Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
File:                     j39d3CK0NKz6QNZ-5QsEKQxw27M.mft (raw, json)
Hash identifier:          j/0cJ7xZCLiZH1PghwvxzcWvTWzj13qwaB+bfZp1MAI=
Subject key identifier:   B8:21:EB:55:29:A5:09:B6:7C:FC:70:1A:CB:CD:0D:1F:44:5F:9E:89
Authority key identifier: 8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3
Certificate issuer:       /CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
Certificate serial:       01989E5F76F28A0A9A9665257606C2947D15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
Manifest number:          07C3
Signing time:             Tue 12 Aug 2025 13:01:53 +0000
Manifest this update:     Tue 12 Aug 2025 13:01:53 +0000
Manifest next update:     Wed 13 Aug 2025 13:01:53 +0000
Files and hashes:         1: j39d3CK0NKz6QNZ-5QsEKQxw27M.crl (hash: 0Aeqs2Jf0JKCC8sJn+oBQYddO3AQAOR/Le01Xj8i4tE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:5f:76:f2:8a:0a:9a:96:65:25:76:06:c2:94:7d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
        Validity
            Not Before: Aug 12 13:01:53 2025 GMT
            Not After : Aug 13 13:01:53 2025 GMT
        Subject: CN=b821eb5529a509b67cfc701acbcd0d1f445f9e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:68:87:43:d7:3c:de:6f:c1:07:e6:df:d6:74:
                    9a:6b:27:eb:c8:d1:b7:8b:3f:6c:f9:31:46:31:15:
                    ee:b8:44:9d:37:9f:20:cc:51:af:a0:c5:e8:c9:e4:
                    70:91:e8:2c:81:10:fc:ce:cd:55:44:17:ef:ce:fa:
                    96:89:50:ac:94:ff:88:2b:bc:6a:76:31:95:0c:df:
                    86:8a:a9:da:a3:04:70:86:26:08:d7:cb:23:07:a7:
                    e3:4d:2e:d1:13:6e:f7:3c:a5:0a:4d:57:2f:64:9f:
                    a9:04:b5:4a:a4:2d:7d:01:3d:34:f7:88:42:f7:dc:
                    45:ef:6f:bf:ea:87:a6:0b:02:aa:39:91:df:e0:e5:
                    16:ef:96:6e:a0:9a:8b:7f:11:7e:50:9e:85:25:d6:
                    dc:21:6c:7c:a0:5e:f9:6b:e8:a2:31:ec:b4:8e:ea:
                    be:69:c5:a7:78:1f:d2:c4:df:c8:a0:43:4f:db:2a:
                    4e:74:41:2a:1b:6d:40:4b:26:cd:ca:2b:f9:fa:3d:
                    1f:4e:4e:90:84:7c:a1:1d:72:2d:e8:55:a1:bc:72:
                    05:cc:7a:3e:68:5a:f6:8e:21:3f:ee:26:2f:f8:19:
                    b4:64:01:fc:76:2e:ba:ec:e7:1f:8e:fa:1d:04:86:
                    d6:d4:88:b5:61:33:cd:fb:37:1c:d0:39:7e:75:19:
                    20:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:21:EB:55:29:A5:09:B6:7C:FC:70:1A:CB:CD:0D:1F:44:5F:9E:89
            X509v3 Authority Key Identifier:
                keyid:8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:e9:20:45:ca:d3:97:f0:98:c8:d7:12:87:e3:6e:c0:4e:e7:
         91:cc:73:0f:b1:70:f4:5a:d9:68:97:4d:d8:1e:0b:2a:0f:5a:
         3a:b5:57:e5:75:7f:a4:18:d5:6b:39:08:23:d1:b6:96:1c:31:
         21:c8:0c:51:fe:94:d4:7a:fb:94:1c:3f:50:1a:79:2a:ca:50:
         1b:ff:f9:11:a4:c1:e7:8d:cb:90:8d:75:95:d9:ed:24:f9:26:
         f4:69:ec:dd:0c:b5:d4:1b:88:12:f6:83:c2:18:10:f8:ac:1d:
         bf:ab:48:30:a6:f9:01:d0:ff:15:2a:4b:58:a5:7f:6b:fe:43:
         07:05:f3:ce:bf:c8:fc:c3:7e:45:f3:4b:b3:3e:83:49:5a:13:
         5b:33:60:91:60:5e:85:54:25:10:7c:ff:85:04:f5:ca:e3:30:
         cb:df:2c:c0:09:5f:0e:1a:c1:09:1f:64:e8:c5:73:70:b3:f8:
         7c:69:fc:1f:29:33:b6:c0:93:48:71:52:2c:71:40:e5:6e:35:
         1b:43:84:6c:b5:26:a1:3d:57:47:2d:1c:aa:df:18:2d:60:99:
         73:40:df:d9:8a:af:c6:5f:07:f6:0c:14:f2:ea:3c:47:c0:90:
         e4:48:f6:2e:7b:4e:78:17:8b:71:c3:61:0b:55:d1:90:6e:e4:
         da:09:38:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZieX3byigqalmUldgbClH0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Y1ZGRjMjJiNDM0YWNmYTQwZDY3ZWU1MGIwNDI5MGM3
MGRiYjMwHhcNMjUwODEyMTMwMTUzWhcNMjUwODEzMTMwMTUzWjAzMTEwLwYDVQQD
EyhiODIxZWI1NTI5YTUwOWI2N2NmYzcwMWFjYmNkMGQxZjQ0NWY5ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomiHQ9c83m/BB+bf1nSaayfryNG3
iz9s+TFGMRXuuESdN58gzFGvoMXoyeRwkegsgRD8zs1VRBfvzvqWiVCslP+IK7xq
djGVDN+GiqnaowRwhiYI18sjB6fjTS7RE273PKUKTVcvZJ+pBLVKpC19AT0094hC
99xF72+/6oemCwKqOZHf4OUW75ZuoJqLfxF+UJ6FJdbcIWx8oF75a+iiMey0juq+
acWneB/SxN/IoENP2ypOdEEqG21ASybNyiv5+j0fTk6QhHyhHXIt6FWhvHIFzHo+
aFr2jiE/7iYv+Bm0ZAH8di667OcfjvodBIbW1Ii1YTPN+zcc0Dl+dRkggwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgh61UppQm2fPxwGsvNDR9EX56JMB8GA1UdIwQY
MBaAFI9/XdwitDSs+kDWfuULBCkMcNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzkt
MzJkYWM0YjE0MGVkLzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzktMzJkYWM0YjE0MGVk
LzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOkgRcrT
l/CYyNcSh+NuwE7nkcxzD7Fw9FrZaJdN2B4LKg9aOrVX5XV/pBjVazkII9G2lhwx
IcgMUf6U1Hr7lBw/UBp5KspQG//5EaTB543LkI11ldntJPkm9Gns3Qy11BuIEvaD
whgQ+Kwdv6tIMKb5AdD/FSpLWKV/a/5DBwXzzr/I/MN+RfNLsz6DSVoTWzNgkWBe
hVQlEHz/hQT1yuMwy98swAlfDhrBCR9k6MVzcLP4fGn8HykztsCTSHFSLHFA5W41
G0OEbLUmoT1XRy0cqt8YLWCZc0Df2Yqvxl8H9gwU8uo8R8CQ5Ej2LntOeBeLccNh
C1XRkG7k2gk4vg==
-----END CERTIFICATE-----