Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          i/INoT+8xH8iX1qzITIc+hcIoTYH2tU2vSblN6/HK0w=
Subject key identifier:   D3:66:78:54:F5:40:6D:B9:2B:DC:0E:C6:FE:B9:81:28:0C:65:91:B7
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       019922558C8E4DB8874D13D5EE25B85C4622
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          03D8
Signing time:             Sun 07 Sep 2025 04:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:55 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: +JLoU+vblsw2+Ep0nW5maZK4DxodSIwUiKEQrpYl7Wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:8c:8e:4d:b8:87:4d:13:d5:ee:25:b8:5c:46:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Sep  7 04:00:55 2025 GMT
            Not After : Sep  8 04:00:55 2025 GMT
        Subject: CN=d3667854f5406db92bdc0ec6feb981280c6591b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1f:1f:43:c6:5e:bc:48:e0:5d:ed:f2:75:5e:
                    81:ad:ae:60:05:2c:f8:24:db:1c:ad:33:35:16:4b:
                    7c:6c:84:e7:e6:45:8e:40:fb:58:ed:fa:21:c8:a5:
                    3f:c2:4d:d2:71:07:2f:d6:8a:d2:0b:72:bf:8e:9c:
                    94:96:8d:03:7f:9e:6d:10:31:ac:e4:30:98:61:77:
                    0f:af:73:99:de:2a:d2:13:82:9d:2e:a9:65:55:f3:
                    a5:32:7f:91:6f:d3:6b:f3:2d:76:4d:5a:d2:c8:d4:
                    ec:3b:d0:27:0a:cf:e0:7d:6e:d5:a6:da:16:27:9f:
                    1a:cf:e9:0a:7e:fc:e1:19:40:ec:24:3f:1a:a3:f6:
                    1b:a6:6a:d9:93:55:cb:48:37:a4:23:ec:74:15:30:
                    11:aa:90:62:f4:05:13:59:c5:70:5c:7c:36:a1:11:
                    c3:3f:18:58:75:74:c7:a1:2d:15:ec:cc:40:4f:00:
                    de:09:1a:72:8f:6a:10:b4:35:a8:ad:16:81:fd:3f:
                    ea:ab:17:7f:93:c8:27:a0:99:68:ea:8c:e7:02:7d:
                    e2:d0:96:d9:81:db:4e:70:72:1b:33:79:28:66:4b:
                    c3:8b:94:bb:36:67:cf:2d:5d:fc:9b:4e:73:b2:88:
                    66:53:83:20:97:41:1c:16:c3:53:f9:d7:f8:a6:94:
                    07:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:66:78:54:F5:40:6D:B9:2B:DC:0E:C6:FE:B9:81:28:0C:65:91:B7
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:51:e7:dd:d2:38:59:bd:95:90:d0:85:e1:b9:00:2c:90:e8:
         e7:b2:36:47:56:db:c9:e8:af:bf:ef:65:08:82:d3:e3:ba:74:
         7b:8a:e2:e6:01:48:32:06:33:0b:d4:cc:10:9a:a2:5e:7a:40:
         bc:27:35:aa:95:26:92:7c:09:87:22:9a:eb:e5:ba:33:30:bf:
         f2:a0:58:cc:05:c9:ea:99:f9:48:3d:45:37:22:c9:e6:6b:9e:
         85:4b:46:7b:38:66:5b:ff:0e:db:ef:db:10:5c:76:db:ec:e0:
         bb:c5:44:67:de:b7:c2:c2:70:8c:99:62:7a:9b:31:c8:55:5e:
         a0:2b:50:0a:7a:f5:07:ef:12:07:88:3c:e6:b3:45:c2:bd:75:
         31:a5:60:72:aa:3e:9c:70:19:c8:29:25:25:d8:55:1f:ea:a0:
         55:36:6d:50:a4:5f:bf:02:8b:24:7e:5c:7c:c5:98:ac:4e:5d:
         13:f0:88:06:30:9b:7d:b2:14:08:48:cd:94:db:b2:59:c7:b4:
         0c:d9:04:32:91:13:96:ec:52:16:9c:2d:78:15:f1:63:ce:51:
         17:c4:f4:49:99:39:f6:c4:a2:7e:73:f0:67:ce:69:7d:08:54:
         9c:74:b8:31:df:e2:e4:12:48:8a:40:ec:3e:10:e5:73:57:cb:
         1a:2e:3e:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVYyOTbiHTRPV7iW4XEYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUwOTA3MDQwMDU1WhcNMjUwOTA4MDQwMDU1WjAzMTEwLwYDVQQD
EyhkMzY2Nzg1NGY1NDA2ZGI5MmJkYzBlYzZmZWI5ODEyODBjNjU5MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh8fQ8ZevEjgXe3ydV6Bra5gBSz4
JNscrTM1Fkt8bITn5kWOQPtY7fohyKU/wk3ScQcv1orSC3K/jpyUlo0Df55tEDGs
5DCYYXcPr3OZ3irSE4KdLqllVfOlMn+Rb9Nr8y12TVrSyNTsO9AnCs/gfW7VptoW
J58az+kKfvzhGUDsJD8ao/YbpmrZk1XLSDekI+x0FTARqpBi9AUTWcVwXHw2oRHD
PxhYdXTHoS0V7MxATwDeCRpyj2oQtDWorRaB/T/qqxd/k8gnoJlo6oznAn3i0JbZ
gdtOcHIbM3koZkvDi5S7NmfPLV38m05zsohmU4Mgl0EcFsNT+df4ppQHBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNmeFT1QG25K9wOxv65gSgMZZG3MB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVHn3dI4
Wb2VkNCF4bkALJDo57I2R1bbyeivv+9lCILT47p0e4ri5gFIMgYzC9TMEJqiXnpA
vCc1qpUmknwJhyKa6+W6MzC/8qBYzAXJ6pn5SD1FNyLJ5muehUtGezhmW/8O2+/b
EFx22+zgu8VEZ963wsJwjJliepsxyFVeoCtQCnr1B+8SB4g85rNFwr11MaVgcqo+
nHAZyCklJdhVH+qgVTZtUKRfvwKLJH5cfMWYrE5dE/CIBjCbfbIUCEjNlNuyWce0
DNkEMpETluxSFpwteBXxY85RF8T0SZk59sSifnPwZ85pfQhUnHS4Md/i5BJIikDs
PhDlc1fLGi4+UA==
-----END CERTIFICATE-----