Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          SfIAcUH8gJhEFRATIGMOR2uOYab6vo0dJJEzxB63VbI=
Subject key identifier:   6D:CD:28:C4:EC:15:D0:F6:B4:F4:CF:08:8E:BA:A7:8A:CA:27:65:CD
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       01988B108CADB258BEAE5B24759DD1CBD44C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          10EC
Signing time:             Fri 08 Aug 2025 19:02:54 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:54 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:54 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: lGlZXmXDczFlcY7WBeotLP2GdAAmSsB/i/dY7bGpm2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:8c:ad:b2:58:be:ae:5b:24:75:9d:d1:cb:d4:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Aug  8 19:02:54 2025 GMT
            Not After : Aug  9 19:02:54 2025 GMT
        Subject: CN=6dcd28c4ec15d0f6b4f4cf088ebaa78aca2765cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c1:78:f6:e8:f3:de:4b:6c:7a:2f:d1:26:19:
                    ee:49:80:cb:ec:81:7b:c8:48:d3:19:eb:e6:29:f6:
                    92:fb:3b:9f:47:38:50:e4:ac:f8:e6:57:fc:5e:1a:
                    fe:0b:7c:1b:44:de:f5:ed:d2:dd:00:c4:9e:92:87:
                    2e:92:0c:7f:b0:ff:63:6a:82:94:f0:a8:72:61:94:
                    e5:25:da:84:ea:92:24:0d:bb:6a:d9:82:30:49:59:
                    a9:e7:6e:92:53:6e:54:2a:3a:4a:1c:eb:84:64:02:
                    a9:1c:93:ba:b5:d6:f2:57:35:38:aa:4e:ed:a9:cc:
                    93:da:d8:d0:5f:84:ac:0d:f0:d6:6c:30:de:94:9b:
                    fa:f2:8f:c7:5a:35:cd:c5:9a:48:ce:cf:f4:91:a2:
                    43:ac:ed:66:7b:3f:6d:a4:1e:74:84:23:d7:c5:5c:
                    75:6f:1e:ff:e0:ce:f0:b9:ac:46:31:c2:92:83:1d:
                    47:92:76:77:fd:75:1a:86:8b:84:f8:44:fd:d3:81:
                    6d:dc:94:b1:1b:d7:b8:4e:b6:63:ac:1d:c6:21:52:
                    eb:3a:60:0c:9c:3c:3b:e2:10:45:22:07:44:5a:77:
                    ef:00:83:a8:1e:00:d9:f4:58:32:e7:cc:22:07:92:
                    37:e1:e0:1c:bb:45:8c:6f:03:96:0d:3b:29:8e:9f:
                    fe:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:CD:28:C4:EC:15:D0:F6:B4:F4:CF:08:8E:BA:A7:8A:CA:27:65:CD
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:5b:2b:dc:34:dd:d6:59:0c:ac:3b:41:ac:cf:cb:ea:28:ca:
         6f:97:5d:d4:d0:ce:fc:ef:f7:b8:5b:e9:47:96:4e:0d:35:e9:
         a4:ab:9d:e5:c6:fe:8a:9b:d3:34:11:4f:de:60:5a:75:e8:57:
         4a:cd:a9:dd:bd:ef:6e:4c:3d:0f:9f:e9:2f:b9:ee:4d:78:31:
         7e:08:89:06:99:eb:1c:b2:62:10:05:e6:52:37:88:f8:05:d8:
         76:01:28:b7:5d:b5:60:f0:53:73:2d:db:ac:c9:01:b7:77:da:
         9b:27:3f:a8:dd:b2:ed:42:36:d7:ed:b7:27:aa:5d:c7:34:fc:
         9f:f0:dc:09:6a:a7:61:e7:e7:75:89:26:b2:63:fc:dd:d9:10:
         cb:f2:af:28:ad:20:50:30:6e:9b:8c:78:e1:5c:15:33:e2:2f:
         70:34:2d:97:78:a5:65:66:2f:84:04:ae:5a:64:50:ca:c9:07:
         aa:a4:18:f6:b1:e2:1d:9f:85:b1:74:1e:38:2c:da:1a:94:4a:
         96:c3:8a:fe:ee:74:4f:bf:77:0d:c2:56:bf:ee:b0:f3:d8:89:
         d0:71:5c:ff:0c:a6:f0:84:e1:2c:4c:9a:ce:8a:90:54:92:22:
         54:dc:b4:94:cd:00:23:cc:38:55:2b:25:1c:a7:8c:89:d8:78:
         78:1e:78:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEIytsli+rlskdZ3Ry9RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUwODA4MTkwMjU0WhcNMjUwODA5MTkwMjU0WjAzMTEwLwYDVQQD
Eyg2ZGNkMjhjNGVjMTVkMGY2YjRmNGNmMDg4ZWJhYTc4YWNhMjc2NWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMF49ujz3ktsei/RJhnuSYDL7IF7
yEjTGevmKfaS+zufRzhQ5Kz45lf8Xhr+C3wbRN717dLdAMSekocukgx/sP9jaoKU
8KhyYZTlJdqE6pIkDbtq2YIwSVmp526SU25UKjpKHOuEZAKpHJO6tdbyVzU4qk7t
qcyT2tjQX4SsDfDWbDDelJv68o/HWjXNxZpIzs/0kaJDrO1mez9tpB50hCPXxVx1
bx7/4M7wuaxGMcKSgx1HknZ3/XUahouE+ET904Ft3JSxG9e4TrZjrB3GIVLrOmAM
nDw74hBFIgdEWnfvAIOoHgDZ9Fgy58wiB5I34eAcu0WMbwOWDTspjp/+iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3NKMTsFdD2tPTPCI66p4rKJ2XNMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFsr3DTd
1lkMrDtBrM/L6ijKb5dd1NDO/O/3uFvpR5ZODTXppKud5cb+ipvTNBFP3mBadehX
Ss2p3b3vbkw9D5/pL7nuTXgxfgiJBpnrHLJiEAXmUjeI+AXYdgEot121YPBTcy3b
rMkBt3famyc/qN2y7UI21+23J6pdxzT8n/DcCWqnYefndYkmsmP83dkQy/KvKK0g
UDBum4x44VwVM+IvcDQtl3ilZWYvhASuWmRQyskHqqQY9rHiHZ+FsXQeOCzaGpRK
lsOK/u50T793DcJWv+6w89iJ0HFc/wym8IThLEyazoqQVJIiVNy0lM0AI8w4VSsl
HKeMidh4eB54pA==
-----END CERTIFICATE-----