Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          Kt+kzCiqVsAKk1oeHQ6aMRIMWfuopQPtbEzkkfDkDfo=
Subject key identifier:   98:E8:7E:BB:98:21:0F:FF:8E:8C:18:56:6B:5E:2A:8B:AE:DD:17:CE
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       019923A075AA837A7B5F0CBF32719C9F4C16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          0727
Signing time:             Sun 07 Sep 2025 10:02:22 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:22 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:22 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: T5Zs7O8cu1Ccooe/Yw0bwHhIjmaHr/XeKLfogz25cKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:75:aa:83:7a:7b:5f:0c:bf:32:71:9c:9f:4c:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Sep  7 10:02:22 2025 GMT
            Not After : Sep  8 10:02:22 2025 GMT
        Subject: CN=98e87ebb98210fff8e8c18566b5e2a8baedd17ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:ae:20:c5:b9:c4:42:1d:16:f3:84:ac:e4:62:
                    ec:fe:81:19:2a:48:d7:5f:63:a3:92:75:62:a9:ea:
                    06:30:95:a6:b9:6e:37:83:a4:05:90:57:16:dd:7f:
                    35:36:59:a6:e7:9b:74:20:77:6c:bf:07:26:77:58:
                    91:41:24:1f:cd:07:d1:b6:35:6a:dc:29:b6:4e:77:
                    6a:72:4b:35:1b:f0:81:9a:ce:04:6c:a1:4d:39:88:
                    1b:d4:30:ea:4c:b1:18:4a:e1:c8:6a:46:22:95:4d:
                    fd:be:bb:c7:70:ac:48:04:94:7f:da:82:16:42:17:
                    8b:ab:3d:ca:4d:6e:ea:ee:4c:86:80:dd:0c:2f:5d:
                    8f:ea:92:1a:f6:f0:bd:dc:dd:b2:16:e4:bc:62:15:
                    c1:e0:ce:35:55:7b:b5:0d:86:47:78:44:81:72:f7:
                    ad:76:8d:94:9c:9b:cd:70:13:7d:fc:3a:53:36:d6:
                    be:04:22:35:e5:c5:27:15:99:86:b8:b4:06:b6:99:
                    c7:a9:f6:d6:fc:8d:f9:50:58:9a:32:4a:dc:2c:84:
                    c6:2e:69:62:d1:90:ca:58:62:55:2b:ad:d3:2e:08:
                    f0:fe:a0:94:e1:a6:92:ab:a4:70:6f:b3:6d:8c:44:
                    34:15:84:43:fc:45:dd:a6:7b:45:10:14:5f:63:00:
                    26:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E8:7E:BB:98:21:0F:FF:8E:8C:18:56:6B:5E:2A:8B:AE:DD:17:CE
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:5e:fd:ab:29:46:c2:0e:71:70:24:6f:90:04:f4:2e:52:27:
         d8:d9:c3:80:b5:0b:d5:f5:75:cf:87:e4:42:b7:dc:b2:9a:7a:
         09:4b:6d:d4:c8:87:56:47:86:a1:05:8e:8f:0a:ce:f2:81:c6:
         94:64:ba:e1:8a:7e:2a:51:34:65:9f:93:8d:7c:69:3b:06:f3:
         7f:34:a8:a8:8c:c0:8e:7f:e0:52:e4:70:84:a6:4a:9a:6a:9f:
         5e:2a:f2:5a:99:cc:e4:66:7b:30:0a:e9:0d:3e:f7:5f:88:de:
         63:0a:fd:7a:82:1b:6f:39:fb:e8:9e:f2:05:c3:0e:85:5b:e7:
         59:d0:17:4f:33:08:0a:b8:6e:74:ef:56:af:07:b3:2f:5b:ad:
         c3:9d:23:c6:99:7a:6d:59:17:0e:2e:16:0d:e6:79:72:e8:85:
         21:e8:e2:9c:c4:5d:6b:c5:ee:0d:28:69:ec:31:a4:c8:c3:6c:
         c7:cf:02:ca:7d:be:d3:06:7a:9a:6a:6f:7f:1a:55:2b:38:b7:
         b1:de:84:d2:14:03:94:12:22:4c:89:46:3e:49:d2:86:b7:4c:
         b4:59:5e:fa:02:de:b7:df:f6:af:8a:d9:ee:1e:e7:dd:5f:18:
         ff:f4:23:a3:06:4e:5a:8c:84:d3:8a:e5:14:ab:c1:d2:ef:f7:
         ee:77:42:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoHWqg3p7Xwy/MnGcn0wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUwOTA3MTAwMjIyWhcNMjUwOTA4MTAwMjIyWjAzMTEwLwYDVQQD
Eyg5OGU4N2ViYjk4MjEwZmZmOGU4YzE4NTY2YjVlMmE4YmFlZGQxN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA564gxbnEQh0W84Ss5GLs/oEZKkjX
X2OjknViqeoGMJWmuW43g6QFkFcW3X81Nlmm55t0IHdsvwcmd1iRQSQfzQfRtjVq
3Cm2Tndqcks1G/CBms4EbKFNOYgb1DDqTLEYSuHIakYilU39vrvHcKxIBJR/2oIW
QheLqz3KTW7q7kyGgN0ML12P6pIa9vC93N2yFuS8YhXB4M41VXu1DYZHeESBcvet
do2UnJvNcBN9/DpTNta+BCI15cUnFZmGuLQGtpnHqfbW/I35UFiaMkrcLITGLmli
0ZDKWGJVK63TLgjw/qCU4aaSq6Rwb7NtjEQ0FYRD/EXdpntFEBRfYwAmiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjofruYIQ//jowYVmteKouu3RfOMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQl79qylG
wg5xcCRvkAT0LlIn2NnDgLUL1fV1z4fkQrfcspp6CUtt1MiHVkeGoQWOjwrO8oHG
lGS64Yp+KlE0ZZ+TjXxpOwbzfzSoqIzAjn/gUuRwhKZKmmqfXiryWpnM5GZ7MArp
DT73X4jeYwr9eoIbbzn76J7yBcMOhVvnWdAXTzMICrhudO9WrwezL1utw50jxpl6
bVkXDi4WDeZ5cuiFIejinMRda8XuDShp7DGkyMNsx88Cyn2+0wZ6mmpvfxpVKzi3
sd6E0hQDlBIiTIlGPknShrdMtFle+gLet9/2r4rZ7h7n3V8Y//QjowZOWoyE04rl
FKvB0u/37ndCaA==
-----END CERTIFICATE-----