Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          VyyFpHQhu3cBFjSVB/0AlfhxAQID3BwTwi8LKmJU/i0=
Subject key identifier:   77:3A:55:7D:ED:C3:2F:23:45:1B:38:DC:3E:14:15:F7:9D:A8:1F:82
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019881D5642619912E16AFFF1455E3D4B9BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          0F9A
Signing time:             Thu 07 Aug 2025 00:01:42 +0000
Manifest this update:     Thu 07 Aug 2025 00:01:42 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:42 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: T97AkXUTG8htkKdLLrlK6TJ/oOxKPDWPRMZGb3NiTwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d5:64:26:19:91:2e:16:af:ff:14:55:e3:d4:b9:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Aug  7 00:01:42 2025 GMT
            Not After : Aug  8 00:01:42 2025 GMT
        Subject: CN=773a557dedc32f23451b38dc3e1415f79da81f82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2b:73:9d:96:ec:b6:e4:be:91:2f:7f:6b:c0:
                    74:cd:27:90:cd:8a:51:24:f2:e5:b1:d2:2f:f1:7a:
                    4a:c3:32:db:1e:c3:39:89:3c:29:27:73:77:8f:72:
                    2f:8b:b1:52:22:4f:d6:e4:84:54:2b:18:10:54:83:
                    0c:57:5d:96:81:27:e2:ff:93:92:bc:d4:e6:5a:1e:
                    ef:32:f1:62:5f:6e:50:13:16:4e:aa:c1:90:25:05:
                    16:a2:5d:77:6d:39:cc:a3:82:05:93:80:e1:b3:fd:
                    59:e0:07:8b:93:2d:8e:ff:f6:63:d9:f2:92:85:1a:
                    b8:f5:5c:46:d1:4a:06:b9:57:b3:44:ee:bb:8b:f3:
                    ca:e2:f6:20:29:bf:64:8a:1d:b7:fe:37:67:25:5d:
                    46:3a:d8:b8:14:7b:17:2c:57:93:5a:70:7c:38:2c:
                    74:8c:c8:95:c0:c7:63:f1:5d:2f:c0:ae:31:71:4a:
                    d8:c7:f1:32:98:99:56:d1:be:af:db:6f:20:97:8f:
                    51:37:06:10:9a:8c:ec:be:8b:f7:73:51:cc:d3:a8:
                    4b:04:3e:22:ab:3d:33:2f:6b:c9:0b:25:53:92:0b:
                    72:13:ac:22:06:23:98:87:d4:fa:5a:fd:ca:f1:27:
                    f9:3f:db:2a:a3:44:18:20:e5:56:b2:39:ff:31:03:
                    45:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:3A:55:7D:ED:C3:2F:23:45:1B:38:DC:3E:14:15:F7:9D:A8:1F:82
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:bd:99:84:75:f1:d8:89:b0:0b:24:f8:68:10:b7:ac:80:de:
         63:c1:fa:95:73:1c:11:c8:1e:2a:cc:5f:a9:23:4c:9c:48:69:
         f9:41:b0:f6:f2:f2:1a:3d:05:a7:68:4c:d9:8e:0e:35:46:ca:
         dd:e3:79:8e:cb:4e:02:ec:f3:ec:6f:09:b9:b0:24:4e:72:89:
         e0:a4:11:69:d7:79:18:1c:f9:cc:3d:3d:d2:29:94:26:af:b6:
         61:41:52:15:42:8b:07:bf:c9:f8:af:61:8a:76:93:88:9f:0b:
         e1:14:6e:a0:52:87:d8:57:41:cb:b2:a7:ce:73:fc:57:97:43:
         f0:19:a1:7c:6b:ad:64:f7:20:3a:26:94:47:c7:f7:07:78:c5:
         b0:e6:11:29:c1:a8:b0:7b:4b:99:a3:e7:4e:9d:97:db:ef:ab:
         ab:85:2f:3c:3d:e2:71:d3:10:13:09:2a:aa:c1:c8:b7:75:9b:
         6e:e5:cc:52:31:3d:50:1e:43:26:df:30:2c:f9:1e:96:6c:f5:
         87:ca:e9:7e:28:56:92:f8:11:f2:92:cd:28:21:59:21:af:41:
         60:c2:65:36:b7:41:76:41:c4:bc:6b:5a:73:63:40:6b:99:8a:
         fa:c7:5c:4f:be:81:44:40:0c:e7:94:2b:51:f3:dc:aa:9c:09:
         3a:5b:4a:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1WQmGZEuFq//FFXj1Lm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjUwODA3MDAwMTQyWhcNMjUwODA4MDAwMTQyWjAzMTEwLwYDVQQD
Eyg3NzNhNTU3ZGVkYzMyZjIzNDUxYjM4ZGMzZTE0MTVmNzlkYTgxZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCtznZbstuS+kS9/a8B0zSeQzYpR
JPLlsdIv8XpKwzLbHsM5iTwpJ3N3j3Ivi7FSIk/W5IRUKxgQVIMMV12WgSfi/5OS
vNTmWh7vMvFiX25QExZOqsGQJQUWol13bTnMo4IFk4Dhs/1Z4AeLky2O//Zj2fKS
hRq49VxG0UoGuVezRO67i/PK4vYgKb9kih23/jdnJV1GOti4FHsXLFeTWnB8OCx0
jMiVwMdj8V0vwK4xcUrYx/EymJlW0b6v228gl49RNwYQmozsvov3c1HM06hLBD4i
qz0zL2vJCyVTkgtyE6wiBiOYh9T6Wv3K8Sf5P9sqo0QYIOVWsjn/MQNFkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHc6VX3twy8jRRs43D4UFfedqB+CMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlr2ZhHXx
2ImwCyT4aBC3rIDeY8H6lXMcEcgeKsxfqSNMnEhp+UGw9vLyGj0Fp2hM2Y4ONUbK
3eN5jstOAuzz7G8JubAkTnKJ4KQRadd5GBz5zD090imUJq+2YUFSFUKLB7/J+K9h
inaTiJ8L4RRuoFKH2FdBy7KnznP8V5dD8BmhfGutZPcgOiaUR8f3B3jFsOYRKcGo
sHtLmaPnTp2X2++rq4UvPD3icdMQEwkqqsHIt3WbbuXMUjE9UB5DJt8wLPkelmz1
h8rpfihWkvgR8pLNKCFZIa9BYMJlNrdBdkHEvGtac2NAa5mK+sdcT76BREAM55Qr
UfPcqpwJOltKQA==
-----END CERTIFICATE-----