Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          C3P85L9dcpzxd290oOvAYK68v2SBjUa2zJ0d7pSiZUA=
Subject key identifier:   75:6B:41:27:05:DA:C3:C6:A9:DB:FD:0F:EE:9B:74:47:9A:AD:8B:57
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       0199221E5B1630D21B40B8E6007FFFBC8E57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          0FED
Signing time:             Sun 07 Sep 2025 03:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:38 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: knbEN8Y+MNIBR6vtIfGdnjFrHU88gmdRLLeEM/40nLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:5b:16:30:d2:1b:40:b8:e6:00:7f:ff:bc:8e:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Sep  7 03:00:38 2025 GMT
            Not After : Sep  8 03:00:38 2025 GMT
        Subject: CN=756b412705dac3c6a9dbfd0fee9b74479aad8b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:34:ec:e7:e8:e6:16:29:1a:56:07:db:4a:e9:
                    33:5c:6a:d0:e8:3d:56:0d:fa:13:6c:89:51:c6:59:
                    2f:96:be:8f:92:78:eb:29:5b:21:e9:ce:b7:74:79:
                    ce:86:c8:f7:50:5f:06:64:66:d5:c6:49:5d:d8:d9:
                    82:18:76:e0:1f:68:07:b4:7c:af:fa:78:ff:e7:16:
                    6c:85:bc:60:a4:7f:0f:ff:29:90:37:8e:1d:5d:9e:
                    6a:13:aa:d9:25:71:5c:5d:c3:53:b0:c0:cd:aa:8d:
                    88:4c:78:f3:f3:fc:3f:04:6c:0d:50:6a:57:31:1f:
                    82:b9:45:b1:d8:24:d3:a4:85:82:09:5c:af:2e:94:
                    43:d4:50:2e:d6:6b:b3:ee:70:79:8b:65:25:a3:9d:
                    6a:1e:97:12:72:6d:32:bf:df:b3:5a:bc:e4:6f:d1:
                    65:8c:8f:32:5e:93:1c:05:18:ea:5d:11:b8:08:f9:
                    29:79:96:9e:eb:82:94:de:01:9b:81:30:31:3c:fe:
                    21:b0:80:e8:91:d9:be:98:74:c9:cb:f6:d2:dc:b0:
                    9c:ba:b3:58:63:fe:ec:a9:cf:65:86:75:c3:a9:57:
                    fa:08:c9:df:ce:77:2a:f7:2b:1e:2b:58:fa:99:6f:
                    96:c3:16:98:1a:c8:06:5e:f7:94:09:be:3b:92:2e:
                    18:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:6B:41:27:05:DA:C3:C6:A9:DB:FD:0F:EE:9B:74:47:9A:AD:8B:57
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:63:3d:36:f9:ec:55:f9:95:1f:bf:d1:b8:30:ff:7c:1e:da:
         c3:d2:bd:b2:01:a3:48:8c:e8:c6:4a:30:85:01:b5:e0:0e:76:
         18:e1:9d:ad:cb:07:6f:7c:f6:99:ca:84:a5:99:ca:b7:e0:a5:
         8b:17:89:8a:d2:00:ed:98:8f:68:13:61:b5:30:78:36:5f:3f:
         b0:78:90:e5:d3:0c:52:9b:7b:b0:2b:6b:79:12:b2:4d:7c:cd:
         b8:86:6a:25:12:a8:3f:b6:5d:ad:6b:d2:b6:42:fc:2a:05:b8:
         1d:1b:de:61:07:9d:cb:74:52:b5:bf:60:18:5e:5c:93:ca:e6:
         45:20:64:4c:02:4e:80:0c:3b:43:53:61:af:75:d8:d1:e0:a9:
         27:c3:72:4e:48:83:42:97:9e:70:ad:12:30:c1:ef:9f:db:a4:
         ea:37:3e:b9:03:6d:89:e6:fe:b1:70:92:ae:0b:7f:84:d2:2a:
         0f:1a:03:c0:49:be:7c:cd:8c:d0:5d:7e:e9:25:e5:7b:1b:a7:
         00:fd:a8:70:ce:28:41:f0:83:73:41:60:f4:1f:c8:48:eb:88:
         22:54:a9:34:03:c5:00:25:87:a2:a0:03:b5:dd:cd:ed:a5:26:
         aa:2f:48:95:43:4c:87:19:5a:2d:ed:34:cd:13:d2:3f:77:79:
         08:73:c6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHlsWMNIbQLjmAH//vI5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjUwOTA3MDMwMDM4WhcNMjUwOTA4MDMwMDM4WjAzMTEwLwYDVQQD
Eyg3NTZiNDEyNzA1ZGFjM2M2YTlkYmZkMGZlZTliNzQ0NzlhYWQ4YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjTs5+jmFikaVgfbSukzXGrQ6D1W
DfoTbIlRxlkvlr6PknjrKVsh6c63dHnOhsj3UF8GZGbVxkld2NmCGHbgH2gHtHyv
+nj/5xZshbxgpH8P/ymQN44dXZ5qE6rZJXFcXcNTsMDNqo2ITHjz8/w/BGwNUGpX
MR+CuUWx2CTTpIWCCVyvLpRD1FAu1muz7nB5i2Ulo51qHpcScm0yv9+zWrzkb9Fl
jI8yXpMcBRjqXRG4CPkpeZae64KU3gGbgTAxPP4hsIDokdm+mHTJy/bS3LCcurNY
Y/7sqc9lhnXDqVf6CMnfzncq9yseK1j6mW+WwxaYGsgGXveUCb47ki4Y7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVrQScF2sPGqdv9D+6bdEearYtXMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGM9Nvns
VfmVH7/RuDD/fB7aw9K9sgGjSIzoxkowhQG14A52GOGdrcsHb3z2mcqEpZnKt+Cl
ixeJitIA7ZiPaBNhtTB4Nl8/sHiQ5dMMUpt7sCtreRKyTXzNuIZqJRKoP7ZdrWvS
tkL8KgW4HRveYQedy3RStb9gGF5ck8rmRSBkTAJOgAw7Q1Nhr3XY0eCpJ8NyTkiD
QpeecK0SMMHvn9uk6jc+uQNtieb+sXCSrgt/hNIqDxoDwEm+fM2M0F1+6SXlexun
AP2ocM4oQfCDc0Fg9B/ISOuIIlSpNAPFACWHoqADtd3N7aUmqi9IlUNMhxlaLe00
zRPSP3d5CHPG3Q==
-----END CERTIFICATE-----