Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          xRd0RDcIz/F1l1DbpuF4aIYjylhrRsDbTowyQFVYm/Q=
Subject key identifier:   08:7E:9F:7F:37:71:04:05:1B:09:05:A4:F5:81:DB:E9:19:97:3A:BE
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       0199228CBD1005B2415EE2EE23FD5D2E5E6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          1373
Signing time:             Sun 07 Sep 2025 05:01:12 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:12 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:12 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: wYFfLzDtIbo6o0mZ7qEZbhfF6AxWT7VCNziPx7qt9/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:bd:10:05:b2:41:5e:e2:ee:23:fd:5d:2e:5e:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Sep  7 05:01:12 2025 GMT
            Not After : Sep  8 05:01:12 2025 GMT
        Subject: CN=087e9f7f377104051b0905a4f581dbe919973abe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f4:bb:fe:f9:5f:32:7d:81:fd:2d:ed:22:d0:
                    50:43:f2:cd:dd:b4:3e:6a:43:ad:6f:19:66:31:f6:
                    d0:21:b6:11:d7:69:54:0f:0d:41:17:55:70:a5:44:
                    3c:57:94:aa:95:58:3b:8b:1f:f7:42:90:16:f6:74:
                    09:65:30:ed:99:46:f9:3b:a2:e6:65:69:d6:91:ff:
                    af:09:43:1c:08:83:c4:97:31:81:68:cb:e1:ea:12:
                    d5:70:6c:9a:13:d5:3f:be:e5:e5:5c:f0:1e:46:aa:
                    60:46:d5:e2:aa:6c:ac:dc:be:b9:dd:3e:fd:db:50:
                    b5:51:be:8f:b3:f1:67:2e:07:36:e3:4f:38:ad:c3:
                    c5:b7:bf:09:18:02:2e:1e:5d:c2:a2:f5:42:f9:9c:
                    b0:f8:c9:1d:70:4a:1e:93:a0:cf:0a:bf:26:b3:be:
                    8b:c9:b8:22:2f:1c:93:36:dd:70:eb:74:0e:4f:95:
                    24:51:e4:b5:dc:5c:7b:e0:78:e4:0a:ed:29:8f:de:
                    40:2c:6f:27:91:0b:ed:4c:76:68:40:2c:17:8f:d9:
                    81:7d:de:ed:a8:02:63:18:54:26:b6:8c:2d:3b:b7:
                    21:5a:e6:b2:b2:c2:2c:e6:1e:bc:c8:30:5c:2a:d4:
                    b3:b0:2d:1a:e8:6f:3c:68:2b:5b:1c:ec:3e:ac:c0:
                    e5:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:7E:9F:7F:37:71:04:05:1B:09:05:A4:F5:81:DB:E9:19:97:3A:BE
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:c4:dc:fb:09:70:be:00:b2:e3:8a:20:8f:53:02:f9:af:55:
         39:54:85:e3:97:56:b7:3a:76:eb:d6:32:91:db:83:51:06:0c:
         8c:ca:b4:00:2d:44:35:00:a4:2a:58:81:9b:c1:8f:88:d0:7d:
         f3:e7:9f:f7:42:a3:d7:6e:6d:d7:73:93:67:46:52:86:6a:ab:
         bf:37:16:bf:d3:88:7e:80:02:fd:69:f3:55:90:c2:7d:67:de:
         cb:e5:2e:3e:a9:44:c4:6c:40:80:b5:cf:50:12:90:36:e9:6c:
         f1:88:0c:3b:94:5c:af:2e:28:60:5b:66:2c:02:a6:bb:72:e1:
         56:f6:f3:ed:42:ee:44:32:7b:6c:1b:73:ca:14:ec:4e:8f:2a:
         e3:d1:84:49:b1:dc:28:76:8d:6e:32:fe:c6:60:96:40:50:51:
         7f:d1:7e:3c:8f:9d:3d:25:92:91:36:72:0a:e2:95:a2:44:2c:
         e4:6d:65:44:3b:60:a7:e9:6b:90:70:f2:63:e0:a8:67:7a:94:
         71:27:c3:ae:61:40:9c:a7:c0:a9:4e:59:9a:e3:69:5c:1e:77:
         bd:03:9d:f0:74:53:d1:35:f4:f4:d8:de:04:e9:aa:c9:3e:61:
         0b:4b:16:c2:00:98:06:28:ad:99:28:da:fc:64:1f:85:2a:56:
         b2:5a:bc:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijL0QBbJBXuLuI/1dLl5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjUwOTA3MDUwMTEyWhcNMjUwOTA4MDUwMTEyWjAzMTEwLwYDVQQD
EygwODdlOWY3ZjM3NzEwNDA1MWIwOTA1YTRmNTgxZGJlOTE5OTczYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPS7/vlfMn2B/S3tItBQQ/LN3bQ+
akOtbxlmMfbQIbYR12lUDw1BF1VwpUQ8V5SqlVg7ix/3QpAW9nQJZTDtmUb5O6Lm
ZWnWkf+vCUMcCIPElzGBaMvh6hLVcGyaE9U/vuXlXPAeRqpgRtXiqmys3L653T79
21C1Ub6Ps/FnLgc24084rcPFt78JGAIuHl3CovVC+Zyw+MkdcEoek6DPCr8ms76L
ybgiLxyTNt1w63QOT5UkUeS13Fx74HjkCu0pj95ALG8nkQvtTHZoQCwXj9mBfd7t
qAJjGFQmtowtO7chWuayssIs5h68yDBcKtSzsC0a6G88aCtbHOw+rMDldwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAh+n383cQQFGwkFpPWB2+kZlzq+MB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMTc+wlw
vgCy44ogj1MC+a9VOVSF45dWtzp269YykduDUQYMjMq0AC1ENQCkKliBm8GPiNB9
8+ef90Kj125t13OTZ0ZShmqrvzcWv9OIfoAC/WnzVZDCfWfey+UuPqlExGxAgLXP
UBKQNuls8YgMO5Rcry4oYFtmLAKmu3LhVvbz7ULuRDJ7bBtzyhTsTo8q49GESbHc
KHaNbjL+xmCWQFBRf9F+PI+dPSWSkTZyCuKVokQs5G1lRDtgp+lrkHDyY+CoZ3qU
cSfDrmFAnKfAqU5ZmuNpXB53vQOd8HRT0TX09NjeBOmqyT5hC0sWwgCYBiitmSja
/GQfhSpWslq87Q==
-----END CERTIFICATE-----