Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          NWl57miBnJDDzYJKDAFXo5DaN0AAuSFc8z86kbR9NsM=
Subject key identifier:   CF:3F:1F:67:10:16:DC:2B:E5:8D:4C:AB:CE:EC:5B:30:AD:7F:B2:DC
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       01974EC56573441A501CAE18B20D0A72F732
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          0519
Signing time:             Sun 08 Jun 2025 09:00:48 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:48 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:48 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: VbxNV9CI9y8ZOZP/ZXbFYNTmR3ZM30lJv+NaqhxqOX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 09:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:65:73:44:1a:50:1c:ae:18:b2:0d:0a:72:f7:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Jun  8 09:00:48 2025 GMT
            Not After : Jun  9 09:00:48 2025 GMT
        Subject: CN=cf3f1f671016dc2be58d4cabceec5b30ad7fb2dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:08:fd:88:6c:3f:b3:9c:e3:63:26:c7:e6:39:
                    b9:7e:57:ae:4f:58:dd:4c:f1:29:b6:5a:68:9f:73:
                    54:cf:e2:94:c2:60:62:b1:60:e4:9e:61:23:fa:4c:
                    23:4b:05:30:96:dc:67:f3:10:b0:08:c4:29:67:da:
                    e2:6d:48:2b:3d:86:7e:4e:26:2c:eb:1a:47:75:0b:
                    e2:10:27:7a:12:d2:74:78:94:8e:6a:e4:fa:f9:b9:
                    4d:8f:5b:1a:6f:26:31:09:d6:73:5a:ce:17:81:ed:
                    c9:d6:f8:fe:34:64:3d:20:45:f0:69:49:0d:2a:62:
                    e6:c0:5f:01:51:83:57:92:94:66:3e:c4:c9:21:56:
                    9c:54:64:ad:bf:88:e3:7c:52:ab:bc:f8:f8:d0:6b:
                    19:59:33:d4:df:f4:03:83:7f:6e:14:17:64:0a:c9:
                    3f:19:53:fd:a9:ed:6a:94:a8:c2:30:fe:55:62:b4:
                    96:e1:4f:e5:ef:e9:73:d3:27:24:04:7c:d4:26:47:
                    41:91:db:c9:71:f9:08:5c:cd:9e:29:88:64:8d:d1:
                    75:30:0c:21:54:99:f2:7e:d8:6f:07:4d:ad:d1:fc:
                    bc:6d:77:6a:6f:e2:04:9b:29:e9:c0:e7:f5:ee:0d:
                    12:79:4f:84:cf:d7:b1:a5:34:1b:aa:be:2b:6c:30:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:3F:1F:67:10:16:DC:2B:E5:8D:4C:AB:CE:EC:5B:30:AD:7F:B2:DC
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:8c:4b:dc:02:f6:34:74:5c:f9:d5:2f:e1:1b:14:f9:c3:49:
         ef:8c:c0:81:61:7b:75:02:8b:0d:de:b9:f8:e9:02:e7:b4:92:
         15:83:49:60:4f:aa:30:c5:d1:a5:86:ed:6b:85:37:91:7c:c7:
         7b:e3:ae:ad:a4:13:43:63:ca:38:c0:e7:8f:d7:68:3e:09:2c:
         c2:a0:10:80:32:7c:b7:4a:b9:39:ee:fb:13:ce:0d:c9:ef:37:
         05:46:0d:d1:5c:b6:43:95:1a:bd:54:2d:cc:58:4c:8b:00:39:
         e4:22:ef:ca:b8:87:68:34:fb:af:da:5c:79:fd:46:0a:22:bf:
         cf:98:2d:21:07:a3:86:c2:ca:b7:ab:96:5d:6f:c9:51:16:6a:
         a6:89:0e:ed:95:07:c4:1c:c1:34:e4:33:4e:6f:d8:73:e0:43:
         6f:ee:39:bf:57:93:a2:17:8d:1b:8a:2d:0e:f8:a1:c7:7f:3a:
         83:90:42:2e:82:2e:18:df:46:d6:0a:b8:25:32:e6:53:8f:a5:
         41:91:70:61:3f:06:19:af:2b:b1:e6:e7:d3:5e:fa:1d:4c:5f:
         94:b8:76:3f:54:49:67:79:31:d3:46:c6:37:9e:c2:28:35:4b:
         5c:75:8b:44:7f:b0:32:75:28:d7:ec:47:cb:67:6d:e5:38:dc:
         85:25:f2:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxWVzRBpQHK4Ysg0KcvcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUwNjA4MDkwMDQ4WhcNMjUwNjA5MDkwMDQ4WjAzMTEwLwYDVQQD
EyhjZjNmMWY2NzEwMTZkYzJiZTU4ZDRjYWJjZWVjNWIzMGFkN2ZiMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgj9iGw/s5zjYybH5jm5fleuT1jd
TPEptlpon3NUz+KUwmBisWDknmEj+kwjSwUwltxn8xCwCMQpZ9ribUgrPYZ+TiYs
6xpHdQviECd6EtJ0eJSOauT6+blNj1sabyYxCdZzWs4Xge3J1vj+NGQ9IEXwaUkN
KmLmwF8BUYNXkpRmPsTJIVacVGStv4jjfFKrvPj40GsZWTPU3/QDg39uFBdkCsk/
GVP9qe1qlKjCMP5VYrSW4U/l7+lz0yckBHzUJkdBkdvJcfkIXM2eKYhkjdF1MAwh
VJnyfthvB02t0fy8bXdqb+IEmynpwOf17g0SeU+Ez9expTQbqr4rbDCIEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8/H2cQFtwr5Y1Mq87sWzCtf7LcMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvoxL3AL2
NHRc+dUv4RsU+cNJ74zAgWF7dQKLDd65+OkC57SSFYNJYE+qMMXRpYbta4U3kXzH
e+OuraQTQ2PKOMDnj9doPgkswqAQgDJ8t0q5Oe77E84Nye83BUYN0Vy2Q5UavVQt
zFhMiwA55CLvyriHaDT7r9pcef1GCiK/z5gtIQejhsLKt6uWXW/JURZqpokO7ZUH
xBzBNOQzTm/Yc+BDb+45v1eToheNG4otDvihx386g5BCLoIuGN9G1gq4JTLmU4+l
QZFwYT8GGa8rsebn0176HUxflLh2P1RJZ3kx00bGN57CKDVLXHWLRH+wMnUo1+xH
y2dt5TjchSXyPQ==
-----END CERTIFICATE-----