Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          nUW1TiAvRgAJP5xgw39TYZJ+9P9jWpHwjyKpVq8waeY=
Subject key identifier:   00:65:46:EF:53:FC:83:2B:C2:EB:82:41:A0:2E:B4:E9:D4:DE:F1:E0
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       01989034D6111513CBA7862BC8E8621C94FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0A0E
Signing time:             Sat 09 Aug 2025 19:00:38 +0000
Manifest this update:     Sat 09 Aug 2025 19:00:38 +0000
Manifest next update:     Sun 10 Aug 2025 19:00:38 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: 6Dig4iCR/fCMwT47akgiW6CVVthmfXb6YtulNsHL1iU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:34:d6:11:15:13:cb:a7:86:2b:c8:e8:62:1c:94:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Aug  9 19:00:38 2025 GMT
            Not After : Aug 10 19:00:38 2025 GMT
        Subject: CN=006546ef53fc832bc2eb8241a02eb4e9d4def1e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:68:39:02:5c:fc:25:1d:bd:d8:ab:d1:0f:f1:
                    36:9a:5e:bb:72:e0:53:6b:ad:a8:db:77:8f:f9:20:
                    14:81:f5:31:9c:18:dd:60:d0:2d:73:3d:5e:b0:76:
                    d4:d0:98:af:49:04:8b:34:12:92:78:67:0c:d2:f5:
                    f5:64:1e:26:23:de:02:20:07:f7:43:d6:d8:4b:e5:
                    d1:64:e2:98:56:34:16:7c:7c:12:ba:e0:de:8d:f2:
                    5e:5a:48:6c:0b:8a:ba:c5:2e:10:2d:11:aa:85:e5:
                    9c:68:55:ba:be:08:06:c7:d3:b2:d1:39:1e:d5:c3:
                    07:e6:73:28:66:3b:d4:87:45:c3:70:57:08:49:9f:
                    40:fd:3a:90:42:2e:14:04:5f:25:6f:4a:44:53:1d:
                    80:ee:4f:16:b9:82:f2:9d:3e:1f:e0:6b:6a:f9:26:
                    43:52:cc:28:21:36:d9:d9:75:f9:3a:41:da:4c:c0:
                    1e:96:ff:3a:df:c6:22:7b:8c:12:44:59:75:a7:bb:
                    67:fc:c3:65:fb:50:1a:3b:bd:d4:e6:44:f8:27:db:
                    ef:c6:d5:81:9e:0b:a5:b9:41:87:fc:7b:9e:cb:36:
                    89:fa:12:43:2d:9e:d0:0e:e0:66:e0:5b:22:44:3b:
                    bc:ca:4e:6e:51:38:c4:3b:0f:8c:81:2c:d2:70:76:
                    61:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:65:46:EF:53:FC:83:2B:C2:EB:82:41:A0:2E:B4:E9:D4:DE:F1:E0
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:cf:90:f1:5f:3c:ad:e9:02:c7:89:e7:7c:a8:8a:33:64:5a:
         74:80:db:8f:89:47:cf:5e:36:da:37:26:68:bf:55:2d:76:77:
         df:fd:18:6b:36:69:5c:70:dd:70:6d:2b:7b:5a:dd:74:82:23:
         c1:04:74:36:65:a3:5e:05:25:93:0c:61:20:75:16:a3:4b:95:
         9a:ba:b5:f5:f7:da:37:59:8f:b1:8b:87:32:5f:96:1b:31:3b:
         98:11:b2:22:c4:6a:78:bd:f9:ea:f3:4f:6f:7f:80:73:d8:4d:
         c5:96:f0:e7:2c:c8:00:2e:fb:c1:e3:71:ef:c6:e4:40:36:dc:
         22:24:99:95:fe:81:11:37:24:b5:e8:25:f3:5a:9c:86:fd:f2:
         2c:64:e3:42:d0:8a:b6:ea:92:d5:3e:23:25:8c:5b:13:a4:ff:
         55:3c:f7:ce:a5:88:ff:fa:28:6e:4b:dc:97:1c:9c:31:9b:b0:
         62:e7:63:ca:75:5c:68:87:18:a0:bc:3d:9c:cb:3b:d4:49:8d:
         52:47:25:89:a5:1a:ac:31:a1:88:42:77:9b:45:6c:15:6b:c4:
         ba:67:e6:70:35:5a:7d:53:10:da:ed:d0:8e:08:7f:ab:9e:85:
         dc:0c:85:09:51:d7:66:0d:f9:31:ae:a2:c4:f3:a2:9b:5f:5c:
         be:c4:f8:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQNNYRFRPLp4YryOhiHJT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwODA5MTkwMDM4WhcNMjUwODEwMTkwMDM4WjAzMTEwLwYDVQQD
EygwMDY1NDZlZjUzZmM4MzJiYzJlYjgyNDFhMDJlYjRlOWQ0ZGVmMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmg5Alz8JR292KvRD/E2ml67cuBT
a62o23eP+SAUgfUxnBjdYNAtcz1esHbU0JivSQSLNBKSeGcM0vX1ZB4mI94CIAf3
Q9bYS+XRZOKYVjQWfHwSuuDejfJeWkhsC4q6xS4QLRGqheWcaFW6vggGx9Oy0Tke
1cMH5nMoZjvUh0XDcFcISZ9A/TqQQi4UBF8lb0pEUx2A7k8WuYLynT4f4Gtq+SZD
UswoITbZ2XX5OkHaTMAelv8638Yie4wSRFl1p7tn/MNl+1AaO73U5kT4J9vvxtWB
nguluUGH/HueyzaJ+hJDLZ7QDuBm4FsiRDu8yk5uUTjEOw+MgSzScHZhQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABlRu9T/IMrwuuCQaAutOnU3vHgMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8+Q8V88
rekCx4nnfKiKM2RadIDbj4lHz1422jcmaL9VLXZ33/0YazZpXHDdcG0re1rddIIj
wQR0NmWjXgUlkwxhIHUWo0uVmrq19ffaN1mPsYuHMl+WGzE7mBGyIsRqeL356vNP
b3+Ac9hNxZbw5yzIAC77weNx78bkQDbcIiSZlf6BETcktegl81qchv3yLGTjQtCK
tuqS1T4jJYxbE6T/VTz3zqWI//oobkvclxycMZuwYudjynVcaIcYoLw9nMs71EmN
UkcliaUarDGhiEJ3m0VsFWvEumfmcDVafVMQ2u3Qjgh/q56F3AyFCVHXZg35Ma6i
xPOim19cvsT4gA==
-----END CERTIFICATE-----