Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          CXSnehwXAD99OpLSJWOljpKmrml+pKLM9qSmAsKkt0o=
Subject key identifier:   00:28:40:0D:4B:6D:ED:0A:36:B7:5D:CE:32:A6:80:1E:94:1C:CC:CA
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       019922FA83D19E81CB3BE438871B68C31493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0A5A
Signing time:             Sun 07 Sep 2025 07:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:07 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: 8S1VFp1SPj4IGVw/gl0wSNCEKagaLCB1gF/DRTVh/hY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:83:d1:9e:81:cb:3b:e4:38:87:1b:68:c3:14:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Sep  7 07:01:07 2025 GMT
            Not After : Sep  8 07:01:07 2025 GMT
        Subject: CN=0028400d4b6ded0a36b75dce32a6801e941cccca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4c:05:5d:37:d6:b7:94:6c:9d:ef:f1:bd:7a:
                    79:81:ea:92:6d:ce:2c:27:34:4c:2c:8e:47:cc:66:
                    ab:02:33:d1:5a:9a:c5:6c:85:18:cf:77:b1:ad:51:
                    c4:7e:c3:4c:f4:6c:06:35:1b:7c:8e:fb:97:e4:12:
                    82:7e:23:98:b5:ad:32:80:cc:59:83:39:38:fc:cb:
                    33:33:43:64:b5:00:f3:f2:b2:0d:03:95:68:9e:e8:
                    8c:42:ea:61:bd:b0:47:e5:27:6e:6d:17:2d:65:50:
                    a7:3a:76:8d:45:d9:49:fd:f3:e9:15:6a:33:3f:71:
                    20:83:e5:15:53:72:63:93:7a:70:1b:53:c6:e8:ac:
                    06:b3:39:54:ac:e8:42:ab:68:31:41:ef:fa:20:84:
                    d3:d6:89:ab:92:6e:78:93:04:3b:e1:87:f2:0c:7a:
                    1d:6b:dc:d1:32:3c:c2:06:09:41:a9:cb:ee:c9:0c:
                    7e:f3:d0:11:2e:b7:3d:6a:d7:b9:52:45:81:5e:9a:
                    fe:00:a1:17:4e:09:6b:de:f4:22:ac:b3:24:ac:ea:
                    f7:36:b1:3f:6f:c8:37:59:20:aa:41:e2:81:8b:9c:
                    23:ff:4d:be:52:81:c4:4a:84:94:16:a9:79:cd:51:
                    97:13:32:ac:ad:47:3f:46:5a:33:5b:b4:aa:81:f6:
                    8d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:28:40:0D:4B:6D:ED:0A:36:B7:5D:CE:32:A6:80:1E:94:1C:CC:CA
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:09:d9:a2:81:6e:7b:80:26:eb:ca:65:67:3d:14:8c:0c:32:
         0b:0c:f8:33:cf:a5:45:c9:32:08:66:b4:4e:53:45:5c:49:1f:
         63:bc:f2:93:ed:2f:f4:b0:4a:4c:49:1b:c0:5b:eb:5e:38:11:
         40:f9:ba:6f:71:2d:f2:f6:6b:30:99:c0:1c:35:36:13:05:e6:
         09:7b:1e:6b:49:6c:96:71:48:df:cf:67:3c:7e:d0:23:f7:13:
         c7:9b:1f:74:d6:0f:d5:f1:9c:da:dc:4c:63:07:bf:0a:6c:a0:
         6a:e7:d2:46:6e:49:97:23:8b:cc:68:a4:b2:50:ac:1c:19:5a:
         98:b7:e2:60:b3:93:25:b9:7f:5a:e1:d7:59:bf:8c:5b:96:ad:
         c3:4b:ff:0f:cb:69:41:88:e3:61:9f:97:8d:0d:d6:45:ab:18:
         bf:b2:58:3d:5b:5b:ea:4b:71:df:35:dd:8d:7b:59:a4:af:ef:
         33:5d:f2:a6:b4:79:39:5b:d5:a9:75:59:22:ad:ae:d8:a0:85:
         70:3b:a1:1e:ca:a2:f5:f7:5b:c0:3f:1e:d6:79:52:f8:c7:66:
         7d:b3:53:6e:c0:77:66:c3:1d:b9:20:b1:d7:9b:6d:58:ba:cc:
         87:9a:f7:7b:96:c1:a8:25:1c:f6:44:74:dd:da:8b:f4:a6:a9:
         29:7a:c1:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+oPRnoHLO+Q4hxtowxSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwOTA3MDcwMTA3WhcNMjUwOTA4MDcwMTA3WjAzMTEwLwYDVQQD
EygwMDI4NDAwZDRiNmRlZDBhMzZiNzVkY2UzMmE2ODAxZTk0MWNjY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUwFXTfWt5Rsne/xvXp5geqSbc4s
JzRMLI5HzGarAjPRWprFbIUYz3exrVHEfsNM9GwGNRt8jvuX5BKCfiOYta0ygMxZ
gzk4/MszM0NktQDz8rINA5VonuiMQuphvbBH5SdubRctZVCnOnaNRdlJ/fPpFWoz
P3Egg+UVU3Jjk3pwG1PG6KwGszlUrOhCq2gxQe/6IITT1omrkm54kwQ74YfyDHod
a9zRMjzCBglBqcvuyQx+89ARLrc9ate5UkWBXpr+AKEXTglr3vQirLMkrOr3NrE/
b8g3WSCqQeKBi5wj/02+UoHESoSUFql5zVGXEzKsrUc/RlozW7SqgfaNkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAoQA1Lbe0KNrddzjKmgB6UHMzKMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAnZooFu
e4Am68plZz0UjAwyCwz4M8+lRckyCGa0TlNFXEkfY7zyk+0v9LBKTEkbwFvrXjgR
QPm6b3Et8vZrMJnAHDU2EwXmCXsea0lslnFI389nPH7QI/cTx5sfdNYP1fGc2txM
Ywe/CmygaufSRm5JlyOLzGikslCsHBlamLfiYLOTJbl/WuHXWb+MW5atw0v/D8tp
QYjjYZ+XjQ3WRasYv7JYPVtb6ktx3zXdjXtZpK/vM13yprR5OVvVqXVZIq2u2KCF
cDuhHsqi9fdbwD8e1nlS+MdmfbNTbsB3ZsMduSCx15ttWLrMh5r3e5bBqCUc9kR0
3dqL9KapKXrBHQ==
-----END CERTIFICATE-----