Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
File:                     5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json)
Hash identifier:          SWn1M0ZQybeT7bvggdMjaHCb4vUuCv2SkVAbV4uPgA8=
Subject key identifier:   86:F1:CA:C6:91:57:50:B2:5D:2C:38:66:3E:9D:3C:B3:AF:5D:B7:64
Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9
Certificate issuer:       /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
Certificate serial:       019892C81D9A5430AB5DDB9C05EFFBDFC73C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
Manifest number:          040B
Signing time:             Sun 10 Aug 2025 07:00:44 +0000
Manifest this update:     Sun 10 Aug 2025 07:00:44 +0000
Manifest next update:     Mon 11 Aug 2025 07:00:44 +0000
Files and hashes:         1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: 2IIUClsFXJsxnbWXPBiKSju3RIE0PdVT6Bb14y16Scc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c8:1d:9a:54:30:ab:5d:db:9c:05:ef:fb:df:c7:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
        Validity
            Not Before: Aug 10 07:00:44 2025 GMT
            Not After : Aug 11 07:00:44 2025 GMT
        Subject: CN=86f1cac6915750b25d2c38663e9d3cb3af5db764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c1:a1:d8:13:e7:06:58:af:79:19:0e:1d:b4:
                    87:ad:de:cd:6e:03:3b:df:e5:a1:2f:b4:9d:2b:59:
                    1d:9d:77:66:90:a8:53:c2:b1:28:13:b9:a1:35:69:
                    72:ae:61:c2:32:f4:a5:48:c0:78:49:ce:1f:21:3c:
                    50:2e:10:97:80:0b:e3:37:36:86:86:20:e4:65:bd:
                    6f:90:43:33:ce:8c:56:25:d9:ac:94:30:59:ef:63:
                    ed:98:06:f6:78:0f:2b:73:3a:a3:ef:58:3b:4d:f0:
                    a3:b6:88:53:b2:ed:4b:24:ea:02:be:fc:f1:1b:00:
                    90:08:26:5c:68:fc:8a:61:6b:5a:31:f7:9c:f9:9e:
                    72:4f:3c:72:f7:c2:2b:b9:9a:7d:b0:b7:3e:bb:5d:
                    db:f7:57:ce:e4:e0:67:09:5c:a7:02:0f:ba:d1:17:
                    71:2c:ef:cf:4e:0e:e3:4c:95:44:f2:00:ab:6a:2b:
                    d0:69:ac:60:d7:98:24:85:d9:f3:e2:7d:5c:6e:99:
                    fe:fc:14:0a:14:17:18:5d:3f:6e:b2:1e:8f:6f:a1:
                    2b:05:85:f5:3c:41:2c:61:ca:d8:00:ca:b6:c9:65:
                    b1:c9:af:a1:d9:31:d9:99:28:9e:c8:de:02:c3:33:
                    78:19:5e:93:ec:5a:67:8d:a9:a2:db:73:75:fb:d4:
                    1a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F1:CA:C6:91:57:50:B2:5D:2C:38:66:3E:9D:3C:B3:AF:5D:B7:64
            X509v3 Authority Key Identifier:
                keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:0a:d2:a5:f2:be:32:a6:c1:27:bd:51:b7:d8:97:9a:cb:2e:
         63:ee:10:8f:d1:6f:be:ec:ea:69:e1:19:12:a4:7e:08:26:23:
         48:87:8b:39:94:c5:ff:ce:ed:8b:b8:36:22:b7:cc:2c:75:52:
         c5:1f:d9:41:d9:cf:31:cf:a1:0d:aa:5b:97:40:f3:76:88:37:
         de:d7:ed:a5:69:65:da:cf:66:d2:1a:65:83:be:2e:91:63:d1:
         8a:e3:75:4f:26:44:cb:1e:ff:14:a1:e9:98:49:7a:28:47:df:
         47:a8:5a:6c:23:cc:68:b0:f5:fc:a3:da:3a:83:b4:6a:e1:00:
         5e:14:ab:34:56:21:06:7b:a6:ba:72:80:ee:bd:f2:57:13:74:
         41:79:2e:df:a3:4c:ce:d2:30:0b:30:4d:6a:7c:00:52:5d:92:
         19:4a:81:cd:90:fc:98:75:26:f5:b9:1a:67:02:ea:90:ef:a4:
         7b:c1:38:0c:fd:14:8f:00:26:2d:20:d1:5a:55:1b:e2:55:ce:
         04:41:2b:a3:ed:8d:c4:51:49:4f:a6:cb:14:69:e9:6a:d0:1c:
         2e:ef:3e:18:92:a0:cc:79:8d:31:26:d5:82:8d:4a:f8:69:19:
         36:9a:e6:25:24:a2:18:e1:e3:60:e6:7f:c0:32:c8:00:20:b1:
         53:36:06:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSyB2aVDCrXducBe/738c8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0
MGU0ZDkwHhcNMjUwODEwMDcwMDQ0WhcNMjUwODExMDcwMDQ0WjAzMTEwLwYDVQQD
Eyg4NmYxY2FjNjkxNTc1MGIyNWQyYzM4NjYzZTlkM2NiM2FmNWRiNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsGh2BPnBliveRkOHbSHrd7NbgM7
3+WhL7SdK1kdnXdmkKhTwrEoE7mhNWlyrmHCMvSlSMB4Sc4fITxQLhCXgAvjNzaG
hiDkZb1vkEMzzoxWJdmslDBZ72PtmAb2eA8rczqj71g7TfCjtohTsu1LJOoCvvzx
GwCQCCZcaPyKYWtaMfec+Z5yTzxy98IruZp9sLc+u13b91fO5OBnCVynAg+60Rdx
LO/PTg7jTJVE8gCraivQaaxg15gkhdnz4n1cbpn+/BQKFBcYXT9ush6Pb6ErBYX1
PEEsYcrYAMq2yWWxya+h2THZmSieyN4CwzN4GV6T7Fpnjami23N1+9QaCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbxysaRV1CyXSw4Zj6dPLOvXbdkMB8GA1UdIwQY
MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt
Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2
LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAwrSpfK+
MqbBJ71Rt9iXmssuY+4Qj9FvvuzqaeEZEqR+CCYjSIeLOZTF/87ti7g2IrfMLHVS
xR/ZQdnPMc+hDapbl0Dzdog33tftpWll2s9m0hplg74ukWPRiuN1TyZEyx7/FKHp
mEl6KEffR6habCPMaLD1/KPaOoO0auEAXhSrNFYhBnumunKA7r3yVxN0QXku36NM
ztIwCzBNanwAUl2SGUqBzZD8mHUm9bkaZwLqkO+ke8E4DP0UjwAmLSDRWlUb4lXO
BEEro+2NxFFJT6bLFGnpatAcLu8+GJKgzHmNMSbVgo1K+GkZNprmJSSiGOHjYOZ/
wDLIACCxUzYGpQ==
-----END CERTIFICATE-----