Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          lz+2ybG9wFIUslP+NTqB1woUXbni2tLEjuakf8ayUH0=
Subject key identifier:   91:5F:39:B0:F9:94:EC:B2:CE:82:16:C0:BE:DB:C0:AC:20:B1:F3:48
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0199228C7BBF7A8D88F1A01E20DE7B7E1444
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0389
Signing time:             Sun 07 Sep 2025 05:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:55 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: Z7eRYYPxSy/fQxcusAYFTYIiYgAKOGZyVe3ZS4GZzA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:7b:bf:7a:8d:88:f1:a0:1e:20:de:7b:7e:14:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Sep  7 05:00:55 2025 GMT
            Not After : Sep  8 05:00:55 2025 GMT
        Subject: CN=915f39b0f994ecb2ce8216c0bedbc0ac20b1f348
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:62:8f:10:00:b5:13:ed:2c:9b:86:45:98:60:
                    12:71:57:93:49:ca:32:c2:99:80:96:fb:84:7c:4c:
                    a4:c8:0a:0b:62:0c:64:8b:48:5f:d3:34:70:52:2f:
                    d0:b7:e6:f5:07:31:59:4b:6f:90:dc:b9:6d:df:83:
                    22:60:64:9e:9e:79:81:60:f0:4a:4c:6e:7a:c6:8a:
                    b5:1f:03:0a:ed:95:e3:53:8b:fe:dc:92:17:03:0b:
                    4f:14:49:db:96:68:2f:44:c1:9c:24:97:c2:ee:0b:
                    98:d7:e7:18:94:8b:dd:36:f6:c5:0d:8d:a3:ab:f3:
                    c2:3d:9a:3f:87:01:4f:8a:17:92:49:08:16:64:e7:
                    54:35:56:ba:d1:dc:51:88:67:fd:25:eb:68:ea:5f:
                    fd:9d:02:5a:53:f5:d7:54:87:2c:c3:53:52:02:73:
                    08:9a:3e:81:b5:d7:16:2f:58:f6:2a:4e:c7:3f:26:
                    d6:5d:23:fe:b6:51:e2:a6:e0:7c:fe:f6:2e:f4:71:
                    94:38:52:66:99:51:b1:54:62:65:f1:53:b2:54:cc:
                    0c:6f:0f:7a:a1:04:ca:2f:2e:36:ab:b7:92:c9:05:
                    f9:68:ec:0d:05:03:84:97:07:3c:0a:7f:0d:2b:eb:
                    e4:c2:01:8f:4b:0a:59:0f:12:54:08:d8:88:d3:8d:
                    45:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:5F:39:B0:F9:94:EC:B2:CE:82:16:C0:BE:DB:C0:AC:20:B1:F3:48
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:f9:f6:88:3a:67:e9:1c:04:13:36:80:cb:8f:4c:08:f2:38:
         d1:a1:40:19:ce:1d:8e:d3:00:d4:13:bc:dd:64:3f:41:28:a4:
         06:2e:67:89:2f:36:69:10:0a:50:da:1e:c8:47:27:23:22:a7:
         0d:00:17:8d:ee:4a:18:9b:dc:32:ff:8c:0a:e5:95:b1:fd:64:
         d4:97:e6:64:69:fe:eb:be:02:7e:44:ca:b1:29:2e:54:ea:9a:
         2d:35:ad:1a:23:e9:b1:6e:40:13:d3:27:0a:30:8f:ac:e2:23:
         02:00:db:7e:32:40:a5:b2:45:52:37:f2:c4:c5:e8:b5:81:58:
         9d:50:9d:18:78:77:3a:6f:78:ed:44:38:69:d8:16:8b:2d:c8:
         bd:28:a0:1f:9c:8c:2d:e5:da:67:0e:1d:35:7d:c2:1f:b9:fe:
         da:4d:31:d0:e1:8e:c1:c6:56:d9:62:99:c9:26:4a:2b:44:0e:
         d5:9e:b9:96:eb:d7:7d:32:f3:1c:41:93:0f:f1:66:73:1d:52:
         40:f9:89:c7:24:d7:c2:a9:43:11:30:cd:2c:50:60:a2:5b:e6:
         f5:de:3c:f2:b4:95:ef:a2:84:5b:f6:94:0e:e0:1d:0c:99:8b:
         c0:40:a3:f8:c2:7a:17:f2:70:2a:7d:99:a8:93:e9:e3:72:ee:
         bf:26:fa:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijHu/eo2I8aAeIN57fhREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwOTA3MDUwMDU1WhcNMjUwOTA4MDUwMDU1WjAzMTEwLwYDVQQD
Eyg5MTVmMzliMGY5OTRlY2IyY2U4MjE2YzBiZWRiYzBhYzIwYjFmMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GKPEAC1E+0sm4ZFmGAScVeTScoy
wpmAlvuEfEykyAoLYgxki0hf0zRwUi/Qt+b1BzFZS2+Q3Llt34MiYGSennmBYPBK
TG56xoq1HwMK7ZXjU4v+3JIXAwtPFEnblmgvRMGcJJfC7guY1+cYlIvdNvbFDY2j
q/PCPZo/hwFPiheSSQgWZOdUNVa60dxRiGf9Jeto6l/9nQJaU/XXVIcsw1NSAnMI
mj6BtdcWL1j2Kk7HPybWXSP+tlHipuB8/vYu9HGUOFJmmVGxVGJl8VOyVMwMbw96
oQTKLy42q7eSyQX5aOwNBQOElwc8Cn8NK+vkwgGPSwpZDxJUCNiI041FVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFfObD5lOyyzoIWwL7bwKwgsfNIMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfn2iDpn
6RwEEzaAy49MCPI40aFAGc4djtMA1BO83WQ/QSikBi5niS82aRAKUNoeyEcnIyKn
DQAXje5KGJvcMv+MCuWVsf1k1JfmZGn+674CfkTKsSkuVOqaLTWtGiPpsW5AE9Mn
CjCPrOIjAgDbfjJApbJFUjfyxMXotYFYnVCdGHh3Om947UQ4adgWiy3IvSigH5yM
LeXaZw4dNX3CH7n+2k0x0OGOwcZW2WKZySZKK0QO1Z65luvXfTLzHEGTD/Fmcx1S
QPmJxyTXwqlDETDNLFBgolvm9d488rSV76KEW/aUDuAdDJmLwECj+MJ6F/JwKn2Z
qJPp43Luvyb6/Q==
-----END CERTIFICATE-----