Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          xpc3Ayebr4ojvdtMm/7tkKY1JW406sMIlM6YDi+2b/8=
Subject key identifier:   39:9A:B8:BF:E6:6A:03:F8:D9:B8:AD:6A:DF:52:CA:06:60:6D:AC:BE
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       0199239F39FA3DA3074183EAA952488FE55F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          1388
Signing time:             Sun 07 Sep 2025 10:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:01 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: VyK9jnjMKLkievgJIeQa10/e928wK6CmeGQTh79fu7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:39:fa:3d:a3:07:41:83:ea:a9:52:48:8f:e5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Sep  7 10:01:01 2025 GMT
            Not After : Sep  8 10:01:01 2025 GMT
        Subject: CN=399ab8bfe66a03f8d9b8ad6adf52ca06606dacbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d1:cc:41:b1:0c:bc:79:d9:c8:01:33:40:77:
                    ff:1f:a3:a2:c5:98:10:9c:5e:f9:19:4e:be:45:8b:
                    4d:38:56:ff:c4:fb:55:42:05:62:0f:f0:11:31:94:
                    be:8a:26:a4:b6:e7:85:ca:ad:12:4b:0f:47:d2:23:
                    27:98:a6:cc:01:92:56:28:b1:93:1f:0a:02:c0:b7:
                    3f:6e:58:e8:53:76:ae:24:92:31:59:4f:bd:e3:1c:
                    a4:1c:ed:b2:f2:e4:cf:a8:89:18:d4:4d:c9:bb:17:
                    e0:18:17:a1:34:12:7a:28:b6:48:b2:a3:3d:f0:65:
                    ee:2a:02:dd:47:35:99:dd:43:ba:63:92:fa:3d:ad:
                    b0:06:1e:ba:06:ec:ff:df:86:bb:b3:e0:e9:41:e0:
                    e8:d2:a6:3b:70:02:58:20:45:0a:87:b0:97:77:44:
                    57:dd:cf:3a:7b:cc:4a:97:53:9f:33:25:4c:ae:b3:
                    1e:df:21:44:59:33:a4:fd:d7:b9:32:0f:71:1e:23:
                    bf:93:10:1e:97:d5:01:8f:f7:27:af:c4:1a:37:36:
                    95:5f:9e:76:93:b1:36:28:49:12:32:49:83:a5:50:
                    f3:ef:c6:d1:2e:ea:12:f1:1f:24:b0:66:94:59:14:
                    a7:9e:ad:5a:a1:9b:88:b5:d2:df:30:22:18:6b:5a:
                    b1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:9A:B8:BF:E6:6A:03:F8:D9:B8:AD:6A:DF:52:CA:06:60:6D:AC:BE
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:c6:0a:6e:dd:fa:90:bb:7f:63:dc:27:5d:70:10:17:73:9f:
         c4:dc:f4:52:27:47:d8:6f:d6:35:56:db:84:47:0b:27:d5:83:
         6a:ef:12:94:38:8a:f9:79:be:1d:ed:59:db:3b:68:64:9b:0d:
         e2:79:50:57:9c:4a:1a:61:d1:29:e6:fa:58:b7:d1:cd:98:aa:
         88:c2:dc:4c:0e:59:ef:89:6b:cc:ec:95:9b:69:d9:1c:9c:c0:
         2b:cc:78:aa:09:4a:24:76:fd:1f:80:25:4f:24:65:e2:37:ea:
         b0:34:75:bb:2e:27:e3:2d:8f:f9:99:00:f2:20:ea:2b:2a:0b:
         ba:89:5c:13:51:b8:f3:83:51:3e:68:24:ce:21:09:7c:1a:8e:
         30:2b:67:78:85:ec:bc:22:46:6f:91:4f:d8:ec:43:35:b3:dc:
         4f:f4:e9:d9:72:9e:13:44:b2:24:58:1c:10:e9:14:db:b6:d7:
         c2:f3:fa:48:f1:9a:ca:9b:68:de:62:4a:a7:68:bd:9f:d3:9d:
         10:d6:ea:56:d7:a0:b9:b6:7a:7d:0e:b7:75:0a:42:0f:7a:a3:
         64:fe:2d:58:fd:ac:51:f2:c6:e2:5e:24:79:90:7f:cc:07:26:
         93:19:92:1b:c8:f4:a5:a6:07:a1:56:e2:d2:df:ff:05:05:11:
         80:48:ec:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnzn6PaMHQYPqqVJIj+VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUwOTA3MTAwMTAxWhcNMjUwOTA4MTAwMTAxWjAzMTEwLwYDVQQD
EygzOTlhYjhiZmU2NmEwM2Y4ZDliOGFkNmFkZjUyY2EwNjYwNmRhY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9HMQbEMvHnZyAEzQHf/H6OixZgQ
nF75GU6+RYtNOFb/xPtVQgViD/ARMZS+iiaktueFyq0SSw9H0iMnmKbMAZJWKLGT
HwoCwLc/bljoU3auJJIxWU+94xykHO2y8uTPqIkY1E3JuxfgGBehNBJ6KLZIsqM9
8GXuKgLdRzWZ3UO6Y5L6Pa2wBh66Buz/34a7s+DpQeDo0qY7cAJYIEUKh7CXd0RX
3c86e8xKl1OfMyVMrrMe3yFEWTOk/de5Mg9xHiO/kxAel9UBj/cnr8QaNzaVX552
k7E2KEkSMkmDpVDz78bRLuoS8R8ksGaUWRSnnq1aoZuItdLfMCIYa1qxYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmauL/magP42bitat9SygZgbay+MB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMYKbt36
kLt/Y9wnXXAQF3OfxNz0UidH2G/WNVbbhEcLJ9WDau8SlDiK+Xm+He1Z2ztoZJsN
4nlQV5xKGmHRKeb6WLfRzZiqiMLcTA5Z74lrzOyVm2nZHJzAK8x4qglKJHb9H4Al
TyRl4jfqsDR1uy4n4y2P+ZkA8iDqKyoLuolcE1G484NRPmgkziEJfBqOMCtneIXs
vCJGb5FP2OxDNbPcT/Tp2XKeE0SyJFgcEOkU27bXwvP6SPGaypto3mJKp2i9n9Od
ENbqVtegubZ6fQ63dQpCD3qjZP4tWP2sUfLG4l4keZB/zAcmkxmSG8j0paYHoVbi
0t//BQURgEjs5A==
-----END CERTIFICATE-----