Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
File:                     mD8bE53ySgXC5SVgUrAhJRfkc1E.mft (raw, json)
Hash identifier:          IH3dBh73PZd3xei+HqYhM+euSaYayzfid8YJpyhZf1Y=
Subject key identifier:   4F:D6:6A:4C:7F:CF:BA:5F:E9:7A:FF:01:80:9A:C4:98:1A:9A:4B:4E
Authority key identifier: 98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51
Certificate issuer:       /CN=983f1b139df24a05c2e5256052b0212517e47351
Certificate serial:       019897EE56383C0071D34D983E27900D7C19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
Manifest number:          022B
Signing time:             Mon 11 Aug 2025 07:00:35 +0000
Manifest this update:     Mon 11 Aug 2025 07:00:35 +0000
Manifest next update:     Tue 12 Aug 2025 07:00:35 +0000
Files and hashes:         1: mD8bE53ySgXC5SVgUrAhJRfkc1E.crl (hash: r70OGztTKvEsAej1SwO98Y1XBLeWHaeVSg32CvGhpFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:ee:56:38:3c:00:71:d3:4d:98:3e:27:90:0d:7c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=983f1b139df24a05c2e5256052b0212517e47351
        Validity
            Not Before: Aug 11 07:00:35 2025 GMT
            Not After : Aug 12 07:00:35 2025 GMT
        Subject: CN=4fd66a4c7fcfba5fe97aff01809ac4981a9a4b4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:cc:ed:14:90:66:25:ad:ab:4d:9b:45:bd:92:
                    05:cf:4e:6c:0f:b6:c4:1a:74:07:14:87:9a:ce:2b:
                    33:a4:f2:a1:33:70:a0:d9:af:03:57:d7:e9:99:1e:
                    c4:06:92:27:a1:19:26:11:78:5b:c5:6e:78:3a:4c:
                    65:05:e2:0a:fa:93:d1:4f:1b:00:7e:1f:f6:75:b1:
                    c5:d4:35:28:e5:d4:9c:aa:ec:da:ef:f1:ec:c3:fc:
                    5a:45:9c:c7:8c:34:f5:0e:17:d3:ce:19:2c:a3:81:
                    80:67:74:73:b5:8f:86:23:e1:69:5b:b6:5c:e1:2d:
                    06:4d:b4:b1:34:88:e2:c2:17:52:d5:f1:27:70:41:
                    8f:77:89:08:57:03:28:05:02:24:c6:77:6e:e3:b1:
                    76:ec:01:83:0f:a5:29:df:21:16:a0:58:5c:7e:8f:
                    d9:79:d9:4c:61:be:69:ac:3d:26:3b:97:cc:e8:1e:
                    da:3e:69:01:57:df:3c:ab:a0:9c:9b:aa:66:55:fc:
                    70:be:f5:3e:90:97:53:ce:95:d6:f4:89:09:00:41:
                    4c:81:27:6e:bc:68:04:d5:89:93:54:4f:98:f5:ee:
                    81:7c:f1:34:b6:0b:d5:c1:8b:77:b1:18:14:75:08:
                    92:da:8f:a4:f4:9f:8a:cc:4b:01:74:59:2b:fb:c9:
                    ac:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:D6:6A:4C:7F:CF:BA:5F:E9:7A:FF:01:80:9A:C4:98:1A:9A:4B:4E
            X509v3 Authority Key Identifier:
                keyid:98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:57:ee:2a:82:6b:40:e8:fd:bc:62:b3:30:a0:38:23:3f:d2:
         6a:8e:2d:3b:1a:82:de:f1:0b:02:66:23:d4:49:5d:91:57:03:
         bd:5e:01:f4:db:c0:9e:34:25:34:a5:4a:60:69:f7:fd:09:db:
         5c:2d:62:03:28:f9:3e:51:1a:28:ea:36:fb:2b:22:08:94:3c:
         9c:c4:aa:f0:f8:c2:d3:c2:a5:3e:3a:60:af:d3:a1:9a:90:62:
         33:36:d1:02:af:7c:3f:ac:73:6c:3c:74:d4:76:6a:53:21:01:
         94:49:c6:6c:03:54:dd:bc:d4:5e:94:21:e6:ce:7e:7a:cc:f5:
         13:aa:b3:08:47:50:c8:96:6d:05:2e:dc:f3:89:54:a0:12:17:
         d6:85:d8:b7:29:04:1a:17:ac:cb:81:75:c5:df:16:eb:f7:21:
         8d:a0:17:1d:d9:16:bd:17:54:fc:1b:2e:20:d9:ca:c9:f6:0d:
         b7:c1:55:35:76:f8:ce:a7:d5:c9:1e:3e:53:69:08:93:56:e1:
         af:48:c8:b6:12:8d:8c:b0:09:8c:bf:98:bd:83:28:06:0a:b9:
         89:43:d8:fd:bc:5a:49:ed:ce:ed:83:fd:a4:fd:e1:38:48:4c:
         43:24:b4:23:48:fa:1e:2a:67:62:01:26:7f:62:77:1a:93:3d:
         51:36:af:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiX7lY4PABx002YPieQDXwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4M2YxYjEzOWRmMjRhMDVjMmU1MjU2MDUyYjAyMTI1MTdl
NDczNTEwHhcNMjUwODExMDcwMDM1WhcNMjUwODEyMDcwMDM1WjAzMTEwLwYDVQQD
Eyg0ZmQ2NmE0YzdmY2ZiYTVmZTk3YWZmMDE4MDlhYzQ5ODFhOWE0YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48ztFJBmJa2rTZtFvZIFz05sD7bE
GnQHFIeaziszpPKhM3Cg2a8DV9fpmR7EBpInoRkmEXhbxW54OkxlBeIK+pPRTxsA
fh/2dbHF1DUo5dScquza7/Hsw/xaRZzHjDT1DhfTzhkso4GAZ3RztY+GI+FpW7Zc
4S0GTbSxNIjiwhdS1fEncEGPd4kIVwMoBQIkxndu47F27AGDD6Up3yEWoFhcfo/Z
edlMYb5prD0mO5fM6B7aPmkBV988q6Ccm6pmVfxwvvU+kJdTzpXW9IkJAEFMgSdu
vGgE1YmTVE+Y9e6BfPE0tgvVwYt3sRgUdQiS2o+k9J+KzEsBdFkr+8mswQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/Wakx/z7pf6Xr/AYCaxJgamktOMB8GA1UdIwQY
MBaAFJg/GxOd8koFwuUlYFKwISUX5HNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAt
ZWY5NjQ0MzEyZGRiLzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAtZWY5NjQ0MzEyZGRi
LzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1fuKoJr
QOj9vGKzMKA4Iz/Sao4tOxqC3vELAmYj1EldkVcDvV4B9NvAnjQlNKVKYGn3/Qnb
XC1iAyj5PlEaKOo2+ysiCJQ8nMSq8PjC08KlPjpgr9OhmpBiMzbRAq98P6xzbDx0
1HZqUyEBlEnGbANU3bzUXpQh5s5+esz1E6qzCEdQyJZtBS7c84lUoBIX1oXYtykE
Ghesy4F1xd8W6/chjaAXHdkWvRdU/BsuINnKyfYNt8FVNXb4zqfVyR4+U2kIk1bh
r0jIthKNjLAJjL+YvYMoBgq5iUPY/bxaSe3O7YP9pP3hOEhMQyS0I0j6HipnYgEm
f2J3GpM9UTavAA==
-----END CERTIFICATE-----