Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          nkyrsuT8w+TTrCLqIcWehkTLsdNiJsvW2VZNILzDg7E=
Subject key identifier:   F2:F5:67:5A:82:57:24:35:BA:37:EE:78:CC:22:B8:DB:B5:C0:6B:B1
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       019A725C974DE9470C865023E5BB6E08FC87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          0798
Signing time:             Tue 11 Nov 2025 10:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:01 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: H2SDpBNjfQV+CQ86208jNtFrkKVCkj5q/1OJ4mTtZXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:97:4d:e9:47:0c:86:50:23:e5:bb:6e:08:fc:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: Nov 11 10:01:01 2025 GMT
            Not After : Nov 12 10:01:01 2025 GMT
        Subject: CN=f2f5675a82572435ba37ee78cc22b8dbb5c06bb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5f:4c:3d:01:29:9e:3b:3c:28:0d:b7:ee:a1:
                    cd:56:f2:43:3b:44:71:42:b6:9f:d1:28:38:d9:72:
                    39:83:79:ac:6e:6e:f9:e3:90:5d:42:24:e8:64:76:
                    b8:93:04:c6:99:51:82:08:d9:f9:65:42:2e:4d:0f:
                    76:81:62:db:0e:e3:95:9a:c9:62:10:50:e5:80:35:
                    13:55:f2:da:a9:b5:d7:af:19:ec:c0:00:ea:bd:66:
                    40:a2:4d:9c:35:f9:60:63:f0:19:86:18:5d:92:6b:
                    b9:21:0c:34:25:e0:ae:04:e2:2d:b0:61:8c:83:3c:
                    f7:da:f6:52:37:18:66:97:95:b8:9e:3d:6b:3e:78:
                    17:75:e8:6a:28:72:48:6b:0b:d4:9c:50:62:1d:ea:
                    e7:86:88:ce:44:3f:de:41:21:76:05:6c:b7:03:e8:
                    b9:02:af:d9:d6:2c:6b:56:4b:5c:e7:ab:d1:c2:73:
                    da:7f:a0:e8:65:e0:bb:c4:e9:1d:24:c9:3f:03:55:
                    f6:80:cd:f2:51:93:84:5a:2b:f0:d4:d3:e9:2c:aa:
                    6e:23:90:03:23:b2:8a:d0:73:e1:52:8c:b0:a9:e3:
                    93:38:81:94:93:ed:d2:17:ad:ce:62:1d:e5:88:3e:
                    82:39:84:16:04:09:f5:0f:70:8c:a9:0c:12:15:ed:
                    6f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:F5:67:5A:82:57:24:35:BA:37:EE:78:CC:22:B8:DB:B5:C0:6B:B1
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:de:38:88:81:71:1d:ee:71:1d:63:6c:e7:54:47:e9:ef:11:
         aa:92:80:89:43:fb:42:db:7a:32:92:0a:75:4c:c7:23:bf:19:
         16:88:84:74:85:35:c3:00:cc:ff:d2:8d:82:6b:05:58:45:f1:
         ec:5f:67:d1:db:34:a3:6d:08:92:13:38:8a:f3:fc:9e:d2:22:
         cd:f3:28:a7:e5:44:da:97:4b:8f:d5:43:87:84:e8:98:df:1f:
         a1:d6:b2:b1:be:ef:02:74:b3:ae:30:4a:22:39:17:b6:62:11:
         20:7e:ee:58:d2:2f:34:42:49:4a:9d:5b:8e:aa:2c:1b:ed:1a:
         3e:40:0a:9c:10:7b:62:11:c2:15:c2:9b:5f:db:9c:db:68:e0:
         f4:ec:50:d5:5b:e0:9b:91:05:3f:7b:bd:03:7f:10:f5:02:33:
         f7:33:70:58:8c:5b:ec:42:32:c6:5d:95:62:1e:3c:62:e2:7d:
         fc:62:08:9f:63:93:9f:dd:fd:de:2f:36:13:e9:ad:69:63:54:
         42:ab:8b:ca:e6:1c:95:b3:ee:73:2a:06:a5:8e:01:38:e3:d7:
         41:dc:78:fc:eb:db:ea:a1:f2:9b:36:05:1c:47:9a:f9:1f:6d:
         ff:7f:31:24:e2:34:31:da:a7:28:7f:48:44:52:4c:fc:23:f2:
         b8:18:d4:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJdN6UcMhlAj5btuCPyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjUxMTExMTAwMTAxWhcNMjUxMTEyMTAwMTAxWjAzMTEwLwYDVQQD
EyhmMmY1Njc1YTgyNTcyNDM1YmEzN2VlNzhjYzIyYjhkYmI1YzA2YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr19MPQEpnjs8KA237qHNVvJDO0Rx
Qraf0Sg42XI5g3msbm7545BdQiToZHa4kwTGmVGCCNn5ZUIuTQ92gWLbDuOVmsli
EFDlgDUTVfLaqbXXrxnswADqvWZAok2cNflgY/AZhhhdkmu5IQw0JeCuBOItsGGM
gzz32vZSNxhml5W4nj1rPngXdehqKHJIawvUnFBiHernhojORD/eQSF2BWy3A+i5
Aq/Z1ixrVktc56vRwnPaf6DoZeC7xOkdJMk/A1X2gM3yUZOEWivw1NPpLKpuI5AD
I7KK0HPhUoywqeOTOIGUk+3SF63OYh3liD6COYQWBAn1D3CMqQwSFe1vewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPL1Z1qCVyQ1ujfueMwiuNu1wGuxMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGN44iIFx
He5xHWNs51RH6e8RqpKAiUP7Qtt6MpIKdUzHI78ZFoiEdIU1wwDM/9KNgmsFWEXx
7F9n0ds0o20IkhM4ivP8ntIizfMop+VE2pdLj9VDh4TomN8fodaysb7vAnSzrjBK
IjkXtmIRIH7uWNIvNEJJSp1bjqosG+0aPkAKnBB7YhHCFcKbX9uc22jg9OxQ1Vvg
m5EFP3u9A38Q9QIz9zNwWIxb7EIyxl2VYh48YuJ9/GIIn2OTn9393i82E+mtaWNU
QquLyuYclbPucyoGpY4BOOPXQdx4/Ovb6qHymzYFHEea+R9t/38xJOI0MdqnKH9I
RFJM/CPyuBjUPA==
-----END CERTIFICATE-----