Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File:                     JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier:          fAv8sjW0PXlCWwmAOGO553OpyjvjCxWvphuuE/E7mxI=
Subject key identifier:   5B:66:C7:2C:B1:8E:DE:8F:33:F2:84:CE:64:A2:E3:72:8B:F8:B3:AB
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer:       /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial:       0199239FEB15596C9E407F0309B253C511DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number:          0960
Signing time:             Sun 07 Sep 2025 10:01:46 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:46 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:46 +0000
Files and hashes:         1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: QBOt3x3QTUBOVCYUPE319SqmWOXnl3ii1ezhBPvjY14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:eb:15:59:6c:9e:40:7f:03:09:b2:53:c5:11:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
        Validity
            Not Before: Sep  7 10:01:46 2025 GMT
            Not After : Sep  8 10:01:46 2025 GMT
        Subject: CN=5b66c72cb18ede8f33f284ce64a2e3728bf8b3ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:8e:57:ca:cd:c1:58:0b:29:a7:c2:29:e7:c1:
                    ae:ae:7e:ac:1d:c1:6c:1c:3c:1a:d6:eb:28:94:de:
                    06:88:48:6c:a9:a0:4c:2c:85:9b:52:b6:8f:2f:ad:
                    2f:7a:3b:00:63:bd:48:0f:66:a5:ee:fb:81:df:20:
                    0c:29:5d:e3:1e:96:3a:0e:4b:bb:a9:3a:10:e0:6d:
                    e3:1d:14:eb:21:8a:0e:63:2b:58:15:82:09:b2:22:
                    a7:fb:03:5c:8b:57:fa:eb:39:a9:79:82:40:55:b4:
                    81:8a:c4:dd:e4:de:ed:84:3e:7a:91:82:87:b5:5a:
                    38:2e:1c:22:b0:fe:86:10:cd:97:e4:7a:48:28:6f:
                    64:ac:3e:e1:70:e5:05:c6:7c:78:ce:02:8a:aa:08:
                    cc:4e:9c:b4:82:c2:13:ac:4a:db:4b:f0:d2:20:99:
                    5a:5a:05:24:10:d7:71:c6:cc:b1:3b:12:88:be:d3:
                    17:91:fc:94:ab:2f:11:67:1e:ec:72:72:db:c8:a8:
                    26:af:b0:60:5a:0a:42:66:95:f2:cb:9e:8a:01:42:
                    00:07:ae:5b:cc:7a:d3:ad:27:10:31:bd:68:f1:23:
                    bd:f5:3a:f8:e6:8f:29:2b:7d:29:01:be:3f:76:12:
                    2c:5b:b8:15:85:ae:de:64:cf:cc:a8:d0:f3:bb:1a:
                    a1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:66:C7:2C:B1:8E:DE:8F:33:F2:84:CE:64:A2:E3:72:8B:F8:B3:AB
            X509v3 Authority Key Identifier:
                keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:8d:ba:5e:84:8d:96:6e:f1:5d:e7:14:3c:24:ae:40:13:97:
         b2:18:1a:24:0e:fc:d7:d7:d0:21:b6:4b:54:70:f2:80:69:d5:
         d9:2f:1f:ec:e2:76:11:88:a5:ef:4f:ac:82:d0:37:05:42:01:
         49:b8:17:08:1e:64:e8:6e:fe:8f:90:88:4b:4a:26:3c:8d:14:
         db:64:d8:63:16:97:35:6f:c5:2f:b8:b3:a4:0c:ff:fc:d3:c1:
         2b:e4:bd:ea:9e:8a:43:b3:81:38:f5:12:cc:6c:b4:2b:39:e4:
         9a:a3:2a:b7:13:2b:ad:6d:94:db:ed:6e:9b:df:94:54:3c:1a:
         c2:cd:5e:70:8b:15:bf:07:cf:06:17:58:a1:8f:ae:c3:68:b3:
         11:12:38:0c:b6:16:c2:13:1c:7f:e1:05:ba:a4:7b:00:66:c0:
         99:1c:1a:c7:70:3d:40:9c:ab:86:9b:97:58:7d:a2:31:cc:15:
         f2:fd:f5:7b:13:98:82:1a:36:50:de:95:51:e2:4d:ff:36:92:
         db:4c:22:8f:4c:bf:fb:32:27:ae:45:4f:ea:bd:b9:67:8c:e6:
         e6:bf:7f:e9:c1:d0:fc:62:5b:14:60:42:6d:55:68:66:7c:0a:
         30:eb:06:d8:e5:07:13:6a:ba:5c:3f:52:97:a3:1f:3c:68:14:
         e2:93:19:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+sVWWyeQH8DCbJTxRHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjUwOTA3MTAwMTQ2WhcNMjUwOTA4MTAwMTQ2WjAzMTEwLwYDVQQD
Eyg1YjY2YzcyY2IxOGVkZThmMzNmMjg0Y2U2NGEyZTM3MjhiZjhiM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o5Xys3BWAspp8Ip58Gurn6sHcFs
HDwa1usolN4GiEhsqaBMLIWbUraPL60vejsAY71ID2al7vuB3yAMKV3jHpY6Dku7
qToQ4G3jHRTrIYoOYytYFYIJsiKn+wNci1f66zmpeYJAVbSBisTd5N7thD56kYKH
tVo4LhwisP6GEM2X5HpIKG9krD7hcOUFxnx4zgKKqgjMTpy0gsITrErbS/DSIJla
WgUkENdxxsyxOxKIvtMXkfyUqy8RZx7scnLbyKgmr7BgWgpCZpXyy56KAUIAB65b
zHrTrScQMb1o8SO99Tr45o8pK30pAb4/dhIsW7gVha7eZM/MqNDzuxqhOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtmxyyxjt6PM/KEzmSi43KL+LOrMB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPI26XoSN
lm7xXecUPCSuQBOXshgaJA7819fQIbZLVHDygGnV2S8f7OJ2EYil70+sgtA3BUIB
SbgXCB5k6G7+j5CIS0omPI0U22TYYxaXNW/FL7izpAz//NPBK+S96p6KQ7OBOPUS
zGy0KznkmqMqtxMrrW2U2+1um9+UVDwaws1ecIsVvwfPBhdYoY+uw2izERI4DLYW
whMcf+EFuqR7AGbAmRwax3A9QJyrhpuXWH2iMcwV8v31exOYgho2UN6VUeJN/zaS
20wij0y/+zInrkVP6r25Z4zm5r9/6cHQ/GJbFGBCbVVoZnwKMOsG2OUHE2q6XD9S
l6MfPGgU4pMZKA==
-----END CERTIFICATE-----