Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          uXNK4Jz9xz9xSKGdHUhBuHiZN6USNtC6s55nEj8Qm8Y=
Subject key identifier:   7A:29:E0:5C:63:94:5E:67:52:FB:29:B1:14:AC:B6:22:D3:17:43:46
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       0198936D68682CB7E38BAF3E642392060042
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0834
Signing time:             Sun 10 Aug 2025 10:01:17 +0000
Manifest this update:     Sun 10 Aug 2025 10:01:17 +0000
Manifest next update:     Mon 11 Aug 2025 10:01:17 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: MQ6B/TTzRG3OFf9204HoFe+shTjHyl26j1FMcgwaGKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 10:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:6d:68:68:2c:b7:e3:8b:af:3e:64:23:92:06:00:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Aug 10 10:01:17 2025 GMT
            Not After : Aug 11 10:01:17 2025 GMT
        Subject: CN=7a29e05c63945e6752fb29b114acb622d3174346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:00:c6:be:4b:8c:43:77:4d:1e:c1:1d:a8:b0:
                    8f:11:02:dd:dc:58:c8:50:2b:96:e6:86:f4:4f:87:
                    82:0e:13:34:dd:f2:aa:15:06:ce:c5:2b:b6:5e:7a:
                    5b:bc:9b:2d:37:67:09:ef:94:96:d2:2a:ed:f4:b9:
                    c4:d0:86:35:f6:04:57:2f:8f:d9:1c:6f:71:bc:3d:
                    0d:5c:1b:96:2d:96:b4:1b:d0:da:fd:82:39:39:ba:
                    ca:b0:44:32:24:b7:63:3e:ae:f7:57:09:94:f3:8b:
                    69:f0:d8:5a:1e:fd:9a:68:89:b6:a2:79:d7:0c:c5:
                    a6:5c:31:5b:9a:46:ef:e4:44:6e:87:9d:37:2a:5b:
                    8e:c3:05:39:5c:23:26:ce:1d:88:a0:0b:22:58:a6:
                    38:30:a1:06:19:c5:9b:00:56:d4:45:de:e5:a7:b9:
                    bd:e3:17:ca:f5:ca:90:e4:39:d4:56:f3:6b:00:76:
                    74:f8:f3:f2:6d:74:4f:bd:4b:79:a0:7c:e9:09:9e:
                    92:92:8b:15:84:93:0a:dd:74:d2:ce:b4:ab:a2:84:
                    ca:9a:3b:14:fb:1e:92:ae:d1:89:7e:3e:91:88:63:
                    08:b8:7b:58:c6:1d:83:e3:25:e3:b3:83:b9:bb:e0:
                    dd:11:61:5b:28:43:1d:4a:62:37:8c:37:4e:2f:d1:
                    11:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:29:E0:5C:63:94:5E:67:52:FB:29:B1:14:AC:B6:22:D3:17:43:46
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:48:1a:0f:0c:84:3e:dd:d4:49:36:8c:d6:c2:81:c0:e8:f2:
         86:75:87:ef:19:36:c5:bc:b9:e2:b2:13:95:b8:c0:e3:98:50:
         de:5c:79:c3:71:b9:b2:ee:08:d5:ee:38:d5:7d:c2:cb:24:d6:
         3c:de:8c:f6:47:e6:93:50:fa:73:9f:2a:08:60:f4:6f:bd:0c:
         71:29:d8:24:01:b6:d3:0c:26:ac:c9:d4:9a:04:57:38:c0:4d:
         97:c1:9c:d5:e0:5f:5a:fa:b2:7e:c3:5a:58:59:66:17:40:73:
         ce:81:dc:99:86:5c:36:ff:4d:64:28:d7:3f:34:7b:c6:ae:a0:
         27:15:f0:64:7b:f0:5e:92:2a:71:64:7e:1e:e3:0e:0a:0d:5d:
         bf:c8:e3:c3:47:ad:0a:b9:0c:ba:b2:6f:47:e8:fd:e7:be:bd:
         cf:76:43:85:e5:5c:81:4d:37:42:18:99:3e:21:f6:2e:a6:b0:
         fb:14:b7:b2:c3:f2:8a:ea:1c:21:c0:70:d5:ba:03:5e:24:27:
         b6:2c:5a:56:35:07:3b:b9:20:41:76:95:c1:76:fd:cb:34:e6:
         e5:4f:69:3a:e9:50:7f:16:26:92:f6:e8:38:e2:bf:1c:35:bd:
         bf:71:b6:80:45:c3:c5:1e:c0:f2:b9:5b:b3:7d:a3:84:62:98:
         97:3c:61:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTbWhoLLfji68+ZCOSBgBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjUwODEwMTAwMTE3WhcNMjUwODExMTAwMTE3WjAzMTEwLwYDVQQD
Eyg3YTI5ZTA1YzYzOTQ1ZTY3NTJmYjI5YjExNGFjYjYyMmQzMTc0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQDGvkuMQ3dNHsEdqLCPEQLd3FjI
UCuW5ob0T4eCDhM03fKqFQbOxSu2XnpbvJstN2cJ75SW0irt9LnE0IY19gRXL4/Z
HG9xvD0NXBuWLZa0G9Da/YI5ObrKsEQyJLdjPq73VwmU84tp8NhaHv2aaIm2onnX
DMWmXDFbmkbv5ERuh503KluOwwU5XCMmzh2IoAsiWKY4MKEGGcWbAFbURd7lp7m9
4xfK9cqQ5DnUVvNrAHZ0+PPybXRPvUt5oHzpCZ6SkosVhJMK3XTSzrSrooTKmjsU
+x6SrtGJfj6RiGMIuHtYxh2D4yXjs4O5u+DdEWFbKEMdSmI3jDdOL9ERwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHop4FxjlF5nUvspsRSstiLTF0NGMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEgaDwyE
Pt3USTaM1sKBwOjyhnWH7xk2xby54rITlbjA45hQ3lx5w3G5su4I1e441X3CyyTW
PN6M9kfmk1D6c58qCGD0b70McSnYJAG20wwmrMnUmgRXOMBNl8Gc1eBfWvqyfsNa
WFlmF0BzzoHcmYZcNv9NZCjXPzR7xq6gJxXwZHvwXpIqcWR+HuMOCg1dv8jjw0et
CrkMurJvR+j95769z3ZDheVcgU03QhiZPiH2Lqaw+xS3ssPyiuocIcBw1boDXiQn
tixaVjUHO7kgQXaVwXb9yzTm5U9pOulQfxYmkvboOOK/HDW9v3G2gEXDxR7A8rlb
s32jhGKYlzxhvg==
-----END CERTIFICATE-----