Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          EZDTbq4Ht7eAeiTfSE6p4zjtJy5npd+PE3Y0v1Rh6x4=
Subject key identifier:   2C:46:D3:27:9B:3C:39:9D:CF:74:CD:9C:6C:A1:F7:2E:3F:3E:54:4E
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       0198733DD1931A19ACC405C1AE952CE1044E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1615
Signing time:             Mon 04 Aug 2025 04:01:27 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:27 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:27 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: PHGMR4rggoMxq3LmvvnWxF9YGPTp1P2NTexmNbps+AM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:d1:93:1a:19:ac:c4:05:c1:ae:95:2c:e1:04:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Aug  4 04:01:27 2025 GMT
            Not After : Aug  5 04:01:27 2025 GMT
        Subject: CN=2c46d3279b3c399dcf74cd9c6ca1f72e3f3e544e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:06:fc:e9:29:15:5b:2d:16:04:80:2b:ec:6b:
                    d4:cc:87:75:18:7f:a2:94:08:6d:f2:d7:89:c4:ac:
                    07:1d:10:9a:b1:93:11:13:9c:80:77:af:a6:fd:6b:
                    af:14:6f:04:65:5d:66:06:9c:dc:88:6e:a1:20:4c:
                    46:95:f4:8f:dc:0b:28:72:02:84:9d:dd:bf:57:e6:
                    8d:44:ac:b0:7f:3a:70:44:0f:45:94:97:55:0e:3a:
                    f6:18:b3:5a:33:47:62:f7:92:81:fe:60:e4:61:2d:
                    30:ba:e4:f2:93:f0:75:e3:86:1e:a8:f6:60:f7:bd:
                    d0:87:89:c2:f8:a8:db:5f:ab:dc:5d:86:99:25:0e:
                    5b:40:8a:79:e9:d0:3a:c1:d0:fb:31:dd:dd:06:87:
                    db:06:b5:94:a1:90:03:c0:31:2b:43:67:fa:fe:c1:
                    13:53:bb:fe:4e:70:b8:9d:a2:d3:d6:c9:ab:72:f9:
                    b9:c9:17:ad:fe:ec:c2:88:df:83:c8:a9:de:5d:40:
                    91:c4:fe:62:eb:30:5a:64:1e:56:6d:2c:7b:1d:51:
                    f5:f3:f6:39:dd:de:dc:9a:55:95:af:da:b5:fd:4b:
                    8f:05:d9:a1:a6:3f:a7:36:73:5d:14:93:3c:87:9a:
                    53:64:36:bf:dc:32:d3:ef:d1:a2:de:c9:eb:f5:ef:
                    53:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:46:D3:27:9B:3C:39:9D:CF:74:CD:9C:6C:A1:F7:2E:3F:3E:54:4E
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:be:e9:1c:ea:95:56:65:25:cd:92:35:56:7c:d3:be:4b:a8:
         14:1e:02:70:9c:87:f7:ec:6b:9b:fc:4f:28:af:c9:31:32:b0:
         8a:18:76:08:87:7d:dd:64:ce:4a:9f:e2:31:89:ae:5d:b2:0e:
         76:e8:bd:a5:e2:21:e3:4d:c8:12:99:76:80:85:7c:2d:1d:32:
         d6:7a:9d:90:1c:6b:f6:c2:23:39:b1:d8:40:72:86:8c:76:3d:
         df:9b:61:97:75:b3:70:bc:00:79:68:4d:fa:ff:83:c0:f9:aa:
         09:dc:b4:aa:6c:33:45:fd:50:c4:2f:81:ba:a2:9a:76:ca:7b:
         b0:1b:66:e7:02:86:15:06:53:c8:bc:c1:af:31:0d:c6:8a:8a:
         df:68:06:d2:d9:44:34:de:7b:18:16:55:cc:a8:1e:23:4a:16:
         8a:d4:bb:0b:28:ca:b7:2d:d9:21:a1:67:08:c5:61:71:bd:37:
         b9:4d:be:0d:c8:3c:a5:f1:73:4b:3e:cd:30:03:e0:5b:83:94:
         45:0b:2a:07:80:da:e7:49:16:74:ca:3b:a3:4d:84:60:91:2e:
         31:61:29:68:4e:22:44:c7:f4:5c:76:5a:0d:30:26:8a:2c:87:
         55:31:5f:ea:59:54:01:e0:f9:84:af:c7:de:d5:29:1e:ec:d9:
         2e:5e:5f:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPdGTGhmsxAXBrpUs4QROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwODA0MDQwMTI3WhcNMjUwODA1MDQwMTI3WjAzMTEwLwYDVQQD
EygyYzQ2ZDMyNzliM2MzOTlkY2Y3NGNkOWM2Y2ExZjcyZTNmM2U1NDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQb86SkVWy0WBIAr7GvUzId1GH+i
lAht8teJxKwHHRCasZMRE5yAd6+m/WuvFG8EZV1mBpzciG6hIExGlfSP3AsocgKE
nd2/V+aNRKywfzpwRA9FlJdVDjr2GLNaM0di95KB/mDkYS0wuuTyk/B144YeqPZg
973Qh4nC+KjbX6vcXYaZJQ5bQIp56dA6wdD7Md3dBofbBrWUoZADwDErQ2f6/sET
U7v+TnC4naLT1smrcvm5yRet/uzCiN+DyKneXUCRxP5i6zBaZB5WbSx7HVH18/Y5
3d7cmlWVr9q1/UuPBdmhpj+nNnNdFJM8h5pTZDa/3DLT79Gi3snr9e9TYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxG0yebPDmdz3TNnGyh9y4/PlROMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALr7pHOqV
VmUlzZI1VnzTvkuoFB4CcJyH9+xrm/xPKK/JMTKwihh2CId93WTOSp/iMYmuXbIO
dui9peIh403IEpl2gIV8LR0y1nqdkBxr9sIjObHYQHKGjHY935thl3WzcLwAeWhN
+v+DwPmqCdy0qmwzRf1QxC+BuqKadsp7sBtm5wKGFQZTyLzBrzENxoqK32gG0tlE
NN57GBZVzKgeI0oWitS7CyjKty3ZIaFnCMVhcb03uU2+Dcg8pfFzSz7NMAPgW4OU
RQsqB4Da50kWdMo7o02EYJEuMWEpaE4iRMf0XHZaDTAmiiyHVTFf6llUAeD5hK/H
3tUpHuzZLl5f/g==
-----END CERTIFICATE-----