Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
File:                     j31CCyNDzZHsI_UImoNC6J1tkWU.mft (raw, json)
Hash identifier:          h70WlBT4sO21nv5TfEo5P7y2ZoNe3bgHu8mbCRvvqSg=
Subject key identifier:   C4:65:BC:EB:86:EE:62:71:95:D7:C1:20:90:C5:A8:76:C6:DD:DF:08
Authority key identifier: 8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65
Certificate issuer:       /CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
Certificate serial:       019875D1DDF3AC907ACE29691D7F7FBDDBAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
Manifest number:          0F7E
Signing time:             Mon 04 Aug 2025 16:02:24 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:24 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:24 +0000
Files and hashes:         1: j31CCyNDzZHsI_UImoNC6J1tkWU.crl (hash: obfgjTUyTYER8UY4Ol7b+AtsaNPrwBn7dQogIL01aWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d1:dd:f3:ac:90:7a:ce:29:69:1d:7f:7f:bd:db:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
        Validity
            Not Before: Aug  4 16:02:24 2025 GMT
            Not After : Aug  5 16:02:24 2025 GMT
        Subject: CN=c465bceb86ee627195d7c12090c5a876c6dddf08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:92:b6:4c:1f:94:78:b1:60:4e:ad:ca:21:31:
                    cf:2d:35:12:c0:4d:a0:22:0d:3f:40:f7:bf:e6:4c:
                    59:11:23:46:14:52:1a:a8:d5:78:6b:da:72:96:27:
                    36:cd:5e:cc:04:21:f6:7e:48:7b:8a:14:c4:9b:a1:
                    06:ec:09:48:c6:28:30:d0:6c:9e:ce:4b:2f:3a:85:
                    fc:6c:a4:fc:7c:3e:cb:81:3d:6b:5c:66:3c:d9:26:
                    6c:0e:7c:bb:32:68:7f:67:d6:17:d5:23:6e:ff:3a:
                    e1:15:aa:ae:a2:b9:11:db:6d:4c:e7:94:57:aa:2f:
                    75:88:72:77:7f:e4:4c:40:f6:df:fb:09:d4:71:0b:
                    80:bf:a8:3d:1f:22:66:e8:e0:88:26:13:ef:b0:77:
                    1b:c2:74:f1:1c:e4:a5:58:46:08:68:f6:77:9f:fd:
                    f9:60:6c:8d:1a:ca:31:8a:3e:0d:1e:24:dc:ef:df:
                    73:6f:5b:eb:06:5b:05:41:98:38:4e:50:6e:12:7b:
                    67:6f:ff:e8:6b:2a:e3:df:c5:c3:88:cf:7c:9c:a3:
                    a7:c8:91:1b:9c:00:0c:8a:39:89:01:e3:bd:49:f8:
                    5b:3d:0f:06:8a:2c:34:db:37:28:ab:d5:3f:0f:3c:
                    ec:3f:b9:1e:75:f1:53:1b:ab:a6:04:f7:4d:dd:8b:
                    44:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:65:BC:EB:86:EE:62:71:95:D7:C1:20:90:C5:A8:76:C6:DD:DF:08
            X509v3 Authority Key Identifier:
                keyid:8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:89:da:1f:63:b4:b5:fa:35:0b:20:44:13:32:3f:93:12:c7:
         18:28:7b:d4:62:cc:80:af:e1:fc:0d:77:ec:10:84:e4:c3:e0:
         2e:4b:85:b1:d5:fe:53:61:48:1c:4d:c6:b7:c4:69:77:88:d8:
         fd:7a:a2:77:5d:f0:2a:3d:2c:48:51:73:b7:c1:30:4a:df:3b:
         95:bd:85:f2:c2:96:28:b1:1f:60:00:5a:06:b7:5a:d0:36:92:
         2c:1f:c7:99:e4:c7:d3:f9:78:ee:4f:1f:f7:ae:76:7f:f3:32:
         a0:05:99:37:55:58:6f:b8:0c:f9:b5:62:89:03:07:2b:66:2c:
         15:23:b2:d8:ac:d5:68:44:54:d0:20:44:00:e8:30:4e:a0:26:
         8d:78:21:12:d3:50:f0:e7:14:65:25:e0:a8:04:67:11:d3:99:
         f6:64:d3:88:25:a1:2c:58:b8:89:3e:14:3b:ed:f4:5b:62:98:
         30:66:b1:3f:f1:c1:1c:e3:13:37:47:5b:6a:af:30:dd:c6:1b:
         54:d7:55:97:f7:6a:ad:25:cd:10:13:52:81:6a:c2:2c:5f:b8:
         83:8e:22:16:d3:20:48:3f:40:ae:52:96:e0:93:98:29:c8:7a:
         1e:2a:16:2c:84:10:5d:66:52:b6:88:ad:bd:17:c1:9a:1c:0a:
         b1:30:48:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10d3zrJB6zilpHX9/vduqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q0MjBiMjM0M2NkOTFlYzIzZjUwODlhODM0MmU4OWQ2
ZDkxNjUwHhcNMjUwODA0MTYwMjI0WhcNMjUwODA1MTYwMjI0WjAzMTEwLwYDVQQD
EyhjNDY1YmNlYjg2ZWU2MjcxOTVkN2MxMjA5MGM1YTg3NmM2ZGRkZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppK2TB+UeLFgTq3KITHPLTUSwE2g
Ig0/QPe/5kxZESNGFFIaqNV4a9pylic2zV7MBCH2fkh7ihTEm6EG7AlIxigw0Gye
zksvOoX8bKT8fD7LgT1rXGY82SZsDny7Mmh/Z9YX1SNu/zrhFaquorkR221M55RX
qi91iHJ3f+RMQPbf+wnUcQuAv6g9HyJm6OCIJhPvsHcbwnTxHOSlWEYIaPZ3n/35
YGyNGsoxij4NHiTc799zb1vrBlsFQZg4TlBuEntnb//oayrj38XDiM98nKOnyJEb
nAAMijmJAeO9SfhbPQ8Giiw02zcoq9U/DzzsP7kedfFTG6umBPdN3YtE1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRlvOuG7mJxldfBIJDFqHbG3d8IMB8GA1UdIwQY
MBaAFI99QgsjQ82R7CP1CJqDQuidbZFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEt
YzVlMTcyMmEwYzY4LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEtYzVlMTcyMmEwYzY4
LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALInaH2O0
tfo1CyBEEzI/kxLHGCh71GLMgK/h/A137BCE5MPgLkuFsdX+U2FIHE3Gt8Rpd4jY
/Xqid13wKj0sSFFzt8EwSt87lb2F8sKWKLEfYABaBrda0DaSLB/HmeTH0/l47k8f
9652f/MyoAWZN1VYb7gM+bViiQMHK2YsFSOy2KzVaERU0CBEAOgwTqAmjXghEtNQ
8OcUZSXgqARnEdOZ9mTTiCWhLFi4iT4UO+30W2KYMGaxP/HBHOMTN0dbaq8w3cYb
VNdVl/dqrSXNEBNSgWrCLF+4g44iFtMgSD9ArlKW4JOYKch6HioWLIQQXWZStoit
vRfBmhwKsTBIWQ==
-----END CERTIFICATE-----