Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          xAKPSVxgRLsJtGnnukDR4LQQuMnsbj9B4eDRBuLAJQA=
Subject key identifier:   B0:13:CE:9A:E5:01:A6:6B:C8:C4:46:30:F1:58:B6:8A:97:A1:74:03
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       019785B3B6D152B2E1C03D07CAD427A68C70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0984
Signing time:             Thu 19 Jun 2025 01:00:36 +0000
Manifest this update:     Thu 19 Jun 2025 01:00:36 +0000
Manifest next update:     Fri 20 Jun 2025 01:00:36 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: UpoipxueYSpeg2ZLBywdz6XvbBzGOG8bMKXrxJ8FGUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:85:b3:b6:d1:52:b2:e1:c0:3d:07:ca:d4:27:a6:8c:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Jun 19 01:00:36 2025 GMT
            Not After : Jun 20 01:00:36 2025 GMT
        Subject: CN=b013ce9ae501a66bc8c44630f158b68a97a17403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:34:66:46:b5:6d:5b:09:f7:4f:6c:14:52:
                    16:a1:96:e6:8d:4a:98:ba:8b:e6:ec:4b:a5:ef:42:
                    67:37:19:ec:45:d4:86:86:7c:f4:40:9f:a2:e7:10:
                    17:00:26:5d:7b:ca:67:8c:fa:72:5b:0e:5a:5d:7c:
                    cc:35:a8:4d:ae:64:0a:44:46:0b:40:bc:fe:76:68:
                    5d:59:70:ec:07:bf:6b:ed:51:33:3b:d0:ed:db:ba:
                    64:ad:26:0b:78:a5:50:72:71:2e:e7:88:6b:f8:16:
                    aa:5e:ce:10:52:1b:b8:54:2d:53:af:d8:fb:50:d4:
                    7e:20:54:73:13:04:7d:29:49:18:11:7d:30:32:e2:
                    0c:45:44:39:b5:13:c9:64:db:c8:b0:11:13:66:e9:
                    63:13:74:bb:03:a5:02:5b:db:53:7a:b2:42:06:38:
                    97:a1:3e:d3:e2:90:fb:9f:11:f6:fd:49:51:73:e5:
                    3e:4e:1d:02:51:12:37:15:02:ac:da:c3:65:fe:04:
                    36:ed:11:2c:3f:aa:4a:4f:f6:0f:8d:1d:6b:9e:64:
                    3c:43:0d:07:11:86:12:1e:3d:be:a7:61:9e:a6:30:
                    ed:45:f6:9b:e8:9a:31:69:85:61:52:04:37:3b:9d:
                    e8:e6:59:84:b7:b5:96:52:5d:ee:56:66:cf:fd:b9:
                    56:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:13:CE:9A:E5:01:A6:6B:C8:C4:46:30:F1:58:B6:8A:97:A1:74:03
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:2f:24:2f:19:78:e7:fc:05:21:bf:ed:38:ef:f5:a2:97:62:
         02:2e:93:43:13:1f:47:e8:b7:96:cb:1e:4a:5e:61:71:86:64:
         b5:c5:80:38:be:50:c4:7e:cb:ee:bb:17:a3:d3:5a:4a:20:9f:
         34:a1:57:ed:33:1c:e1:97:fe:65:13:18:79:90:f4:73:3a:f5:
         58:fa:d9:3c:17:01:63:d8:67:3b:89:7a:a7:88:55:50:28:79:
         7f:da:7d:5e:b7:15:11:4d:d1:42:a6:fc:58:d0:76:38:b5:6c:
         56:6b:1b:3c:af:5e:54:cf:51:dd:ee:e4:98:9a:ec:b6:e3:28:
         92:bc:9d:84:29:f2:b8:93:86:80:05:be:cd:f2:02:ed:f2:a4:
         d1:41:b3:7a:87:ce:66:9e:62:cb:b9:c2:22:fe:11:1f:70:3c:
         c4:f4:83:8c:f3:56:50:4c:84:2a:ed:d9:61:92:98:4a:e4:83:
         3f:34:04:f6:5f:43:23:8e:e8:30:1b:51:7e:d4:f6:75:ac:bb:
         fa:fe:f1:28:88:79:34:b4:08:5f:ba:07:0c:28:62:9d:80:92:
         9f:d8:77:90:ec:00:f7:d0:f7:6e:3a:a7:6a:14:eb:b3:1e:10:
         6a:0e:89:c4:79:b4:73:91:31:d1:9a:29:dc:c7:aa:19:be:cc:
         bb:54:87:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeFs7bRUrLhwD0HytQnpoxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwNjE5MDEwMDM2WhcNMjUwNjIwMDEwMDM2WjAzMTEwLwYDVQQD
EyhiMDEzY2U5YWU1MDFhNjZiYzhjNDQ2MzBmMTU4YjY4YTk3YTE3NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNo0Zka1bVsJ909sFFIWoZbmjUqY
uovm7Eul70JnNxnsRdSGhnz0QJ+i5xAXACZde8pnjPpyWw5aXXzMNahNrmQKREYL
QLz+dmhdWXDsB79r7VEzO9Dt27pkrSYLeKVQcnEu54hr+BaqXs4QUhu4VC1Tr9j7
UNR+IFRzEwR9KUkYEX0wMuIMRUQ5tRPJZNvIsBETZuljE3S7A6UCW9tTerJCBjiX
oT7T4pD7nxH2/UlRc+U+Th0CURI3FQKs2sNl/gQ27REsP6pKT/YPjR1rnmQ8Qw0H
EYYSHj2+p2GepjDtRfab6JoxaYVhUgQ3O53o5lmEt7WWUl3uVmbP/blWDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLATzprlAaZryMRGMPFYtoqXoXQDMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADS8kLxl4
5/wFIb/tOO/1opdiAi6TQxMfR+i3lsseSl5hcYZktcWAOL5QxH7L7rsXo9NaSiCf
NKFX7TMc4Zf+ZRMYeZD0czr1WPrZPBcBY9hnO4l6p4hVUCh5f9p9XrcVEU3RQqb8
WNB2OLVsVmsbPK9eVM9R3e7kmJrstuMokrydhCnyuJOGgAW+zfIC7fKk0UGzeofO
Zp5iy7nCIv4RH3A8xPSDjPNWUEyEKu3ZYZKYSuSDPzQE9l9DI47oMBtRftT2day7
+v7xKIh5NLQIX7oHDChinYCSn9h3kOwA99D3bjqnahTrsx4Qag6JxHm0c5Ex0Zop
3MeqGb7Mu1SHdg==
-----END CERTIFICATE-----