Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          U7NDEIdr9h542C+KTJ64lVnlBi7x/39sAotaraprPOM=
Subject key identifier:   63:90:55:55:FC:B0:58:73:31:73:7A:40:3C:53:DC:08:83:98:14:33
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       0199239F5BC99750B3A2890A7E27FC29C565
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          13B1
Signing time:             Sun 07 Sep 2025 10:01:09 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:09 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:09 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: pn2QLYeqBk7Z3IM0PymtAkFEF0RE9F8gQGdyRZAsqMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:5b:c9:97:50:b3:a2:89:0a:7e:27:fc:29:c5:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Sep  7 10:01:09 2025 GMT
            Not After : Sep  8 10:01:09 2025 GMT
        Subject: CN=63905555fcb0587331737a403c53dc0883981433
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f0:cc:47:58:00:32:e0:14:9d:d1:80:de:96:
                    9f:ad:9c:e1:e9:29:c1:aa:cc:58:8e:16:cf:5f:5b:
                    89:91:e0:7a:89:7b:1b:1b:a7:b5:fb:c6:d1:15:17:
                    be:d0:86:d9:38:a4:34:00:80:57:07:0c:99:e6:0f:
                    06:01:59:4e:3e:b0:75:06:cd:40:07:15:5b:39:8d:
                    b6:8d:62:68:00:8b:5a:a1:7b:d3:84:6f:ef:94:e0:
                    f0:40:78:c1:01:44:be:3e:a5:bc:28:d7:22:08:b5:
                    76:7a:c0:48:27:c0:0d:83:63:3e:1f:78:e3:82:a5:
                    20:ea:84:e9:13:cd:d8:10:21:85:b2:8b:c7:ad:ee:
                    f2:eb:eb:98:bc:61:c5:c8:c7:c5:f5:ca:85:53:a2:
                    ef:93:f9:c0:72:f2:77:ee:cd:52:64:9b:a7:74:3c:
                    a4:2a:aa:3b:52:f3:2b:96:75:91:6d:15:6b:46:ec:
                    72:44:22:eb:e1:70:ca:7a:d5:e0:81:4f:d1:61:d2:
                    bf:ec:8b:a4:48:e9:2b:ca:a4:3e:6e:d2:12:41:a0:
                    9d:d6:d2:77:e4:ae:2b:47:99:ea:5b:cb:be:b9:6e:
                    ab:11:d3:24:1f:7c:03:da:b3:ff:2e:a2:c1:89:1a:
                    59:52:72:8f:c3:64:37:b3:7a:39:9a:82:25:4c:ae:
                    e7:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:90:55:55:FC:B0:58:73:31:73:7A:40:3C:53:DC:08:83:98:14:33
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:f6:f2:2c:c4:d0:61:a0:3f:7d:76:3d:8c:e6:d7:f0:3b:32:
         24:2c:ab:59:af:41:c0:71:05:2a:6c:e1:0c:75:24:00:e7:e6:
         86:88:b5:4f:7f:5f:31:c3:92:e6:8f:32:18:f1:54:5b:24:68:
         e9:fa:7f:68:9b:e9:ca:ad:5b:a6:f1:89:3f:02:ad:3f:a8:87:
         b2:42:e1:4c:c8:50:b6:fd:f0:c5:cb:7e:02:ba:32:a0:76:09:
         81:74:61:f4:c5:9d:42:25:43:c7:7b:1f:60:ad:66:25:c8:61:
         13:57:30:11:33:f1:6e:8e:e3:2d:a8:8c:c7:5b:9f:71:67:b8:
         23:74:a3:9e:66:d3:a5:4e:49:21:9b:03:25:35:39:6f:03:da:
         ee:34:65:a8:69:45:13:69:6d:a7:30:05:e0:a0:0b:c8:7d:b8:
         f9:c3:d1:57:9e:65:2a:fe:be:e8:9f:05:d3:95:ce:57:9b:f4:
         5d:f2:bb:8b:04:e5:c8:0a:d6:a6:f6:02:1a:8a:07:cc:bf:f7:
         c9:7e:17:39:38:d1:39:47:50:5c:f2:19:f2:dd:92:79:1f:33:
         d1:5c:7a:d6:41:e6:9e:c2:7f:54:a7:da:75:94:8a:1b:1f:be:
         20:00:27:e4:3b:56:b3:73:fc:d4:cc:96:32:f4:dd:0e:47:71:
         86:02:50:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn1vJl1CzookKfif8KcVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUwOTA3MTAwMTA5WhcNMjUwOTA4MTAwMTA5WjAzMTEwLwYDVQQD
Eyg2MzkwNTU1NWZjYjA1ODczMzE3MzdhNDAzYzUzZGMwODgzOTgxNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPDMR1gAMuAUndGA3pafrZzh6SnB
qsxYjhbPX1uJkeB6iXsbG6e1+8bRFRe+0IbZOKQ0AIBXBwyZ5g8GAVlOPrB1Bs1A
BxVbOY22jWJoAItaoXvThG/vlODwQHjBAUS+PqW8KNciCLV2esBIJ8ANg2M+H3jj
gqUg6oTpE83YECGFsovHre7y6+uYvGHFyMfF9cqFU6Lvk/nAcvJ37s1SZJundDyk
Kqo7UvMrlnWRbRVrRuxyRCLr4XDKetXggU/RYdK/7IukSOkryqQ+btISQaCd1tJ3
5K4rR5nqW8u+uW6rEdMkH3wD2rP/LqLBiRpZUnKPw2Q3s3o5moIlTK7nYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOQVVX8sFhzMXN6QDxT3AiDmBQzMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmvbyLMTQ
YaA/fXY9jObX8DsyJCyrWa9BwHEFKmzhDHUkAOfmhoi1T39fMcOS5o8yGPFUWyRo
6fp/aJvpyq1bpvGJPwKtP6iHskLhTMhQtv3wxct+AroyoHYJgXRh9MWdQiVDx3sf
YK1mJchhE1cwETPxbo7jLaiMx1ufcWe4I3SjnmbTpU5JIZsDJTU5bwPa7jRlqGlF
E2ltpzAF4KALyH24+cPRV55lKv6+6J8F05XOV5v0XfK7iwTlyArWpvYCGooHzL/3
yX4XOTjROUdQXPIZ8t2SeR8z0Vx61kHmnsJ/VKfadZSKGx++IAAn5DtWs3P81MyW
MvTdDkdxhgJQ4g==
-----END CERTIFICATE-----