Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          JCrF/V3b12fexYENsv88TUvr7/Y7NjqdUDmnPa44hv4=
Subject key identifier:   D9:41:11:C1:17:52:87:F0:AE:3F:2F:C3:E8:ED:BC:B1:D2:9D:A5:11
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       01989F0347FFCD3836C21FF97B2C391011E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          0394
Signing time:             Tue 12 Aug 2025 16:00:48 +0000
Manifest this update:     Tue 12 Aug 2025 16:00:48 +0000
Manifest next update:     Wed 13 Aug 2025 16:00:48 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: jlXebI8FNzrZg4eUzKNQNSLmwa8Ps5zwMs5d+pS2ekI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:03:47:ff:cd:38:36:c2:1f:f9:7b:2c:39:10:11:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Aug 12 16:00:48 2025 GMT
            Not After : Aug 13 16:00:48 2025 GMT
        Subject: CN=d94111c1175287f0ae3f2fc3e8edbcb1d29da511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8d:7e:9a:53:92:4c:7c:6d:f0:ab:32:6c:85:
                    37:f1:fa:73:33:4e:ce:88:fb:96:d7:a2:2e:11:19:
                    66:e4:69:95:e9:03:b9:e8:8e:e4:10:72:26:3c:67:
                    9f:05:ec:0f:94:b5:c8:7d:f0:c5:e3:5a:a4:80:43:
                    63:ea:bd:04:ec:2c:a7:93:b6:1f:66:7e:b9:4b:7a:
                    93:b1:25:93:f8:f5:33:70:8c:02:a5:16:30:a0:ec:
                    68:0a:d8:d3:6e:26:fd:8a:95:d7:37:40:62:ca:fd:
                    3d:b6:f9:29:e0:1c:a0:d5:c9:6a:e6:e0:72:8c:22:
                    89:db:b9:f4:c1:37:a0:6d:0f:5c:ed:e7:bc:9c:fc:
                    ef:8e:83:af:07:c2:f0:3e:7f:fc:7a:75:84:e9:cf:
                    20:6c:b0:65:85:93:86:8f:9b:07:11:7b:6b:37:6b:
                    d1:72:a6:ca:7b:f4:2b:1e:b8:7a:93:0c:fd:ad:c9:
                    2b:8e:a8:47:e3:7a:89:79:1b:ea:de:a3:4e:cd:5c:
                    44:14:ae:5d:75:ba:1c:d6:7b:60:ff:e8:46:99:64:
                    b2:df:b0:b7:2d:48:a6:44:4b:1f:5a:46:2f:0d:33:
                    df:88:f4:0b:e3:8a:84:4c:2a:09:ef:db:21:74:22:
                    b6:e1:4e:b9:c4:bf:e0:2d:ff:d4:03:26:7a:1a:97:
                    51:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:41:11:C1:17:52:87:F0:AE:3F:2F:C3:E8:ED:BC:B1:D2:9D:A5:11
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c1:34:d2:d6:c4:1c:16:22:50:e0:03:09:2c:f0:20:eb:fb:
         d3:e9:e4:fd:32:25:89:4f:a2:8b:41:57:b4:b6:ec:f7:42:45:
         a4:ae:31:00:b4:7d:dc:98:0e:ad:49:72:1d:b4:66:1c:4a:46:
         a1:a5:8f:b0:02:48:61:d6:7e:2d:61:5a:17:40:c4:a2:87:d2:
         de:4b:9d:e3:37:14:57:28:63:06:4f:c4:77:df:cb:d0:07:e0:
         20:21:9f:7e:cb:ab:12:ed:7f:b5:58:79:46:d4:6a:a0:1f:b4:
         3b:5d:65:7f:62:40:3a:7b:cf:3d:bb:0b:e2:b7:b3:b4:5f:35:
         9e:2f:4e:1c:3f:8b:1b:a2:72:89:d4:73:af:50:19:4e:03:02:
         49:b4:8c:39:a2:bd:21:41:4d:ce:67:3c:72:02:56:bc:c6:ec:
         8c:2c:cf:07:3c:10:16:b1:95:24:a7:f1:85:6a:ff:ae:d0:58:
         b3:bd:7c:f1:0a:03:33:fc:74:e2:01:51:c0:d4:ba:83:6d:99:
         c3:bb:13:eb:9f:7b:42:d6:d2:89:fc:cc:59:72:98:2b:34:14:
         41:35:32:7e:f1:9d:e0:b3:fa:ca:73:21:f4:b2:b4:fb:43:c4:
         00:b4:5e:d7:b7:68:c9:2e:b6:f1:41:db:18:f5:31:4c:df:08:
         14:26:fa:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifA0f/zTg2wh/5eyw5EBHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUwODEyMTYwMDQ4WhcNMjUwODEzMTYwMDQ4WjAzMTEwLwYDVQQD
EyhkOTQxMTFjMTE3NTI4N2YwYWUzZjJmYzNlOGVkYmNiMWQyOWRhNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo1+mlOSTHxt8KsybIU38fpzM07O
iPuW16IuERlm5GmV6QO56I7kEHImPGefBewPlLXIffDF41qkgENj6r0E7Cynk7Yf
Zn65S3qTsSWT+PUzcIwCpRYwoOxoCtjTbib9ipXXN0Biyv09tvkp4Byg1clq5uBy
jCKJ27n0wTegbQ9c7ee8nPzvjoOvB8LwPn/8enWE6c8gbLBlhZOGj5sHEXtrN2vR
cqbKe/QrHrh6kwz9rckrjqhH43qJeRvq3qNOzVxEFK5ddboc1ntg/+hGmWSy37C3
LUimREsfWkYvDTPfiPQL44qETCoJ79shdCK24U65xL/gLf/UAyZ6GpdRsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlBEcEXUofwrj8vw+jtvLHSnaURMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsE00tbE
HBYiUOADCSzwIOv70+nk/TIliU+ii0FXtLbs90JFpK4xALR93JgOrUlyHbRmHEpG
oaWPsAJIYdZ+LWFaF0DEoofS3kud4zcUVyhjBk/Ed9/L0AfgICGffsurEu1/tVh5
RtRqoB+0O11lf2JAOnvPPbsL4reztF81ni9OHD+LG6JyidRzr1AZTgMCSbSMOaK9
IUFNzmc8cgJWvMbsjCzPBzwQFrGVJKfxhWr/rtBYs7188QoDM/x04gFRwNS6g22Z
w7sT6597QtbSifzMWXKYKzQUQTUyfvGd4LP6ynMh9LK0+0PEALRe17doyS628UHb
GPUxTN8IFCb6mw==
-----END CERTIFICATE-----