Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          9jaZe+oaQQMqUUr5v+khWd87i+2feEKgsJtWgQJxxjk=
Subject key identifier:   A8:31:CE:FA:3D:11:02:38:55:31:98:79:1D:DF:02:15:BF:57:1F:42
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       01988B1073179B9327B21B87F4945CD6EDB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0CC2
Signing time:             Fri 08 Aug 2025 19:02:47 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:47 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:47 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: UiHFRnQDMTCQd2Bwp9QMNIO9GaUHloLQ96E9iTJIr3Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:73:17:9b:93:27:b2:1b:87:f4:94:5c:d6:ed:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Aug  8 19:02:47 2025 GMT
            Not After : Aug  9 19:02:47 2025 GMT
        Subject: CN=a831cefa3d110238553198791ddf0215bf571f42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:94:86:69:15:96:42:82:77:26:2c:2b:79:a9:
                    7e:c8:0f:2e:01:6d:91:70:87:83:89:78:ce:f8:6e:
                    bd:b7:b9:b7:45:80:39:ff:d0:bd:13:fd:3f:07:8f:
                    ef:d1:77:27:b0:2f:3e:fd:01:cd:48:01:57:d8:bc:
                    76:e9:9d:6b:44:d2:cb:4b:ff:46:6f:5c:10:df:75:
                    0d:b6:f8:e8:83:1d:04:c3:4a:11:68:aa:05:0e:b9:
                    c8:46:ff:55:fc:a1:f7:fa:fe:02:c0:8b:bd:9b:91:
                    d2:dd:3d:86:34:21:92:a1:24:5f:46:74:14:18:d7:
                    b4:b8:94:2c:cc:2a:a7:29:f0:49:f8:a7:48:f4:03:
                    ec:c4:25:47:bf:f8:59:55:f6:e7:64:b3:dd:ad:33:
                    ca:39:04:7c:39:71:87:7c:4a:9e:19:09:1f:4d:19:
                    84:1a:d2:7d:51:42:74:a4:ac:cf:d3:ee:6e:23:32:
                    9a:fb:93:6b:ed:40:a0:07:80:f5:0e:00:7b:f5:7d:
                    7f:5d:7d:64:fb:fb:4d:b0:34:c9:6a:a1:45:6c:85:
                    3e:b9:f8:49:3c:e1:49:5a:03:48:cd:7e:8d:1b:6f:
                    56:0f:7f:22:56:39:d7:57:f2:34:49:af:45:4c:30:
                    cd:5c:c7:a3:20:02:51:d6:12:30:55:fe:ba:5a:6f:
                    8f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:31:CE:FA:3D:11:02:38:55:31:98:79:1D:DF:02:15:BF:57:1F:42
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:44:8d:3b:6f:61:72:08:0a:16:51:66:8f:1c:a6:1a:26:ef:
         9e:05:ae:82:19:ab:62:82:dc:b1:d4:02:bc:6f:df:08:d0:bc:
         5e:19:56:78:ae:78:64:3f:17:0e:90:9c:c5:85:56:c4:3c:b3:
         ef:1d:10:72:2e:1c:df:ea:c1:3c:af:a6:84:4d:cf:97:7a:c0:
         8d:31:9e:e5:0a:81:7b:a7:e3:24:b1:53:ad:84:cf:f3:2c:91:
         03:19:ae:3d:f2:4a:e7:77:7b:22:80:56:08:69:4a:e5:26:5f:
         86:0f:ae:9a:fb:f6:58:d6:e5:f5:51:81:d2:c8:65:28:5e:67:
         4b:a1:76:bb:38:68:6d:bd:ba:b1:3b:ba:92:69:cf:46:c6:48:
         2f:ce:c8:75:61:50:05:5c:88:0c:bc:99:4c:3f:46:c4:9a:10:
         25:0e:90:cc:a3:e4:7e:4c:a4:cf:ef:d1:85:f8:13:71:9a:c4:
         71:fe:b5:47:8d:7e:b3:ef:21:5c:72:e4:3d:2b:e0:96:ed:fc:
         9a:97:62:d6:59:6d:c9:12:ae:f1:79:d5:d2:19:5d:98:f8:83:
         04:66:7a:c7:35:dc:19:02:54:99:44:e0:45:40:91:33:5e:9b:
         99:fb:0f:fc:17:d4:46:57:8d:33:12:81:3e:68:5e:9a:34:03:
         c4:f8:a2:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEHMXm5MnshuH9JRc1u2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUwODA4MTkwMjQ3WhcNMjUwODA5MTkwMjQ3WjAzMTEwLwYDVQQD
EyhhODMxY2VmYTNkMTEwMjM4NTUzMTk4NzkxZGRmMDIxNWJmNTcxZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pSGaRWWQoJ3Jiwreal+yA8uAW2R
cIeDiXjO+G69t7m3RYA5/9C9E/0/B4/v0XcnsC8+/QHNSAFX2Lx26Z1rRNLLS/9G
b1wQ33UNtvjogx0Ew0oRaKoFDrnIRv9V/KH3+v4CwIu9m5HS3T2GNCGSoSRfRnQU
GNe0uJQszCqnKfBJ+KdI9APsxCVHv/hZVfbnZLPdrTPKOQR8OXGHfEqeGQkfTRmE
GtJ9UUJ0pKzP0+5uIzKa+5Nr7UCgB4D1DgB79X1/XX1k+/tNsDTJaqFFbIU+ufhJ
POFJWgNIzX6NG29WD38iVjnXV/I0Sa9FTDDNXMejIAJR1hIwVf66Wm+PWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgxzvo9EQI4VTGYeR3fAhW/Vx9CMB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakSNO29h
cggKFlFmjxymGibvngWughmrYoLcsdQCvG/fCNC8XhlWeK54ZD8XDpCcxYVWxDyz
7x0Qci4c3+rBPK+mhE3Pl3rAjTGe5QqBe6fjJLFTrYTP8yyRAxmuPfJK53d7IoBW
CGlK5SZfhg+umvv2WNbl9VGB0shlKF5nS6F2uzhobb26sTu6kmnPRsZIL87IdWFQ
BVyIDLyZTD9GxJoQJQ6QzKPkfkykz+/RhfgTcZrEcf61R41+s+8hXHLkPSvglu38
mpdi1lltyRKu8XnV0hldmPiDBGZ6xzXcGQJUmUTgRUCRM16bmfsP/BfURleNMxKB
PmhemjQDxPiinA==
-----END CERTIFICATE-----