Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
File:                     35qWOAlxTREDtkYNnQ4UoS6FAyU.mft (raw, json)
Hash identifier:          OV5Xw+Jh1jsVdUA9PipYsuDkZV7ITS0umNcLRYWF51o=
Subject key identifier:   C6:8A:58:0D:AF:FF:54:B4:DA:3C:94:31:44:57:BE:3B:59:8A:F0:08
Authority key identifier: DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25
Certificate issuer:       /CN=df9a963809714d1103b6460d9d0e14a12e850325
Certificate serial:       01988B0FBF9911FBC5BA847DD1FD82C0AF2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
Manifest number:          0D08
Signing time:             Fri 08 Aug 2025 19:02:01 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:01 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:01 +0000
Files and hashes:         1: 35qWOAlxTREDtkYNnQ4UoS6FAyU.crl (hash: jU3SgwdQfyEngCyp30RwDaxEmmMIE0D7NTKVKtdb2po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:bf:99:11:fb:c5:ba:84:7d:d1:fd:82:c0:af:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9a963809714d1103b6460d9d0e14a12e850325
        Validity
            Not Before: Aug  8 19:02:01 2025 GMT
            Not After : Aug  9 19:02:01 2025 GMT
        Subject: CN=c68a580dafff54b4da3c94314457be3b598af008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:5d:71:2d:bb:24:ec:d8:cc:4e:77:ae:18:6e:
                    ad:8f:f1:16:05:52:ab:ea:d4:b1:31:dc:f3:ba:06:
                    d8:5e:69:52:7e:8f:48:4c:f5:a5:09:a1:41:5f:d7:
                    3b:e4:f0:b4:93:5d:34:d1:4a:e3:09:dc:5a:bb:42:
                    ae:94:87:8d:92:fc:a6:09:93:bc:9e:a7:39:04:bd:
                    ec:08:c1:71:a9:f0:7b:c9:41:ff:d0:88:0e:80:05:
                    4f:3f:e7:80:c7:9e:29:6a:7c:bc:a8:b5:ac:68:3c:
                    1a:6c:5a:bf:f6:85:5a:cb:1a:f2:f8:1c:fc:f6:33:
                    d3:cb:e2:45:66:8a:2f:7b:39:12:0c:30:bb:97:ee:
                    e1:60:53:a6:e0:f7:86:4c:0b:bc:35:15:43:5d:19:
                    92:77:26:f2:a5:89:42:50:a2:3f:dd:72:dd:ef:98:
                    0d:c8:2a:cb:c0:e3:0a:cd:2e:e0:67:96:b5:eb:e1:
                    77:64:39:62:93:29:5e:f5:92:d8:3e:4a:f4:8d:44:
                    ef:dd:33:0a:10:e2:3c:3b:eb:8a:f2:b1:14:28:d8:
                    2e:13:ea:bb:34:51:01:c7:9e:bb:ad:5b:c9:f5:85:
                    2f:3e:cb:b0:8e:89:49:64:51:24:4f:f9:9b:66:70:
                    03:94:7b:b8:62:22:bb:d1:af:09:2c:bb:ca:ff:4c:
                    a0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:8A:58:0D:AF:FF:54:B4:DA:3C:94:31:44:57:BE:3B:59:8A:F0:08
            X509v3 Authority Key Identifier:
                keyid:DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:91:56:0a:1d:eb:18:48:57:dd:a2:84:52:9d:50:b3:39:78:
         f9:2d:33:1a:81:ae:fd:91:aa:4a:17:88:b6:3f:2a:c9:7c:d8:
         4b:a4:04:22:13:a5:b1:1e:22:77:72:45:71:f8:75:ff:11:6f:
         92:58:00:24:59:fd:6c:a0:e4:87:86:17:3c:8c:f4:1d:09:84:
         b6:6e:54:d7:2f:dc:00:18:3f:c3:1d:2d:93:5d:16:84:f2:1c:
         8f:2a:26:02:5c:06:b3:e0:27:ad:e3:a1:77:44:cc:34:9c:d0:
         0b:82:24:84:b7:67:49:83:ae:ef:eb:8e:df:c9:a2:ac:66:03:
         32:4e:a5:7e:eb:93:c0:be:7c:b6:2c:ed:34:fe:dc:3d:12:0f:
         27:66:e4:d7:41:8f:21:5c:fe:bc:55:b7:2b:2c:a9:68:87:5a:
         5b:50:03:cf:f0:5d:1e:05:15:99:f7:30:41:01:3d:d1:7e:c2:
         d6:46:4d:63:cb:83:43:10:9d:87:63:4b:61:19:0d:67:f8:e5:
         ff:95:8c:e5:08:2e:88:f3:32:77:4a:6f:c7:91:d0:2b:8a:60:
         65:b0:e9:a8:d2:8d:07:9a:6c:99:6e:3c:91:25:d1:b4:29:7a:
         68:2b:6f:32:8c:f5:4e:77:8d:fa:29:aa:90:5e:a2:71:9c:7b:
         d6:39:ae:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD7+ZEfvFuoR90f2CwK8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWE5NjM4MDk3MTRkMTEwM2I2NDYwZDlkMGUxNGExMmU4
NTAzMjUwHhcNMjUwODA4MTkwMjAxWhcNMjUwODA5MTkwMjAxWjAzMTEwLwYDVQQD
EyhjNjhhNTgwZGFmZmY1NGI0ZGEzYzk0MzE0NDU3YmUzYjU5OGFmMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F1xLbsk7NjMTneuGG6tj/EWBVKr
6tSxMdzzugbYXmlSfo9ITPWlCaFBX9c75PC0k1000UrjCdxau0KulIeNkvymCZO8
nqc5BL3sCMFxqfB7yUH/0IgOgAVPP+eAx54pany8qLWsaDwabFq/9oVayxry+Bz8
9jPTy+JFZoovezkSDDC7l+7hYFOm4PeGTAu8NRVDXRmSdybypYlCUKI/3XLd75gN
yCrLwOMKzS7gZ5a16+F3ZDlikyle9ZLYPkr0jUTv3TMKEOI8O+uK8rEUKNguE+q7
NFEBx567rVvJ9YUvPsuwjolJZFEkT/mbZnADlHu4YiK70a8JLLvK/0yg4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaKWA2v/1S02jyUMURXvjtZivAIMB8GA1UdIwQY
MBaAFN+aljgJcU0RA7ZGDZ0OFKEuhQMlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgt
ZjMwOTZhMDI0ZTI5LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgtZjMwOTZhMDI0ZTI5
LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhJFWCh3r
GEhX3aKEUp1Qszl4+S0zGoGu/ZGqSheItj8qyXzYS6QEIhOlsR4id3JFcfh1/xFv
klgAJFn9bKDkh4YXPIz0HQmEtm5U1y/cABg/wx0tk10WhPIcjyomAlwGs+AnreOh
d0TMNJzQC4IkhLdnSYOu7+uO38mirGYDMk6lfuuTwL58tiztNP7cPRIPJ2bk10GP
IVz+vFW3KyypaIdaW1ADz/BdHgUVmfcwQQE90X7C1kZNY8uDQxCdh2NLYRkNZ/jl
/5WM5QguiPMyd0pvx5HQK4pgZbDpqNKNB5psmW48kSXRtCl6aCtvMoz1TneN+imq
kF6icZx71jmuWA==
-----END CERTIFICATE-----