Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          U2zl5K3VgewgHCJoLCJ+zoTv4nejenkQ4cST+bXDRO8=
Subject key identifier:   EB:82:1A:3E:37:A0:B0:24:18:A3:D0:70:09:42:2D:EB:72:07:F7:13
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019872D00C4A1131C0036E1192F13AAEA10C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          0288
Signing time:             Mon 04 Aug 2025 02:01:33 +0000
Manifest this update:     Mon 04 Aug 2025 02:01:33 +0000
Manifest next update:     Tue 05 Aug 2025 02:01:33 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: tbl1VHofD/DXPWeZcxyWmqh8OcuBSnc9tX9/y/EcPTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:d0:0c:4a:11:31:c0:03:6e:11:92:f1:3a:ae:a1:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Aug  4 02:01:33 2025 GMT
            Not After : Aug  5 02:01:33 2025 GMT
        Subject: CN=eb821a3e37a0b02418a3d07009422deb7207f713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d3:94:ea:aa:98:3a:44:7b:d2:8b:24:c4:65:
                    4a:dd:39:fd:f0:f7:e1:01:b0:a8:6d:b9:eb:66:e8:
                    40:1d:e6:6e:5b:6a:d1:17:7b:47:da:2c:33:37:5c:
                    ca:95:f5:91:a2:a5:bb:0c:a3:10:73:28:d2:8d:38:
                    09:f8:dc:29:3d:78:a1:05:60:94:75:d7:60:98:64:
                    f0:1f:45:88:de:6e:a3:b0:08:5d:06:d0:7d:a1:b2:
                    61:a3:72:84:39:db:e9:3e:17:7e:f4:9a:31:38:83:
                    49:05:9c:47:3b:23:46:b5:a1:44:2c:36:c1:8f:cc:
                    7d:a1:28:73:22:df:33:85:32:b4:76:0f:fd:1f:6b:
                    52:2e:22:6c:4e:85:40:6c:85:c4:55:83:24:ca:97:
                    6a:0b:f2:6c:69:e3:a9:76:19:f0:69:d4:35:8c:10:
                    0d:33:6e:25:b0:bc:ff:4e:55:a2:aa:87:97:47:f4:
                    09:4c:09:7b:b1:0c:16:1a:b9:e3:a7:0d:34:8c:a0:
                    9e:2f:c0:7d:60:f6:2e:3b:3d:9a:64:a4:a0:34:11:
                    9c:63:23:c1:9d:42:70:0d:a9:93:75:4f:95:32:e2:
                    c9:2e:db:6a:3d:e1:3f:92:3e:7d:19:6f:9b:17:11:
                    2b:e9:5b:ba:23:57:ea:e1:f4:59:d2:df:27:24:60:
                    58:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:82:1A:3E:37:A0:B0:24:18:A3:D0:70:09:42:2D:EB:72:07:F7:13
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:fd:69:ff:81:86:65:c4:f1:fc:7a:9a:d9:e8:bb:1d:2d:97:
         11:2e:14:cd:43:a3:b2:4f:97:d1:63:cd:2a:18:85:e1:66:c3:
         6d:74:32:fd:7b:5f:f0:c8:af:1c:95:a2:68:c7:c5:3a:63:38:
         15:e4:65:f5:fc:9b:32:79:f9:ae:43:e5:de:ac:81:d0:0e:a8:
         39:a2:58:25:9c:44:d2:03:5f:72:5b:2c:57:e7:7c:6c:df:8a:
         9f:af:10:1e:09:9c:1d:8c:8e:78:32:0f:c8:6e:4b:46:ae:1b:
         86:76:e2:1c:88:30:38:a0:0d:25:9c:2d:07:ec:9e:72:cb:59:
         5a:29:d1:e5:3c:2d:56:92:df:0f:89:2f:78:62:fd:48:e3:0b:
         5b:27:30:7e:42:09:62:3f:07:89:8a:1b:e0:c5:fa:16:10:63:
         81:37:1d:6c:52:c9:b7:df:2c:46:eb:99:7d:85:cd:85:86:ab:
         63:7d:09:ad:0d:38:d5:ee:71:47:cb:68:34:f4:4e:45:27:bd:
         8b:e3:2b:a7:31:2d:b7:9d:fe:0e:ab:42:1d:df:54:e9:36:e0:
         77:be:95:d7:9d:dd:45:2e:9a:ac:4e:0e:a5:32:cf:42:9b:2f:
         af:d2:04:3b:e9:91:49:62:dc:00:3d:81:7a:b7:de:32:af:47:
         ae:91:f2:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhy0AxKETHAA24RkvE6rqEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUwODA0MDIwMTMzWhcNMjUwODA1MDIwMTMzWjAzMTEwLwYDVQQD
EyhlYjgyMWEzZTM3YTBiMDI0MThhM2QwNzAwOTQyMmRlYjcyMDdmNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntOU6qqYOkR70oskxGVK3Tn98Pfh
AbCobbnrZuhAHeZuW2rRF3tH2iwzN1zKlfWRoqW7DKMQcyjSjTgJ+NwpPXihBWCU
dddgmGTwH0WI3m6jsAhdBtB9obJho3KEOdvpPhd+9JoxOINJBZxHOyNGtaFELDbB
j8x9oShzIt8zhTK0dg/9H2tSLiJsToVAbIXEVYMkypdqC/JsaeOpdhnwadQ1jBAN
M24lsLz/TlWiqoeXR/QJTAl7sQwWGrnjpw00jKCeL8B9YPYuOz2aZKSgNBGcYyPB
nUJwDamTdU+VMuLJLttqPeE/kj59GW+bFxEr6Vu6I1fq4fRZ0t8nJGBYMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuCGj43oLAkGKPQcAlCLetyB/cTMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUv1p/4GG
ZcTx/Hqa2ei7HS2XES4UzUOjsk+X0WPNKhiF4WbDbXQy/Xtf8MivHJWiaMfFOmM4
FeRl9fybMnn5rkPl3qyB0A6oOaJYJZxE0gNfclssV+d8bN+Kn68QHgmcHYyOeDIP
yG5LRq4bhnbiHIgwOKANJZwtB+yecstZWinR5TwtVpLfD4kveGL9SOMLWycwfkIJ
Yj8HiYob4MX6FhBjgTcdbFLJt98sRuuZfYXNhYarY30JrQ041e5xR8toNPRORSe9
i+MrpzEtt53+DqtCHd9U6Tbgd76V153dRS6arE4OpTLPQpsvr9IEO+mRSWLcAD2B
erfeMq9HrpHy7Q==
-----END CERTIFICATE-----