Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          GvjdEZC7w0erGrWD4ggiE4EdVDLBAgq4GKWIbeWzSvw=
Subject key identifier:   0B:AC:B1:7F:F5:0D:46:B6:10:95:40:86:D9:C0:3E:5C:50:14:8D:22
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       01987D8AB8CE0AB00ACE7E3CD6367A1A47C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          0598
Signing time:             Wed 06 Aug 2025 04:01:39 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:39 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:39 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: 1jUIOydyBJwMsU46aasnptAXcDJ2EzBQ6IgLmNHxd7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:b8:ce:0a:b0:0a:ce:7e:3c:d6:36:7a:1a:47:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Aug  6 04:01:39 2025 GMT
            Not After : Aug  7 04:01:39 2025 GMT
        Subject: CN=0bacb17ff50d46b610954086d9c03e5c50148d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e2:60:51:02:a5:00:6e:e0:e0:54:5a:6b:7e:
                    1a:17:87:a6:6e:56:b4:53:eb:47:bc:6c:8c:67:b2:
                    0c:ae:6f:36:81:32:d8:4b:2d:2c:21:98:de:21:80:
                    a9:c1:43:5e:94:74:e1:09:46:19:a5:98:9e:62:3f:
                    0a:31:29:d1:40:7d:f6:77:50:ad:9c:03:9f:9d:09:
                    c4:85:72:cf:c7:8c:b8:99:98:2d:82:42:b6:da:9e:
                    b3:d3:e5:5a:d7:56:08:ac:84:a5:e4:af:b8:61:5f:
                    74:80:ca:02:3d:ec:08:f9:9c:3b:fb:59:31:75:60:
                    31:de:a8:1f:64:18:a5:53:91:68:3e:39:1b:1b:b8:
                    25:8b:48:4a:92:33:ec:0f:55:1a:a4:ac:be:bb:65:
                    bb:e3:05:ab:86:f1:c7:ab:2b:a6:c0:8b:a7:01:32:
                    6f:97:b4:87:f1:5d:bd:c5:e1:44:44:db:f0:d5:eb:
                    6e:5f:e0:2b:23:8c:7a:87:41:28:94:a0:dd:7f:3d:
                    31:bb:fc:d6:29:67:d3:9c:5e:ff:85:40:d7:51:a2:
                    1d:3e:d4:07:8b:e6:ab:bd:78:dd:e0:69:90:2d:46:
                    81:12:20:53:f6:e8:1f:db:f4:65:c1:2f:c0:af:d0:
                    39:6e:0d:4e:ea:61:df:8e:61:b9:e8:9b:b5:c9:71:
                    cb:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AC:B1:7F:F5:0D:46:B6:10:95:40:86:D9:C0:3E:5C:50:14:8D:22
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:91:f7:f5:ba:e5:05:51:c4:2e:90:6b:93:6d:47:60:04:e9:
         fc:83:cb:86:41:e7:c3:65:8b:2a:be:cb:b2:0c:9a:6c:1b:1d:
         55:5f:57:34:90:a5:97:fb:ce:c8:78:0b:08:0d:9b:13:b9:4b:
         8d:e7:8d:48:20:66:9a:2b:87:85:bf:cf:f4:d2:2d:3a:5e:19:
         33:1a:7a:0d:b9:c2:0f:a9:f3:37:2e:ae:3f:5e:2a:db:51:68:
         fe:8b:4b:87:76:e1:76:7e:fe:7c:b8:9b:1b:2d:93:16:20:7f:
         ea:59:9b:cb:d9:ca:57:e5:71:01:d6:64:50:33:15:c5:56:9f:
         cf:d0:be:c5:a1:a5:57:0d:47:3f:a4:97:42:a3:66:99:88:c5:
         93:79:dc:9f:35:ea:ee:ab:8e:c1:79:1c:84:b7:27:cc:c6:f0:
         b8:be:53:21:a1:b6:80:70:98:14:25:21:6b:97:da:9f:a5:ab:
         70:1d:ac:97:83:57:a7:ab:e5:45:59:cc:65:66:fa:f7:dd:40:
         12:50:6a:49:98:67:cb:fb:7d:b7:24:e1:b4:01:fc:c7:7d:f6:
         31:9a:7a:27:8d:2c:83:60:3d:b4:4a:1d:1c:fd:cb:61:b0:12:
         1f:da:a4:32:ec:e1:c9:2d:5f:62:bd:4f:f5:f0:91:59:bd:6f:
         81:77:2a:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9irjOCrAKzn481jZ6GkfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjUwODA2MDQwMTM5WhcNMjUwODA3MDQwMTM5WjAzMTEwLwYDVQQD
EygwYmFjYjE3ZmY1MGQ0NmI2MTA5NTQwODZkOWMwM2U1YzUwMTQ4ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+JgUQKlAG7g4FRaa34aF4embla0
U+tHvGyMZ7IMrm82gTLYSy0sIZjeIYCpwUNelHThCUYZpZieYj8KMSnRQH32d1Ct
nAOfnQnEhXLPx4y4mZgtgkK22p6z0+Va11YIrISl5K+4YV90gMoCPewI+Zw7+1kx
dWAx3qgfZBilU5FoPjkbG7gli0hKkjPsD1UapKy+u2W74wWrhvHHqyumwIunATJv
l7SH8V29xeFERNvw1etuX+ArI4x6h0EolKDdfz0xu/zWKWfTnF7/hUDXUaIdPtQH
i+arvXjd4GmQLUaBEiBT9ugf2/RlwS/Ar9A5bg1O6mHfjmG56Ju1yXHLNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAussX/1DUa2EJVAhtnAPlxQFI0iMB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw5H39brl
BVHELpBrk21HYATp/IPLhkHnw2WLKr7LsgyabBsdVV9XNJCll/vOyHgLCA2bE7lL
jeeNSCBmmiuHhb/P9NItOl4ZMxp6DbnCD6nzNy6uP14q21Fo/otLh3bhdn7+fLib
Gy2TFiB/6lmby9nKV+VxAdZkUDMVxVafz9C+xaGlVw1HP6SXQqNmmYjFk3ncnzXq
7quOwXkchLcnzMbwuL5TIaG2gHCYFCUha5fan6WrcB2sl4NXp6vlRVnMZWb6991A
ElBqSZhny/t9tyThtAH8x332MZp6J40sg2A9tEodHP3LYbASH9qkMuzhyS1fYr1P
9fCRWb1vgXcqbQ==
-----END CERTIFICATE-----