Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          u7hg4ztPtorreAC1XfAF/znHXkJT06PfK4O9QfpO+/Y=
Subject key identifier:   E7:8F:AD:32:77:ED:7C:97:20:26:69:01:DA:C0:67:48:44:65:F9:03
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019881D570205F75FB60D1C8BA036FB8E03D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          138F
Signing time:             Thu 07 Aug 2025 00:01:45 +0000
Manifest this update:     Thu 07 Aug 2025 00:01:45 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:45 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: uQo5mKnaGHoUvaM9J9IY8Hq0Q/Dzwcwc9n8XB0Y78bU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d5:70:20:5f:75:fb:60:d1:c8:ba:03:6f:b8:e0:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Aug  7 00:01:45 2025 GMT
            Not After : Aug  8 00:01:45 2025 GMT
        Subject: CN=e78fad3277ed7c9720266901dac067484465f903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:af:fd:8e:5b:46:ae:cd:ea:bc:21:c3:1a:35:
                    21:17:35:3f:ff:9d:81:bc:17:e5:fa:10:37:b7:0b:
                    a3:be:95:79:b3:f9:e7:bc:ee:62:43:f5:59:2d:80:
                    66:e1:8f:70:1f:8b:9f:4c:5e:f8:75:5e:d8:a9:db:
                    37:fc:fd:4f:87:33:71:a3:11:f8:0d:11:df:2b:47:
                    81:de:ff:2e:4a:40:d6:98:0e:b8:1c:20:d9:2e:72:
                    8d:df:3c:f8:41:d3:48:76:5c:f0:c2:12:6a:05:77:
                    61:51:6a:b8:d2:eb:27:75:8c:a6:02:ea:7d:51:d7:
                    96:e4:e6:0e:59:cb:c0:ad:a4:0a:7b:33:2e:c9:08:
                    29:e3:36:05:69:fb:b2:71:7f:59:e5:d6:2b:61:fa:
                    76:97:34:ff:50:2e:80:b6:3e:ef:ad:1c:33:6a:0d:
                    55:2e:a5:2a:11:69:60:05:f7:11:c7:e7:68:79:83:
                    30:e1:32:68:30:0f:5a:67:e8:1b:8e:f8:2a:82:2b:
                    0f:7f:29:51:0b:37:0b:34:c7:10:92:70:39:05:e7:
                    40:cb:16:0b:c6:55:fe:90:5b:0f:3d:a8:f9:35:85:
                    6d:6f:60:ed:2e:bc:8e:41:9c:87:db:ab:68:76:4c:
                    fb:e9:24:e5:1c:4d:df:19:67:2f:9d:fa:35:70:10:
                    a4:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:8F:AD:32:77:ED:7C:97:20:26:69:01:DA:C0:67:48:44:65:F9:03
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:80:2d:fd:4f:3b:c4:5a:a3:b8:72:04:59:c1:d4:f0:cd:c9:
         1a:96:c3:9c:9a:83:41:f2:6d:41:df:ed:44:79:e9:12:f7:b7:
         30:8d:df:0c:f2:5b:c6:23:19:d6:6d:6b:36:ef:a5:90:d6:2a:
         38:9a:6f:83:7b:57:79:82:7d:c9:a5:c3:fe:e3:e2:af:59:06:
         9d:5b:cb:cf:81:5b:41:51:88:18:62:6d:a2:5e:6d:c2:6b:17:
         7e:e5:fc:d1:2b:b4:e8:e6:2b:44:55:a6:9b:f8:11:e4:9f:dc:
         ef:5f:18:76:2f:c6:ca:da:8e:c4:ff:90:1b:7a:93:40:ab:5f:
         7c:26:5f:7a:0f:e0:13:50:48:eb:dd:19:c8:9e:44:ba:44:0d:
         e8:c3:31:c2:50:64:01:1a:8b:bc:86:e9:c1:70:cb:c8:3d:99:
         a4:06:93:86:27:57:1f:fe:b3:5b:a7:8f:ef:8a:c7:df:1d:89:
         03:f0:95:27:2c:61:51:94:e8:b5:4e:4d:4e:4b:87:5d:18:90:
         b8:14:6d:7c:3d:68:a4:a9:70:8b:0a:a7:a1:e5:28:f4:53:fe:
         20:9d:48:d8:16:d2:6a:21:13:52:de:8c:fa:7f:ba:08:c7:b1:
         8a:05:1f:21:96:5f:7d:2f:e3:53:81:1a:56:0e:e8:2b:0d:f7:
         4e:fb:1a:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1XAgX3X7YNHIugNvuOA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjUwODA3MDAwMTQ1WhcNMjUwODA4MDAwMTQ1WjAzMTEwLwYDVQQD
EyhlNzhmYWQzMjc3ZWQ3Yzk3MjAyNjY5MDFkYWMwNjc0ODQ0NjVmOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q/9jltGrs3qvCHDGjUhFzU//52B
vBfl+hA3twujvpV5s/nnvO5iQ/VZLYBm4Y9wH4ufTF74dV7Yqds3/P1PhzNxoxH4
DRHfK0eB3v8uSkDWmA64HCDZLnKN3zz4QdNIdlzwwhJqBXdhUWq40usndYymAup9
UdeW5OYOWcvAraQKezMuyQgp4zYFafuycX9Z5dYrYfp2lzT/UC6Atj7vrRwzag1V
LqUqEWlgBfcRx+doeYMw4TJoMA9aZ+gbjvgqgisPfylRCzcLNMcQknA5BedAyxYL
xlX+kFsPPaj5NYVtb2DtLryOQZyH26todkz76STlHE3fGWcvnfo1cBCkQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOePrTJ37XyXICZpAdrAZ0hEZfkDMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvIAt/U87
xFqjuHIEWcHU8M3JGpbDnJqDQfJtQd/tRHnpEve3MI3fDPJbxiMZ1m1rNu+lkNYq
OJpvg3tXeYJ9yaXD/uPir1kGnVvLz4FbQVGIGGJtol5twmsXfuX80Su06OYrRFWm
m/gR5J/c718Ydi/GytqOxP+QG3qTQKtffCZfeg/gE1BI690ZyJ5EukQN6MMxwlBk
ARqLvIbpwXDLyD2ZpAaThidXH/6zW6eP74rH3x2JA/CVJyxhUZTotU5NTkuHXRiQ
uBRtfD1opKlwiwqnoeUo9FP+IJ1I2BbSaiETUt6M+n+6CMexigUfIZZffS/jU4Ea
Vg7oKw33Tvsalg==
-----END CERTIFICATE-----