Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          kHzJQYPaQMzS4u6PUQzRSBiItMyITEDrd1zbvck9BPM=
Subject key identifier:   EE:66:F0:9A:AE:4C:D4:D0:0E:E1:72:70:74:36:C3:A3:79:40:68:72
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       0198A04CD0F5530BF58BCC1FFF1A059BF510
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0D8E
Signing time:             Tue 12 Aug 2025 22:00:45 +0000
Manifest this update:     Tue 12 Aug 2025 22:00:45 +0000
Manifest next update:     Wed 13 Aug 2025 22:00:45 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: jMWCRZEI/MkXcD7PQh1jGj+8eSZLQt4PYaMExFp02kY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4c:d0:f5:53:0b:f5:8b:cc:1f:ff:1a:05:9b:f5:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Aug 12 22:00:45 2025 GMT
            Not After : Aug 13 22:00:45 2025 GMT
        Subject: CN=ee66f09aae4cd4d00ee172707436c3a379406872
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:06:44:7e:07:26:39:7a:9d:2b:24:a2:4b:63:
                    fa:76:57:4a:8b:d0:26:ba:44:f8:fb:43:e1:d0:04:
                    c6:30:b1:29:f6:49:71:27:72:82:b2:bc:b0:c5:87:
                    2d:58:ec:69:63:b2:50:39:e3:17:cc:b3:98:ce:be:
                    50:5f:06:7e:57:03:6c:63:9f:a3:59:3e:65:a8:fe:
                    1c:53:ae:a0:50:c6:52:20:58:30:83:a3:b7:ce:7f:
                    e4:d8:17:be:a0:6a:34:51:1e:b4:0e:f9:fc:ff:31:
                    33:0f:71:27:51:86:d2:dd:88:88:cd:f7:b5:e7:4e:
                    6a:a4:47:4e:15:fd:db:f2:50:7c:7c:34:70:b4:87:
                    de:0b:3f:0e:54:a0:a4:c5:57:ea:89:9d:e7:5e:09:
                    5e:3b:02:41:d6:27:43:ed:b0:79:99:ab:5d:22:d4:
                    b9:93:af:c6:5f:ef:d2:05:04:a2:63:37:20:10:22:
                    f4:2a:5f:e6:0d:36:00:12:8d:ac:e5:83:21:93:e8:
                    94:66:38:99:97:f4:f8:96:e4:73:80:b1:35:ae:87:
                    6b:5e:fa:7b:f9:b7:9d:ef:57:99:df:2d:85:a3:b9:
                    6b:29:21:43:92:80:07:99:eb:cc:64:c8:2b:8b:3b:
                    d2:38:45:c4:b0:a2:2f:84:62:f6:3c:4a:dc:f1:d0:
                    1f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:66:F0:9A:AE:4C:D4:D0:0E:E1:72:70:74:36:C3:A3:79:40:68:72
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:64:47:52:c0:4e:af:5d:f2:c8:31:95:3b:af:2d:15:8f:cd:
         ca:3f:fe:5a:6b:ef:ee:68:e5:ae:4c:59:81:75:04:51:a9:53:
         8a:2b:ac:bf:47:e8:9b:95:d7:ed:1c:bc:c9:d3:6d:e7:a6:29:
         f4:50:ea:90:98:4a:85:99:86:05:ff:40:9e:56:33:d3:ff:79:
         36:71:a7:de:8a:7f:12:5b:40:c5:6f:a7:9c:dd:20:ad:ab:eb:
         1c:44:f6:ab:21:d7:0c:8f:96:49:f0:8c:09:2c:4e:22:64:ad:
         b6:b7:b0:00:0f:23:ba:e4:fb:fc:c4:20:aa:66:00:d9:88:bd:
         8c:42:80:91:0a:87:35:f6:0f:9d:86:df:64:eb:a1:ab:17:57:
         30:ea:76:43:b6:fc:2f:61:e3:37:7a:6c:d1:0a:d8:ce:7a:cc:
         7b:33:c5:ec:41:06:48:8c:bd:d4:fe:7a:81:d0:e0:45:ca:86:
         56:1f:05:cf:fb:2a:69:f5:04:08:29:67:25:e6:7a:81:7d:f1:
         95:74:54:5c:30:27:02:63:ef:97:bf:52:1f:e3:6f:de:f2:1e:
         10:e3:41:e7:3f:4e:ca:2c:20:7f:af:83:1b:e9:e8:5a:22:89:
         32:25:1a:4f:bc:c0:1e:58:14:20:38:f5:87:c0:db:71:26:ea:
         8a:c0:33:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTND1Uwv1i8wf/xoFm/UQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjUwODEyMjIwMDQ1WhcNMjUwODEzMjIwMDQ1WjAzMTEwLwYDVQQD
EyhlZTY2ZjA5YWFlNGNkNGQwMGVlMTcyNzA3NDM2YzNhMzc5NDA2ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQZEfgcmOXqdKySiS2P6dldKi9Am
ukT4+0Ph0ATGMLEp9klxJ3KCsrywxYctWOxpY7JQOeMXzLOYzr5QXwZ+VwNsY5+j
WT5lqP4cU66gUMZSIFgwg6O3zn/k2Be+oGo0UR60Dvn8/zEzD3EnUYbS3YiIzfe1
505qpEdOFf3b8lB8fDRwtIfeCz8OVKCkxVfqiZ3nXgleOwJB1idD7bB5matdItS5
k6/GX+/SBQSiYzcgECL0Kl/mDTYAEo2s5YMhk+iUZjiZl/T4luRzgLE1rodrXvp7
+bed71eZ3y2Fo7lrKSFDkoAHmevMZMgrizvSOEXEsKIvhGL2PErc8dAfHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5m8JquTNTQDuFycHQ2w6N5QGhyMB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA02RHUsBO
r13yyDGVO68tFY/Nyj/+Wmvv7mjlrkxZgXUEUalTiiusv0fom5XX7Ry8ydNt56Yp
9FDqkJhKhZmGBf9AnlYz0/95NnGn3op/EltAxW+nnN0gravrHET2qyHXDI+WSfCM
CSxOImSttrewAA8juuT7/MQgqmYA2Yi9jEKAkQqHNfYPnYbfZOuhqxdXMOp2Q7b8
L2HjN3ps0QrYznrMezPF7EEGSIy91P56gdDgRcqGVh8Fz/sqafUECClnJeZ6gX3x
lXRUXDAnAmPvl79SH+Nv3vIeEONB5z9Oyiwgf6+DG+noWiKJMiUaT7zAHlgUIDj1
h8DbcSbqisAz4A==
-----END CERTIFICATE-----