Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          HWpqKA6pCGu9fpL7lEAn40aCF1Emks3DeQoiEruKeYw=
Subject key identifier:   5B:BD:E0:61:66:7D:2B:9E:D2:A3:75:07:A9:07:92:A6:D1:79:0F:A8
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       0198496539CAF0D6083054B5DACF7EB340E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          081B
Signing time:             Sun 27 Jul 2025 01:00:27 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:27 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:27 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: CryxXApMk7iJ7Q5Ae9cUleoqxGwNOKsEy22AZzj7ZOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:39:ca:f0:d6:08:30:54:b5:da:cf:7e:b3:40:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Jul 27 01:00:27 2025 GMT
            Not After : Jul 28 01:00:27 2025 GMT
        Subject: CN=5bbde061667d2b9ed2a37507a90792a6d1790fa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e8:0f:45:4e:1a:48:3f:b7:a0:5e:32:7d:04:
                    db:3d:02:55:52:89:46:30:4b:b3:22:26:4a:60:e7:
                    f0:14:d0:75:e8:b7:85:4a:2a:ba:15:2d:76:ec:04:
                    50:85:16:34:25:b0:c9:f0:c4:38:a1:2f:66:13:d9:
                    a9:9d:f7:13:83:43:08:0e:0e:63:86:6f:62:10:1c:
                    8d:44:1d:c7:f0:62:54:20:ba:5a:86:90:4a:e6:d8:
                    db:28:a9:d6:be:27:32:b6:04:6e:8c:89:ff:3f:60:
                    ad:8e:d5:00:1b:35:ba:81:7d:9e:73:1a:ef:53:8b:
                    56:d7:28:ae:ed:91:0c:84:87:d6:f5:b1:54:82:73:
                    be:3c:e2:79:92:82:90:d9:84:4f:9e:2c:b2:b6:3f:
                    0a:de:8b:a8:03:ee:97:4c:82:b3:85:29:56:25:e0:
                    03:44:17:4b:31:bd:9b:49:99:30:ac:c7:59:e2:82:
                    55:e3:35:da:3d:c6:13:c1:d7:82:59:c9:b5:0b:f0:
                    96:82:e9:af:33:87:5e:08:ca:9d:a9:ac:91:d1:11:
                    d3:8d:9f:ac:3b:3b:0e:c4:b7:2a:4d:58:33:c4:ca:
                    5e:f5:77:f5:20:97:0c:66:06:b1:08:3d:6c:09:73:
                    d3:74:24:85:ce:05:3b:e0:6c:71:27:4d:a1:3b:69:
                    79:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:BD:E0:61:66:7D:2B:9E:D2:A3:75:07:A9:07:92:A6:D1:79:0F:A8
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:d0:05:44:4d:96:07:28:c8:db:31:6c:db:7a:e4:dc:8a:dd:
         85:a6:00:98:df:8f:6f:d8:ae:20:fc:86:42:55:8b:c4:63:7e:
         19:d0:7d:8f:27:49:fb:1a:cb:0e:43:8b:d2:28:cc:85:00:27:
         eb:7e:19:5e:51:56:53:26:07:a3:fa:a3:08:63:a7:8c:67:fd:
         1b:2e:7d:a3:06:19:5e:b6:16:9c:13:4d:2d:7b:0f:cc:98:a7:
         c8:f9:7e:9d:40:85:12:d8:7c:4d:5d:a0:08:3a:6d:05:29:03:
         1d:57:a2:5d:f8:f2:7f:7a:d5:ed:0b:a5:4e:a5:4c:48:0a:ca:
         73:47:13:3c:ab:61:d5:f8:83:e7:34:43:ed:4f:18:b9:f1:71:
         e4:b4:26:b1:77:47:ad:46:ab:b1:0d:9f:33:75:94:8d:a8:52:
         aa:81:be:92:24:4f:6e:48:f7:45:25:42:ca:69:7f:94:e9:3f:
         17:5a:54:75:24:86:42:80:83:dc:11:80:a7:8b:ff:cc:62:b2:
         4d:6f:55:47:98:06:66:33:53:99:ab:6e:a9:63:1e:35:74:b3:
         04:ea:81:94:dd:37:4b:c3:d1:cd:c9:6e:6b:f7:72:12:50:c0:
         3d:c9:ac:09:76:ef:20:9f:ca:aa:e6:28:e2:3a:ac:a5:fc:c1:
         dd:be:92:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZTnK8NYIMFS12s9+s0DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjUwNzI3MDEwMDI3WhcNMjUwNzI4MDEwMDI3WjAzMTEwLwYDVQQD
Eyg1YmJkZTA2MTY2N2QyYjllZDJhMzc1MDdhOTA3OTJhNmQxNzkwZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+gPRU4aSD+3oF4yfQTbPQJVUolG
MEuzIiZKYOfwFNB16LeFSiq6FS127ARQhRY0JbDJ8MQ4oS9mE9mpnfcTg0MIDg5j
hm9iEByNRB3H8GJUILpahpBK5tjbKKnWvicytgRujIn/P2CtjtUAGzW6gX2ecxrv
U4tW1yiu7ZEMhIfW9bFUgnO+POJ5koKQ2YRPniyytj8K3ouoA+6XTIKzhSlWJeAD
RBdLMb2bSZkwrMdZ4oJV4zXaPcYTwdeCWcm1C/CWgumvM4deCMqdqayR0RHTjZ+s
OzsOxLcqTVgzxMpe9Xf1IJcMZgaxCD1sCXPTdCSFzgU74GxxJ02hO2l5SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFu94GFmfSue0qN1B6kHkqbReQ+oMB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL9AFRE2W
ByjI2zFs23rk3IrdhaYAmN+Pb9iuIPyGQlWLxGN+GdB9jydJ+xrLDkOL0ijMhQAn
634ZXlFWUyYHo/qjCGOnjGf9Gy59owYZXrYWnBNNLXsPzJinyPl+nUCFEth8TV2g
CDptBSkDHVeiXfjyf3rV7QulTqVMSArKc0cTPKth1fiD5zRD7U8YufFx5LQmsXdH
rUarsQ2fM3WUjahSqoG+kiRPbkj3RSVCyml/lOk/F1pUdSSGQoCD3BGAp4v/zGKy
TW9VR5gGZjNTmatuqWMeNXSzBOqBlN03S8PRzclua/dyElDAPcmsCXbvIJ/KquYo
4jqspfzB3b6Sdw==
-----END CERTIFICATE-----