlouLN6SfulLgY2qwpbLfFgsW+hBDH
VNiDKlKph01ezOKz67vtu9W476o+sb56U9bBf5YxbtQXAZGy6kBYa5greqbYQcNV
NH/ImV10xUI9eg==
-----END CERTIFICATE-----