Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          XZUuyeveVqQUrfru8AW/58B4y7LLHwtu6uOTVzsulns=
Subject key identifier:   E9:F9:34:31:22:76:51:77:BC:B1:04:A8:36:EC:41:CC:97:32:4B:2E
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       019A7113549BA06BCB68CB8E2B7CF88CA9C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0B07
Signing time:             Tue 11 Nov 2025 04:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:23 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: 3Cg6FFPTMyEj194aN2rgLeLsjyVqAVSi9eTHybcBZ5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:54:9b:a0:6b:cb:68:cb:8e:2b:7c:f8:8c:a9:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Nov 11 04:01:23 2025 GMT
            Not After : Nov 12 04:01:23 2025 GMT
        Subject: CN=e9f9343122765177bcb104a836ec41cc97324b2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ab:d7:8c:ca:0b:d5:23:c0:98:39:c6:df:f5:
                    da:ba:a5:aa:ad:dd:2c:da:0d:02:6b:1e:a0:22:43:
                    e9:25:e7:f8:d0:e8:ce:61:34:71:6a:0e:79:09:c4:
                    72:23:d0:88:f0:8b:64:e5:2f:18:47:4e:dc:28:b2:
                    83:6b:bc:70:38:f0:e6:d7:c4:21:ff:69:a7:68:48:
                    76:1b:71:87:92:a1:a3:d8:e7:5f:b7:5a:87:6b:22:
                    20:55:0b:24:f1:01:6b:8f:0f:60:61:71:8c:a6:95:
                    2d:82:35:a1:6f:ff:c1:33:56:8f:55:52:19:95:1a:
                    53:f0:d0:e7:ec:5b:fd:5e:92:42:e2:2d:e6:ac:57:
                    40:9a:e4:be:08:4d:34:62:80:1a:bf:ba:60:e1:7a:
                    56:54:d0:ac:0c:9e:93:ba:13:62:96:15:d0:a5:0d:
                    ef:93:27:2d:f6:2e:3d:60:cd:dd:b4:ba:ff:8c:81:
                    bc:df:1d:9b:7e:1b:1c:e5:68:3f:a3:d1:38:d9:40:
                    b5:c7:29:78:59:70:58:91:bd:0d:d2:4f:6e:a8:b7:
                    17:13:85:fb:a3:f0:bd:9e:45:6c:ff:07:48:68:f3:
                    ee:e4:f4:a0:8b:5e:75:39:0d:f1:fd:be:85:04:fe:
                    74:65:c4:ed:13:19:ec:8a:a7:e2:9d:ca:78:cb:22:
                    13:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:F9:34:31:22:76:51:77:BC:B1:04:A8:36:EC:41:CC:97:32:4B:2E
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:6d:30:6a:1a:c7:d1:b0:f5:1f:05:bb:48:c2:fe:08:84:62:
         df:8c:16:f6:1f:a5:64:91:cb:d2:af:28:3f:cd:44:be:6d:9d:
         7f:f2:1a:0f:b2:df:8f:74:8f:eb:0d:3d:bc:f4:3b:8c:06:ad:
         73:f6:82:39:63:ce:ba:31:44:2a:a3:4b:39:1b:4e:ba:68:4a:
         ab:e5:b0:93:62:aa:3c:4e:96:55:30:16:fa:9a:16:23:7e:55:
         9f:e9:b9:15:19:09:23:85:df:f8:06:5c:1a:58:61:d6:3d:88:
         7e:eb:6d:a7:5b:91:92:0d:a4:c9:b3:e8:8c:2a:4e:78:01:f6:
         95:43:0e:4c:5c:0e:6b:bf:54:08:75:60:90:09:cb:a6:45:17:
         65:17:d9:fa:e3:0e:69:2f:42:5a:92:ca:ad:ca:52:32:a6:49:
         40:c6:8e:db:c4:e8:60:6d:fe:37:dc:5f:f4:72:90:a2:58:7c:
         04:98:46:5a:20:36:f5:ef:f6:73:2a:98:a0:1e:68:73:1d:1b:
         71:4d:0d:a5:0e:34:23:32:c7:f9:92:b3:bd:7e:45:35:ce:90:
         2e:f4:44:26:62:94:09:84:a6:c9:5a:08:06:c8:f8:c0:b1:b4:
         51:3f:2b:52:78:6f:5a:38:3d:0b:f1:90:00:dd:35:3f:18:70:
         40:63:42:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1SboGvLaMuOK3z4jKnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
EyhlOWY5MzQzMTIyNzY1MTc3YmNiMTA0YTgzNmVjNDFjYzk3MzI0YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6vXjMoL1SPAmDnG3/XauqWqrd0s
2g0Cax6gIkPpJef40OjOYTRxag55CcRyI9CI8Itk5S8YR07cKLKDa7xwOPDm18Qh
/2mnaEh2G3GHkqGj2Odft1qHayIgVQsk8QFrjw9gYXGMppUtgjWhb//BM1aPVVIZ
lRpT8NDn7Fv9XpJC4i3mrFdAmuS+CE00YoAav7pg4XpWVNCsDJ6TuhNilhXQpQ3v
kyct9i49YM3dtLr/jIG83x2bfhsc5Wg/o9E42UC1xyl4WXBYkb0N0k9uqLcXE4X7
o/C9nkVs/wdIaPPu5PSgi151OQ3x/b6FBP50ZcTtExnsiqfincp4yyIT9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOn5NDEidlF3vLEEqDbsQcyXMksuMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACW0wahrH
0bD1HwW7SML+CIRi34wW9h+lZJHL0q8oP81Evm2df/IaD7Lfj3SP6w09vPQ7jAat
c/aCOWPOujFEKqNLORtOumhKq+Wwk2KqPE6WVTAW+poWI35Vn+m5FRkJI4Xf+AZc
Glhh1j2Ifuttp1uRkg2kybPojCpOeAH2lUMOTFwOa79UCHVgkAnLpkUXZRfZ+uMO
aS9CWpLKrcpSMqZJQMaO28ToYG3+N9xf9HKQolh8BJhGWiA29e/2cyqYoB5ocx0b
cU0NpQ40IzLH+ZKzvX5FNc6QLvREJmKUCYSmyVoIBsj4wLG0UT8rUnhvWjg9C/GQ
AN01PxhwQGNCwA==
-----END CERTIFICATE-----