Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
File:                     jPJ69YYwRc-otYseJ3aSueHTje0.mft (raw, json)
Hash identifier:          GkBipyldTJJLpOzl4g4MdX+c4h6Em/tJfJb/E9RMxRQ=
Subject key identifier:   63:BF:6C:5F:F9:35:91:1A:4C:AA:7A:D4:C3:92:30:4D:2F:49:24:A0
Authority key identifier: 8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED
Certificate issuer:       /CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
Certificate serial:       019923A0CEAED5E5401893F6DE6C31B7CEE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
Manifest number:          1671
Signing time:             Sun 07 Sep 2025 10:02:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:45 +0000
Files and hashes:         1: jPJ69YYwRc-otYseJ3aSueHTje0.crl (hash: mUYvgYEGmXtcIzRKsNBNZ60dPLiii5qSZYod9E/Rh1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:ce:ae:d5:e5:40:18:93:f6:de:6c:31:b7:ce:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
        Validity
            Not Before: Sep  7 10:02:45 2025 GMT
            Not After : Sep  8 10:02:45 2025 GMT
        Subject: CN=63bf6c5ff935911a4caa7ad4c392304d2f4924a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:70:1e:41:d2:03:89:30:eb:b3:42:85:ec:71:
                    14:1d:63:3f:c3:91:2f:05:5b:2c:36:04:90:31:5c:
                    e8:84:a9:4c:c6:e6:0e:fa:1c:f3:cc:ca:b3:cb:a3:
                    21:e1:d3:2a:e0:6e:0e:c1:64:43:de:75:1e:6a:9d:
                    e6:ba:1a:76:76:52:c1:88:d9:0f:9b:3e:16:0b:77:
                    d1:f1:e3:19:51:95:e4:b1:1f:59:21:33:c9:08:e3:
                    5b:39:66:ae:3d:55:9d:4b:06:b8:55:40:75:57:d4:
                    89:25:5b:05:ab:bd:b5:62:0e:44:2f:2b:1d:ab:f4:
                    93:53:5f:11:17:b0:3a:d1:d8:39:58:40:34:8f:d9:
                    00:27:fc:5f:c0:4f:78:ac:3c:7e:7a:30:d6:0d:b1:
                    59:95:e9:18:a1:a2:b2:46:4d:06:9f:6e:96:a7:3b:
                    e9:e0:c5:e6:de:11:eb:f0:41:d8:ac:bb:b0:48:f1:
                    6e:4c:46:07:a4:47:12:96:bd:dd:7b:69:a0:bb:b3:
                    d0:bc:e3:a4:f7:a4:05:7d:b9:95:12:60:70:d1:fc:
                    e5:5a:6c:77:d7:2a:87:47:47:8f:2d:27:9f:8d:13:
                    41:c8:72:a8:a5:4a:3a:0b:6a:86:5e:1d:ca:57:7e:
                    b7:da:c1:3f:5b:e0:38:ec:bf:66:8e:eb:bd:0d:3d:
                    d5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:BF:6C:5F:F9:35:91:1A:4C:AA:7A:D4:C3:92:30:4D:2F:49:24:A0
            X509v3 Authority Key Identifier:
                keyid:8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:ba:fd:0d:78:25:e6:ae:22:ce:e9:f0:25:37:1b:95:93:88:
         c6:5a:65:83:76:20:80:ec:d7:80:b8:64:ba:8f:87:51:01:27:
         59:bf:2f:58:ca:4c:8c:0b:ef:66:5a:2f:d9:82:74:12:33:c4:
         82:39:c4:3b:be:f8:2e:21:45:9c:75:36:03:e1:36:aa:ed:47:
         d0:7c:47:92:ca:af:d5:c8:74:78:5d:91:4e:92:f3:50:6f:0c:
         ac:5c:c1:e7:47:1c:ce:ad:75:30:22:95:24:c5:ff:c2:1e:a9:
         9f:bc:92:6f:56:8e:63:8e:e9:b9:bb:0f:4b:40:c6:7b:39:58:
         e7:21:7f:0a:cd:ec:a8:d5:f4:4f:94:a6:e3:49:04:57:aa:4b:
         63:d2:3c:28:59:e0:49:f8:bc:27:b5:07:59:67:b9:47:99:98:
         59:0d:3a:21:1c:d7:ce:94:12:b8:30:d1:0e:d5:5a:a6:1c:d6:
         59:b8:31:5f:99:dc:ca:85:30:21:b4:15:88:f7:6d:6c:b2:7f:
         40:13:77:ba:bd:81:46:c4:00:46:09:a3:24:b5:f1:a6:70:5c:
         16:d6:e4:68:3b:c0:f5:bc:e1:7a:45:1e:ba:d9:75:05:d9:93:
         e0:7e:13:15:5f:5f:b6:da:a2:b4:ed:46:30:d5:01:d5:69:fe:
         be:31:78:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoM6u1eVAGJP23mwxt87kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjI3YWY1ODYzMDQ1Y2ZhOGI1OGIxZTI3NzY5MmI5ZTFk
MzhkZWQwHhcNMjUwOTA3MTAwMjQ1WhcNMjUwOTA4MTAwMjQ1WjAzMTEwLwYDVQQD
Eyg2M2JmNmM1ZmY5MzU5MTFhNGNhYTdhZDRjMzkyMzA0ZDJmNDkyNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnAeQdIDiTDrs0KF7HEUHWM/w5Ev
BVssNgSQMVzohKlMxuYO+hzzzMqzy6Mh4dMq4G4OwWRD3nUeap3muhp2dlLBiNkP
mz4WC3fR8eMZUZXksR9ZITPJCONbOWauPVWdSwa4VUB1V9SJJVsFq721Yg5ELysd
q/STU18RF7A60dg5WEA0j9kAJ/xfwE94rDx+ejDWDbFZlekYoaKyRk0Gn26Wpzvp
4MXm3hHr8EHYrLuwSPFuTEYHpEcSlr3de2mgu7PQvOOk96QFfbmVEmBw0fzlWmx3
1yqHR0ePLSefjRNByHKopUo6C2qGXh3KV3632sE/W+A47L9mjuu9DT3V8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGO/bF/5NZEaTKp61MOSME0vSSSgMB8GA1UdIwQY
MBaAFIzyevWGMEXPqLWLHid2krnh043tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYt
MDFjOTk2ZTBiN2U3LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYtMDFjOTk2ZTBiN2U3
LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrr9DXgl
5q4izunwJTcblZOIxlplg3YggOzXgLhkuo+HUQEnWb8vWMpMjAvvZlov2YJ0EjPE
gjnEO774LiFFnHU2A+E2qu1H0HxHksqv1ch0eF2RTpLzUG8MrFzB50cczq11MCKV
JMX/wh6pn7ySb1aOY47pubsPS0DGezlY5yF/Cs3sqNX0T5Sm40kEV6pLY9I8KFng
Sfi8J7UHWWe5R5mYWQ06IRzXzpQSuDDRDtVaphzWWbgxX5ncyoUwIbQViPdtbLJ/
QBN3ur2BRsQARgmjJLXxpnBcFtbkaDvA9bzhekUeutl1BdmT4H4TFV9fttqitO1G
MNUB1Wn+vjF46g==
-----END CERTIFICATE-----