Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          GSeY6cMBXhObLHI9eI993frzUEqZjwITDYtIP3FogCA=
Subject key identifier:   21:76:87:DB:28:F0:A8:0E:78:F7:D3:AE:06:94:DF:C6:0D:D6:13:9B
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       0198CC140617128C10D6708E1E2794E566DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          10F0
Signing time:             Thu 21 Aug 2025 10:02:01 +0000
Manifest this update:     Thu 21 Aug 2025 10:02:01 +0000
Manifest next update:     Fri 22 Aug 2025 10:02:01 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: s82xfqBurtBMDBxgWve4RxO07wDCURbkgmWIquq+w6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Aug 2025 08:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:cc:14:06:17:12:8c:10:d6:70:8e:1e:27:94:e5:66:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: Aug 21 10:02:01 2025 GMT
            Not After : Aug 22 10:02:01 2025 GMT
        Subject: CN=217687db28f0a80e78f7d3ae0694dfc60dd6139b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:bd:23:41:69:b9:00:98:9a:63:e2:6d:47:65:
                    38:9f:fe:71:7f:64:cb:52:26:d2:ef:c8:2b:63:82:
                    b6:44:9d:87:8f:18:74:b4:a4:e0:e4:b3:16:5b:4f:
                    1c:28:5f:dc:4b:23:17:e7:ef:92:36:df:51:92:79:
                    fc:2e:83:5f:54:1a:f3:1d:83:e9:81:63:d7:50:2f:
                    c4:c0:6f:63:8c:73:a3:b6:b0:79:a8:ae:e3:45:e6:
                    b3:70:66:14:79:ab:fd:ec:b7:74:ab:51:a1:ae:13:
                    9b:09:ae:58:5e:43:52:e0:6c:03:d6:5b:4f:97:ca:
                    64:86:83:43:34:a2:8d:87:c8:f1:6b:fc:89:58:41:
                    c4:93:49:fd:02:15:94:e7:3e:fe:5e:e6:d5:89:8d:
                    ed:a1:c6:30:47:54:80:22:76:96:db:19:c5:2f:cd:
                    7b:9e:70:b5:c1:e8:4c:f7:0b:c8:a5:ff:a7:78:aa:
                    ee:cd:a9:1d:3d:8f:22:86:63:ac:da:5d:63:09:41:
                    4e:ac:b6:37:2e:5e:b9:8b:89:72:b2:49:1c:51:e4:
                    24:84:8f:89:67:80:17:1d:05:cf:f1:99:a9:87:f3:
                    11:c3:1b:37:83:2e:a7:41:2a:f2:0e:08:89:cb:c9:
                    81:f6:4c:91:26:68:58:78:dd:e5:7c:b4:74:57:98:
                    0c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:76:87:DB:28:F0:A8:0E:78:F7:D3:AE:06:94:DF:C6:0D:D6:13:9B
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:78:98:0f:04:5d:46:ab:06:2f:2c:47:37:ae:a3:9f:a6:8f:
         05:c3:63:4a:02:0d:88:28:fe:ab:62:95:03:8a:f4:d2:83:00:
         75:07:22:ee:7d:20:5d:6a:a7:30:40:90:76:0c:81:71:09:a7:
         6a:2f:59:44:06:7a:cd:16:07:1d:a4:9c:db:28:13:a3:32:23:
         84:35:fe:7d:9e:bf:6c:f0:7c:46:da:3c:a7:1c:b8:4b:bb:b2:
         77:66:e4:91:ad:51:16:8b:89:3a:2a:1c:11:83:96:62:5b:19:
         28:99:55:59:e8:06:07:26:ab:3c:01:41:ed:3c:d2:27:49:ac:
         26:98:70:d3:50:18:92:c3:09:02:b8:8b:4c:fd:5c:71:5e:5b:
         32:c5:46:55:85:40:9b:f1:ed:32:ea:3e:d7:1f:56:6c:df:ad:
         cd:4f:33:8f:8c:a0:76:3b:dd:1b:57:39:2f:6a:6c:db:0b:15:
         d0:f4:78:11:87:11:f7:53:b7:aa:a4:6c:a6:18:07:5f:79:46:
         49:0f:92:88:b7:41:20:2c:06:7c:ec:d0:d0:49:85:60:bc:89:
         40:aa:21:de:4c:48:ee:44:14:6f:f8:64:67:fc:5a:e4:98:41:
         b6:45:fc:37:e5:71:c4:20:37:ec:5a:3f:a0:19:7c:34:cc:d9:
         cd:96:d7:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjMFAYXEowQ1nCOHieU5WbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjUwODIxMTAwMjAxWhcNMjUwODIyMTAwMjAxWjAzMTEwLwYDVQQD
EygyMTc2ODdkYjI4ZjBhODBlNzhmN2QzYWUwNjk0ZGZjNjBkZDYxMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq70jQWm5AJiaY+JtR2U4n/5xf2TL
UibS78grY4K2RJ2Hjxh0tKTg5LMWW08cKF/cSyMX5++SNt9Rknn8LoNfVBrzHYPp
gWPXUC/EwG9jjHOjtrB5qK7jReazcGYUeav97Ld0q1GhrhObCa5YXkNS4GwD1ltP
l8pkhoNDNKKNh8jxa/yJWEHEk0n9AhWU5z7+XubViY3tocYwR1SAInaW2xnFL817
nnC1wehM9wvIpf+neKruzakdPY8ihmOs2l1jCUFOrLY3Ll65i4lyskkcUeQkhI+J
Z4AXHQXP8Zmph/MRwxs3gy6nQSryDgiJy8mB9kyRJmhYeN3lfLR0V5gM6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF2h9so8KgOePfTrgaU38YN1hObMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMHiYDwRd
RqsGLyxHN66jn6aPBcNjSgINiCj+q2KVA4r00oMAdQci7n0gXWqnMECQdgyBcQmn
ai9ZRAZ6zRYHHaSc2ygTozIjhDX+fZ6/bPB8Rto8pxy4S7uyd2bkka1RFouJOioc
EYOWYlsZKJlVWegGByarPAFB7TzSJ0msJphw01AYksMJAriLTP1ccV5bMsVGVYVA
m/HtMuo+1x9WbN+tzU8zj4ygdjvdG1c5L2ps2wsV0PR4EYcR91O3qqRsphgHX3lG
SQ+SiLdBICwGfOzQ0EmFYLyJQKoh3kxI7kQUb/hkZ/xa5JhBtkX8N+VxxCA37Fo/
oBl8NMzZzZbXAg==
-----END CERTIFICATE-----