Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          j/5sBgrouaGe53/NcfCRYAmoYZPOuJKxot6DepDORVM=
Subject key identifier:   B0:EE:A1:5C:45:A0:98:89:A8:DA:3F:35:08:93:61:0B:11:F4:14:B2
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       01987D8AFD37829B6558B9852D7A9F755F5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0DB4
Signing time:             Wed 06 Aug 2025 04:01:57 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:57 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:57 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: alnNi4caIy95st211FdgihN2/v+6Lo1WW6zdDHYop98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:fd:37:82:9b:65:58:b9:85:2d:7a:9f:75:5f:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Aug  6 04:01:57 2025 GMT
            Not After : Aug  7 04:01:57 2025 GMT
        Subject: CN=b0eea15c45a09889a8da3f350893610b11f414b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e8:a2:d8:4b:c7:20:92:e1:ea:8e:99:8b:a2:
                    1f:60:20:c2:72:8a:29:66:76:15:8a:2d:23:a3:d6:
                    65:13:14:66:b6:14:27:ac:07:80:13:ff:dd:1d:c5:
                    ff:2d:4b:da:52:af:7e:3d:83:4a:5e:3c:6e:a4:b9:
                    f1:e7:0c:77:2f:d2:ab:0a:9a:ee:be:1b:cb:2e:32:
                    6b:06:e6:41:d0:02:9a:c2:c2:87:b1:98:74:f0:05:
                    1e:f2:3b:2a:af:89:47:56:54:4d:eb:7a:3d:fa:35:
                    5a:4f:f1:8f:a7:14:b6:10:96:88:43:bd:9c:48:58:
                    1b:a2:ac:1b:77:42:0c:66:4d:95:3e:43:95:d5:7f:
                    e0:21:4b:cf:54:80:9e:75:18:17:a1:ab:66:e5:7e:
                    93:0c:55:6b:7e:ff:b3:8f:fa:ca:3b:90:d3:1d:30:
                    22:7e:c2:44:ff:fa:a4:3e:99:c4:b0:e3:b0:1c:94:
                    19:30:ff:c3:2d:5b:8d:e1:36:82:91:d2:4b:85:2f:
                    43:32:b2:e8:40:bf:30:b8:f4:52:b7:4e:92:d9:b4:
                    8c:89:84:33:f5:24:f6:a5:2f:10:21:5c:80:a1:ff:
                    e0:6a:b4:1f:75:32:87:f4:7f:95:f5:2d:df:2d:e1:
                    73:1b:aa:af:bf:bc:0c:f1:3f:ca:4b:34:94:6c:14:
                    f0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:EE:A1:5C:45:A0:98:89:A8:DA:3F:35:08:93:61:0B:11:F4:14:B2
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:61:dc:4a:63:13:ab:3b:0e:98:50:2b:8a:93:14:b8:28:2a:
         75:95:9c:2e:c5:fa:f4:35:39:19:9d:41:de:d3:83:3b:d7:fc:
         08:1b:2d:70:6d:3b:fe:4d:f5:94:a1:d2:79:a7:84:90:c0:df:
         21:57:b7:12:bd:dc:ba:0e:ba:c6:e0:d5:e3:60:1a:f7:75:3c:
         67:1f:ef:d9:70:5e:d6:a4:06:15:b0:cb:5c:1c:5d:b6:78:49:
         df:aa:7a:91:d1:e2:03:3b:67:2c:cc:b5:fb:28:67:38:3a:bf:
         06:f7:22:42:80:6c:5a:90:aa:a4:aa:c5:0e:49:0e:21:3c:4c:
         4f:4a:77:96:9b:58:5d:24:e0:65:c5:73:a8:0a:04:76:69:cb:
         e2:fa:06:61:14:34:6f:90:0a:9e:e6:b6:bc:ac:90:c6:0f:8f:
         86:84:e6:23:aa:c5:6b:f3:ee:a6:be:e5:55:82:0b:46:9e:a5:
         2b:78:e8:11:e6:ec:b6:0d:d8:40:be:f4:41:8d:3c:8f:ad:18:
         93:70:9f:91:2d:15:21:c7:18:29:ca:10:fa:a5:42:c5:97:98:
         92:8a:e6:f7:0c:13:a1:80:ac:8a:95:6e:61:af:b9:ce:1a:bc:
         b1:fc:c2:14:a8:4c:da:c4:44:5c:5d:8e:fd:ee:93:50:77:78:
         e2:2e:e3:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9iv03gptlWLmFLXqfdV9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUwODA2MDQwMTU3WhcNMjUwODA3MDQwMTU3WjAzMTEwLwYDVQQD
EyhiMGVlYTE1YzQ1YTA5ODg5YThkYTNmMzUwODkzNjEwYjExZjQxNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Oii2EvHIJLh6o6Zi6IfYCDCcoop
ZnYVii0jo9ZlExRmthQnrAeAE//dHcX/LUvaUq9+PYNKXjxupLnx5wx3L9KrCpru
vhvLLjJrBuZB0AKawsKHsZh08AUe8jsqr4lHVlRN63o9+jVaT/GPpxS2EJaIQ72c
SFgboqwbd0IMZk2VPkOV1X/gIUvPVICedRgXoatm5X6TDFVrfv+zj/rKO5DTHTAi
fsJE//qkPpnEsOOwHJQZMP/DLVuN4TaCkdJLhS9DMrLoQL8wuPRSt06S2bSMiYQz
9ST2pS8QIVyAof/garQfdTKH9H+V9S3fLeFzG6qvv7wM8T/KSzSUbBTwHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDuoVxFoJiJqNo/NQiTYQsR9BSyMB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGHcSmMT
qzsOmFAripMUuCgqdZWcLsX69DU5GZ1B3tODO9f8CBstcG07/k31lKHSeaeEkMDf
IVe3Er3cug66xuDV42Aa93U8Zx/v2XBe1qQGFbDLXBxdtnhJ36p6kdHiAztnLMy1
+yhnODq/BvciQoBsWpCqpKrFDkkOITxMT0p3lptYXSTgZcVzqAoEdmnL4voGYRQ0
b5AKnua2vKyQxg+PhoTmI6rFa/Pupr7lVYILRp6lK3joEebstg3YQL70QY08j60Y
k3CfkS0VIccYKcoQ+qVCxZeYkorm9wwToYCsipVuYa+5zhq8sfzCFKhM2sREXF2O
/e6TUHd44i7jXQ==
-----END CERTIFICATE-----