Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
File:                     j3phc572fsR6X9EOVvx6NNy3PHA.mft (raw, json)
Hash identifier:          0siDyGiiVoVWNFYYcrK6H5QT4v7kdYJhDDZZ8J5l2to=
Subject key identifier:   7B:C3:9B:72:63:B1:DA:D0:AD:6F:EB:E0:95:6E:A8:F6:5E:9A:DF:18
Authority key identifier: 8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70
Certificate issuer:       /CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
Certificate serial:       019922557182617BA107D5286299B4101D1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
Manifest number:          0EC4
Signing time:             Sun 07 Sep 2025 04:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:48 +0000
Files and hashes:         1: j3phc572fsR6X9EOVvx6NNy3PHA.crl (hash: 42yAnEuR1vUe0BzqYYusZaW9q8AdA8cnKEP+fp2NCxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:71:82:61:7b:a1:07:d5:28:62:99:b4:10:1d:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
        Validity
            Not Before: Sep  7 04:00:48 2025 GMT
            Not After : Sep  8 04:00:48 2025 GMT
        Subject: CN=7bc39b7263b1dad0ad6febe0956ea8f65e9adf18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:2f:28:28:ee:1c:cc:b9:c6:4a:49:0b:47:60:
                    f8:e2:b6:8a:8e:8c:25:77:9a:31:f9:3e:5d:9f:f1:
                    5e:09:0e:27:36:86:b5:fe:98:85:fe:dc:1c:04:9a:
                    5e:61:10:14:fa:07:26:cb:0e:f1:77:08:a8:c7:ff:
                    5b:42:0b:c9:55:40:5a:95:47:25:b3:70:7f:a6:f7:
                    a7:7d:83:89:b9:09:ed:7f:d6:c1:44:06:bd:c1:fc:
                    e2:f4:13:54:59:4a:85:bd:0b:ce:86:a0:8a:fb:33:
                    a5:c6:34:01:3a:3b:e8:fd:ef:c0:d6:0d:35:7d:d1:
                    39:a6:5f:86:b5:a6:4c:03:fd:48:54:98:20:76:36:
                    13:6c:45:9c:28:1f:d3:a2:18:7e:28:ee:fd:27:5d:
                    93:72:8c:96:49:3e:fe:d4:df:25:56:f8:2c:27:d5:
                    34:49:22:49:2c:90:cd:ba:df:56:b9:f3:2d:42:45:
                    55:c9:44:2d:3e:20:1d:7c:86:4a:41:2e:c9:55:76:
                    ae:0c:dc:b9:7c:4b:64:d5:b7:4d:ff:8e:92:2a:ff:
                    56:96:91:5a:49:ae:e5:75:96:b2:87:19:44:98:10:
                    42:0e:20:aa:b7:c6:56:bc:4f:dd:5a:79:05:a5:a6:
                    bf:d0:27:d2:1b:84:77:03:ad:26:04:fe:8b:44:80:
                    0a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:C3:9B:72:63:B1:DA:D0:AD:6F:EB:E0:95:6E:A8:F6:5E:9A:DF:18
            X509v3 Authority Key Identifier:
                keyid:8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:42:8c:8a:51:ad:aa:c3:23:2f:15:76:4f:79:0f:6c:9f:ac:
         5e:40:9f:78:53:3b:08:3e:23:f4:02:51:3e:de:4f:f2:96:b8:
         8f:7b:6d:83:73:20:d0:74:bb:a1:ea:7e:3f:e0:8c:44:30:bb:
         f6:91:fc:f2:89:1f:4a:26:bc:0f:10:11:e3:5b:29:36:74:06:
         35:2e:83:98:96:69:be:64:70:dc:c1:62:0a:dc:8e:db:9c:af:
         02:f7:82:62:0e:d5:d3:fb:95:e6:9d:9a:fe:c8:43:ab:4d:7c:
         81:b7:d0:4a:c7:6f:f9:ce:ce:09:07:d9:b3:f1:42:c4:37:70:
         c0:7f:53:66:ba:30:d5:ab:66:c7:40:da:84:5e:43:f5:82:66:
         a9:1a:a3:19:16:bc:0e:50:a8:e6:eb:1d:3b:94:be:a9:50:07:
         ce:fe:22:0d:5c:1e:cc:c1:1d:00:1d:b8:02:d0:4e:76:c4:dc:
         e1:e4:6c:b9:03:8c:8e:c9:70:94:71:03:c1:73:a1:45:17:63:
         7f:da:ab:e0:ef:07:43:ef:64:8e:30:55:c5:33:e8:0e:8f:71:
         3d:b2:ad:bd:70:af:20:89:56:a8:6d:bd:09:73:04:58:7f:61:
         0c:7d:b3:3f:a5:47:52:61:d3:8b:ff:90:56:9b:a0:d6:d9:f2:
         e5:3c:6f:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVXGCYXuhB9UoYpm0EB0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2E2MTczOWVmNjdlYzQ3YTVmZDEwZTU2ZmM3YTM0ZGNi
NzNjNzAwHhcNMjUwOTA3MDQwMDQ4WhcNMjUwOTA4MDQwMDQ4WjAzMTEwLwYDVQQD
Eyg3YmMzOWI3MjYzYjFkYWQwYWQ2ZmViZTA5NTZlYThmNjVlOWFkZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS8oKO4czLnGSkkLR2D44raKjowl
d5ox+T5dn/FeCQ4nNoa1/piF/twcBJpeYRAU+gcmyw7xdwiox/9bQgvJVUBalUcl
s3B/pvenfYOJuQntf9bBRAa9wfzi9BNUWUqFvQvOhqCK+zOlxjQBOjvo/e/A1g01
fdE5pl+GtaZMA/1IVJggdjYTbEWcKB/Tohh+KO79J12TcoyWST7+1N8lVvgsJ9U0
SSJJLJDNut9WufMtQkVVyUQtPiAdfIZKQS7JVXauDNy5fEtk1bdN/46SKv9WlpFa
Sa7ldZayhxlEmBBCDiCqt8ZWvE/dWnkFpaa/0CfSG4R3A60mBP6LRIAKqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvDm3JjsdrQrW/r4JVuqPZemt8YMB8GA1UdIwQY
MBaAFI96YXOe9n7Eel/RDlb8ejTctzxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUt
NzM4OTQwODEwYWRmLzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUtNzM4OTQwODEwYWRm
LzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn0KMilGt
qsMjLxV2T3kPbJ+sXkCfeFM7CD4j9AJRPt5P8pa4j3ttg3Mg0HS7oep+P+CMRDC7
9pH88okfSia8DxAR41spNnQGNS6DmJZpvmRw3MFiCtyO25yvAveCYg7V0/uV5p2a
/shDq018gbfQSsdv+c7OCQfZs/FCxDdwwH9TZrow1atmx0DahF5D9YJmqRqjGRa8
DlCo5usdO5S+qVAHzv4iDVwezMEdAB24AtBOdsTc4eRsuQOMjslwlHEDwXOhRRdj
f9qr4O8HQ+9kjjBVxTPoDo9xPbKtvXCvIIlWqG29CXMEWH9hDH2zP6VHUmHTi/+Q
Vpug1tny5Txv4g==
-----END CERTIFICATE-----