Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          EcinjZh2MarEI6TA1h2SA+cafBBElnrjh4VhS8X0vvQ=
Subject key identifier:   64:3C:05:7E:4E:A6:E1:4F:3A:47:3F:3C:2B:E0:04:C9:1D:65:81:6B
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       01988CFCE1BE2BF395A4CC1DBC94B2D2B89E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          D8
Signing time:             Sat 09 Aug 2025 04:00:39 +0000
Manifest this update:     Sat 09 Aug 2025 04:00:39 +0000
Manifest next update:     Sun 10 Aug 2025 04:00:39 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: 3cKtTQTk2wWzVGALajeBVNlR7jNuh0Z886e9J/Cl9tA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:fc:e1:be:2b:f3:95:a4:cc:1d:bc:94:b2:d2:b8:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Aug  9 04:00:39 2025 GMT
            Not After : Aug 10 04:00:39 2025 GMT
        Subject: CN=643c057e4ea6e14f3a473f3c2be004c91d65816b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:52:6f:72:ed:2f:32:26:ac:b3:b4:16:f6:bf:
                    32:d2:d8:8f:0f:8f:60:cf:73:83:39:27:82:cb:81:
                    ba:73:af:32:65:c6:ee:53:5e:7d:f1:c4:7a:e8:09:
                    e0:7d:03:13:0c:4b:3e:a8:dc:e1:ee:d6:71:7b:de:
                    67:e8:30:7c:22:e7:96:9f:1c:a2:9a:22:d1:12:38:
                    c1:88:c7:f3:7c:56:01:90:00:ac:99:eb:de:b9:d6:
                    5e:1f:fb:6f:68:f9:e5:4b:98:9c:44:eb:d5:01:8b:
                    d7:56:07:0e:c9:df:2a:cd:db:b5:71:38:0f:30:cb:
                    80:2d:74:d9:cd:5e:62:dc:2b:1e:95:7a:ff:b4:4e:
                    6c:86:4d:84:43:88:e9:36:ee:b6:47:2c:b4:ed:98:
                    32:f0:f3:5d:5f:1e:2d:f1:5e:be:8e:97:44:09:c6:
                    e6:a6:94:eb:56:fc:48:ff:c9:de:0b:a1:2f:9e:49:
                    bc:5d:46:9f:5d:c4:2a:51:b7:ce:18:41:05:26:6e:
                    73:39:a5:94:28:8a:69:d0:9e:df:86:4e:6f:0e:50:
                    55:62:63:c6:e2:37:23:9c:e9:10:16:a8:e6:e8:29:
                    49:14:27:c5:17:72:37:bb:c2:96:90:3e:00:60:11:
                    d8:2a:57:b2:75:be:8f:af:54:0d:63:a7:62:99:74:
                    51:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:3C:05:7E:4E:A6:E1:4F:3A:47:3F:3C:2B:E0:04:C9:1D:65:81:6B
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:73:7e:dd:1e:19:4e:12:c1:08:7b:25:a9:9b:50:39:19:4d:
         00:84:96:ca:50:ea:af:e4:e8:34:90:71:a2:f1:85:c6:08:db:
         5d:0b:72:08:05:fb:a5:70:a3:43:61:74:51:f5:cb:c2:f3:be:
         32:78:df:b8:9d:b5:62:9a:f8:7c:c9:37:6b:15:20:0e:90:9f:
         ea:a4:32:7b:1c:68:62:b3:a9:0a:2f:ef:f1:f6:7e:eb:a4:08:
         e0:a1:4e:3d:5c:7a:17:cc:a1:6a:12:79:b1:36:11:38:81:4f:
         e6:1c:14:f1:74:fd:d9:f9:a6:27:3c:df:61:69:32:4f:f7:af:
         e4:07:bc:bb:e8:5b:9a:42:1f:12:21:55:ae:09:fe:38:b8:c8:
         4e:0f:58:be:9b:42:66:9a:c3:8f:83:85:a4:38:21:21:4e:75:
         23:f4:57:c2:e3:fe:c6:94:96:36:08:6d:1d:a9:2f:13:a9:f9:
         bc:50:7a:a4:78:68:a5:5d:73:6d:bf:7e:62:38:a4:e2:83:a6:
         af:7c:45:e5:56:61:31:4d:24:03:ff:0c:4b:91:87:f2:60:1f:
         7b:0b:eb:8f:16:af:04:a4:b6:c6:6d:eb:80:9d:c3:e6:d8:bc:
         11:6a:4e:a9:e2:28:26:e2:ee:c8:fe:9e:cc:3d:ae:25:fd:88:
         e4:dd:d7:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/OG+K/OVpMwdvJSy0rieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjUwODA5MDQwMDM5WhcNMjUwODEwMDQwMDM5WjAzMTEwLwYDVQQD
Eyg2NDNjMDU3ZTRlYTZlMTRmM2E0NzNmM2MyYmUwMDRjOTFkNjU4MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslJvcu0vMiass7QW9r8y0tiPD49g
z3ODOSeCy4G6c68yZcbuU1598cR66AngfQMTDEs+qNzh7tZxe95n6DB8IueWnxyi
miLREjjBiMfzfFYBkACsmeveudZeH/tvaPnlS5icROvVAYvXVgcOyd8qzdu1cTgP
MMuALXTZzV5i3CselXr/tE5shk2EQ4jpNu62Ryy07Zgy8PNdXx4t8V6+jpdECcbm
ppTrVvxI/8neC6Evnkm8XUafXcQqUbfOGEEFJm5zOaWUKIpp0J7fhk5vDlBVYmPG
4jcjnOkQFqjm6ClJFCfFF3I3u8KWkD4AYBHYKleydb6Pr1QNY6dimXRRnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQ8BX5OpuFPOkc/PCvgBMkdZYFrMB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcXN+3R4Z
ThLBCHslqZtQORlNAISWylDqr+ToNJBxovGFxgjbXQtyCAX7pXCjQ2F0UfXLwvO+
MnjfuJ21Ypr4fMk3axUgDpCf6qQyexxoYrOpCi/v8fZ+66QI4KFOPVx6F8yhahJ5
sTYROIFP5hwU8XT92fmmJzzfYWkyT/ev5Ae8u+hbmkIfEiFVrgn+OLjITg9YvptC
ZprDj4OFpDghIU51I/RXwuP+xpSWNghtHakvE6n5vFB6pHhopV1zbb9+Yjik4oOm
r3xF5VZhMU0kA/8MS5GH8mAfewvrjxavBKS2xm3rgJ3D5ti8EWpOqeIoJuLuyP6e
zD2uJf2I5N3XjA==
-----END CERTIFICATE-----