Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          UY03EI1rdiqx3wq+UUW9adZPJM2zEItQDeN/DVV1TOk=
Subject key identifier:   02:DD:44:02:B4:81:41:59:1B:34:A2:9C:E2:18:57:A8:70:C8:63:66
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       01988BEA5126A86D78517DF8693076BB20CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          033B
Signing time:             Fri 08 Aug 2025 23:00:45 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:45 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:45 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: OD49Rmc2sJnWeUgqLdfsAIrlCNFABDAUerJa7Ou3caU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:51:26:a8:6d:78:51:7d:f8:69:30:76:bb:20:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Aug  8 23:00:45 2025 GMT
            Not After : Aug  9 23:00:45 2025 GMT
        Subject: CN=02dd4402b48141591b34a29ce21857a870c86366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:84:a7:75:e0:70:3f:7e:b8:56:71:fe:da:89:
                    51:7c:87:49:5f:50:42:fd:8b:d8:03:8e:11:0f:3d:
                    ca:9a:29:09:66:80:93:3a:48:b5:3a:0a:8e:bc:d6:
                    d3:81:c7:b3:9c:8c:3c:ce:21:91:ca:e7:0d:a6:07:
                    a7:f0:54:81:19:4e:a6:23:fb:f9:81:bf:99:6e:d0:
                    3b:0a:67:61:f3:58:36:a9:f7:82:01:32:d5:ce:2e:
                    74:11:8c:56:87:e8:27:12:17:96:b9:e2:30:85:18:
                    24:2d:1c:96:09:d7:13:f7:46:c0:8d:a5:c3:61:d4:
                    cd:f4:06:23:57:0f:01:a4:0f:67:05:8e:37:da:2d:
                    60:61:a2:68:d4:24:c4:bf:18:a2:ba:00:a5:07:60:
                    7e:00:ba:12:2e:c7:79:bb:ab:f6:a0:3d:ee:e6:ad:
                    8e:bf:fd:2f:ef:6a:f9:e4:84:54:95:86:ad:b8:9c:
                    c3:b7:9f:0e:5a:a5:d0:a4:c2:58:13:82:49:ff:12:
                    d7:30:43:04:2c:52:45:64:44:54:4d:d7:fe:c2:cd:
                    0d:11:67:46:0e:f9:21:b2:e0:cd:2c:37:36:86:31:
                    60:70:4a:75:a3:ff:ad:26:ef:a9:c3:28:2a:cf:8f:
                    30:af:ce:dd:6c:15:6a:f3:dc:59:1d:7a:9d:e5:6d:
                    9a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:DD:44:02:B4:81:41:59:1B:34:A2:9C:E2:18:57:A8:70:C8:63:66
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:f1:91:7e:aa:52:7c:be:ac:41:1b:4d:52:d9:c2:d9:aa:a6:
         f8:37:53:61:d2:09:ac:bc:83:0a:35:e0:d6:c0:21:42:17:b4:
         2b:21:10:88:00:08:1a:0a:bd:11:68:bd:ed:97:87:bd:a5:d1:
         79:fa:e3:64:2b:70:70:c3:de:4f:06:e0:f8:1f:15:49:57:29:
         81:96:ab:d9:9b:7f:86:40:9d:8c:7e:dd:22:12:38:6b:9e:57:
         15:17:1c:c9:d1:0d:d7:61:8e:2a:6b:0e:03:cd:f5:1f:b8:ef:
         5d:b7:35:54:45:ff:d6:be:5a:f4:42:5a:4e:17:da:5a:db:70:
         9c:c4:8f:10:93:84:fc:c0:9c:a5:64:18:68:4f:a0:55:b9:fd:
         78:30:6e:7c:9a:2e:2b:87:ac:c3:0e:9f:d1:43:16:15:ac:0d:
         93:6f:1a:01:af:3e:dc:6f:e1:a5:c7:ad:2d:3b:00:8f:ac:c3:
         da:4c:a6:cb:66:48:ad:d3:02:c0:b0:15:b0:8b:54:59:ff:a4:
         f8:c0:ee:47:a5:e2:d8:9a:a8:b1:02:ab:0f:6b:4c:d6:81:59:
         eb:73:cc:41:57:01:26:9b:37:09:89:f5:ad:df:3a:32:7c:89:
         97:c5:36:08:e2:20:3c:09:da:cd:b6:cf:43:f5:73:90:b3:92:
         4c:14:4f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6lEmqG14UX34aTB2uyDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwODA4MjMwMDQ1WhcNMjUwODA5MjMwMDQ1WjAzMTEwLwYDVQQD
EygwMmRkNDQwMmI0ODE0MTU5MWIzNGEyOWNlMjE4NTdhODcwYzg2MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoSndeBwP364VnH+2olRfIdJX1BC
/YvYA44RDz3KmikJZoCTOki1OgqOvNbTgceznIw8ziGRyucNpgen8FSBGU6mI/v5
gb+ZbtA7Cmdh81g2qfeCATLVzi50EYxWh+gnEheWueIwhRgkLRyWCdcT90bAjaXD
YdTN9AYjVw8BpA9nBY432i1gYaJo1CTEvxiiugClB2B+ALoSLsd5u6v2oD3u5q2O
v/0v72r55IRUlYatuJzDt58OWqXQpMJYE4JJ/xLXMEMELFJFZERUTdf+ws0NEWdG
DvkhsuDNLDc2hjFgcEp1o/+tJu+pwygqz48wr87dbBVq89xZHXqd5W2aMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALdRAK0gUFZGzSinOIYV6hwyGNmMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABfGRfqpS
fL6sQRtNUtnC2aqm+DdTYdIJrLyDCjXg1sAhQhe0KyEQiAAIGgq9EWi97ZeHvaXR
efrjZCtwcMPeTwbg+B8VSVcpgZar2Zt/hkCdjH7dIhI4a55XFRccydEN12GOKmsO
A831H7jvXbc1VEX/1r5a9EJaThfaWttwnMSPEJOE/MCcpWQYaE+gVbn9eDBufJou
K4esww6f0UMWFawNk28aAa8+3G/hpcetLTsAj6zD2kymy2ZIrdMCwLAVsItUWf+k
+MDuR6Xi2JqosQKrD2tM1oFZ63PMQVcBJps3CYn1rd86MnyJl8U2COIgPAnazbbP
Q/VzkLOSTBRPww==
-----END CERTIFICATE-----