Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          nAIh5pqyKVDWH+uMx4HVK5LwVOije55D610NqZimtOA=
Subject key identifier:   B4:1F:EF:E8:77:27:8B:5D:4F:52:AF:C0:DD:C6:6F:84:7B:F3:74:4B
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       01989034E99599048241BD8B6943ABBB750B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0D03
Signing time:             Sat 09 Aug 2025 19:00:43 +0000
Manifest this update:     Sat 09 Aug 2025 19:00:43 +0000
Manifest next update:     Sun 10 Aug 2025 19:00:43 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: gObRphc+wF1z9d29WDURF1Dsk9so/COX7jVWbzt+LMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:34:e9:95:99:04:82:41:bd:8b:69:43:ab:bb:75:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Aug  9 19:00:43 2025 GMT
            Not After : Aug 10 19:00:43 2025 GMT
        Subject: CN=b41fefe877278b5d4f52afc0ddc66f847bf3744b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c4:fd:a0:83:f5:a2:73:d7:96:8c:e1:96:ed:
                    48:de:a1:ea:cf:c8:f3:da:f6:3f:ec:f1:c5:1d:cf:
                    8f:6b:89:68:55:c8:07:6b:15:41:77:38:5b:17:e1:
                    9c:a7:49:7a:4b:c1:e5:bf:b2:2f:46:af:19:54:00:
                    7c:4e:4e:e0:a6:82:c3:9b:49:1b:42:06:d2:67:d8:
                    a8:a2:79:f2:20:34:fc:dc:e4:fc:44:33:17:0d:97:
                    0a:3b:15:a8:57:c6:e5:28:47:a8:1f:0c:8e:37:c6:
                    2b:87:21:f5:89:4c:fe:ed:7a:e3:64:71:55:ad:8d:
                    09:c4:f1:6e:2e:e9:8b:1a:40:c0:03:d1:61:34:c2:
                    31:b5:2c:a6:06:60:3f:82:5b:34:df:30:ab:26:04:
                    64:13:67:8d:72:ed:ba:e0:99:7b:63:a1:60:17:f0:
                    b1:1a:4b:a5:f6:e4:1a:f2:6f:06:a3:b5:43:b0:01:
                    ae:d1:e5:e6:65:f3:c5:22:95:cc:f0:9f:4c:da:94:
                    5d:ef:f8:2f:60:c4:fc:85:20:9b:48:e6:7b:55:0b:
                    a4:23:d3:7a:01:dc:0c:9f:f7:d1:18:5f:e0:c2:fd:
                    79:0e:ed:e9:36:7b:73:74:6f:7a:ba:b4:49:ed:48:
                    c1:d8:ae:22:c0:71:99:f5:c5:4b:ae:ee:9d:90:1a:
                    89:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:1F:EF:E8:77:27:8B:5D:4F:52:AF:C0:DD:C6:6F:84:7B:F3:74:4B
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:32:f8:ad:70:3b:39:83:73:32:ef:2e:0f:91:a0:a4:8d:93:
         67:94:cc:76:cf:cd:39:8c:bf:08:79:ee:82:29:6a:01:ed:38:
         dc:2c:35:2b:46:71:44:78:90:d9:df:ec:eb:ba:59:f2:70:86:
         9d:f3:f0:82:ea:c3:3b:61:65:0c:08:04:3c:c1:98:63:93:c8:
         cf:eb:ff:f4:71:1f:0b:dc:91:08:d1:29:fc:e4:4d:47:ed:c3:
         0d:78:d6:87:a8:be:71:3c:29:1d:23:64:ff:d2:6b:47:0a:24:
         ac:d3:ad:8c:bc:74:e4:32:f2:30:6d:92:24:f5:ec:f2:d3:be:
         f2:e4:b2:d3:25:2a:a1:9e:b1:72:12:db:dd:61:89:82:ee:a7:
         e2:96:69:35:7f:c2:7f:c8:12:f6:02:de:36:a2:0b:91:dc:16:
         50:08:cb:2d:bf:bb:2a:c6:24:cf:5f:69:d5:63:35:0d:d5:4b:
         cc:33:63:46:0b:b7:a4:08:ca:2e:5b:d1:e0:85:fc:d1:f5:c2:
         24:f0:96:e6:8a:d7:4d:d9:e7:e2:d5:ac:ec:86:1b:ea:52:49:
         96:71:5a:db:a3:da:2e:b1:69:43:51:65:6a:fe:97:d8:69:3c:
         9f:45:ce:dc:a3:2a:65:33:31:93:f1:61:c1:24:19:19:e6:cd:
         7d:b8:d1:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQNOmVmQSCQb2LaUOru3ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjUwODA5MTkwMDQzWhcNMjUwODEwMTkwMDQzWjAzMTEwLwYDVQQD
EyhiNDFmZWZlODc3Mjc4YjVkNGY1MmFmYzBkZGM2NmY4NDdiZjM3NDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusT9oIP1onPXlozhlu1I3qHqz8jz
2vY/7PHFHc+Pa4loVcgHaxVBdzhbF+Gcp0l6S8Hlv7IvRq8ZVAB8Tk7gpoLDm0kb
QgbSZ9ioonnyIDT83OT8RDMXDZcKOxWoV8blKEeoHwyON8YrhyH1iUz+7XrjZHFV
rY0JxPFuLumLGkDAA9FhNMIxtSymBmA/gls03zCrJgRkE2eNcu264Jl7Y6FgF/Cx
Gkul9uQa8m8Go7VDsAGu0eXmZfPFIpXM8J9M2pRd7/gvYMT8hSCbSOZ7VQukI9N6
AdwMn/fRGF/gwv15Du3pNntzdG96urRJ7UjB2K4iwHGZ9cVLru6dkBqJhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQf7+h3J4tdT1KvwN3Gb4R783RLMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwjL4rXA7
OYNzMu8uD5GgpI2TZ5TMds/NOYy/CHnugilqAe043Cw1K0ZxRHiQ2d/s67pZ8nCG
nfPwgurDO2FlDAgEPMGYY5PIz+v/9HEfC9yRCNEp/ORNR+3DDXjWh6i+cTwpHSNk
/9JrRwokrNOtjLx05DLyMG2SJPXs8tO+8uSy0yUqoZ6xchLb3WGJgu6n4pZpNX/C
f8gS9gLeNqILkdwWUAjLLb+7KsYkz19p1WM1DdVLzDNjRgu3pAjKLlvR4IX80fXC
JPCW5orXTdnn4tWs7IYb6lJJlnFa26PaLrFpQ1Flav6X2Gk8n0XO3KMqZTMxk/Fh
wSQZGebNfbjR/w==
-----END CERTIFICATE-----