Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          SNt8SpkQoxNc2AUib2+fFjpUT1JM9C9pTNbcZfGADb4=
Subject key identifier:   F8:AA:50:DD:08:AB:25:9E:EC:98:0A:B6:03:C4:F4:2D:1F:BC:F7:3B
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       019923A0F85887C3FC72EB573BCCF3501ED5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0F27
Signing time:             Sun 07 Sep 2025 10:02:55 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:55 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:55 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: F3Uj9n0vA97CMABPryKVRgILCwQUMXnoZDCHVhD4Oi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:f8:58:87:c3:fc:72:eb:57:3b:cc:f3:50:1e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Sep  7 10:02:55 2025 GMT
            Not After : Sep  8 10:02:55 2025 GMT
        Subject: CN=f8aa50dd08ab259eec980ab603c4f42d1fbcf73b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:73:92:e5:ae:55:27:03:5a:5e:9f:64:ff:a6:
                    28:68:5d:3c:43:6d:91:d8:f8:cc:42:11:db:9f:6a:
                    f5:d0:73:73:ff:1d:14:a6:b1:a0:16:8e:e6:14:91:
                    56:c6:43:4b:b2:79:2e:00:e1:7a:d6:6a:ed:b6:1f:
                    85:03:46:47:06:97:09:c5:ed:7e:e9:05:87:47:06:
                    bc:76:f6:54:5a:d7:9c:a7:0d:a9:a2:d9:7c:c2:6b:
                    d8:ef:0e:31:7b:b8:57:0f:ba:30:91:7a:40:96:4e:
                    f3:15:1d:97:00:46:79:ba:19:5d:7a:25:87:c9:9e:
                    24:c7:eb:bb:ef:c5:1e:73:cb:8e:b5:aa:8d:44:eb:
                    64:39:54:03:57:47:7b:3a:2c:b5:f1:bf:85:aa:d6:
                    f0:a8:c8:83:9d:a0:c4:85:ee:4c:25:57:4f:84:e3:
                    32:d0:8f:0a:f5:ff:a4:c3:d6:7f:3f:ce:b9:f2:01:
                    dc:f9:ec:39:e1:fe:28:25:6e:d3:3c:9f:7b:c0:14:
                    2f:eb:63:a1:c4:cd:b2:50:5a:c0:ba:2d:17:5f:4f:
                    a0:a5:e0:68:00:d2:09:06:54:95:e5:65:61:57:fa:
                    f1:a6:82:88:c0:79:cd:9f:01:ec:56:23:ef:d9:63:
                    f7:eb:41:78:79:a7:b9:ce:d9:29:87:d6:b5:22:03:
                    b8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:AA:50:DD:08:AB:25:9E:EC:98:0A:B6:03:C4:F4:2D:1F:BC:F7:3B
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d5:af:38:d1:f9:6b:f3:da:a5:58:7d:0c:13:64:38:f5:b6:
         72:64:6f:00:6f:3c:4f:dd:63:3a:8c:e6:b6:92:71:d9:35:cc:
         ae:e0:c0:3e:8f:55:00:ee:96:4d:86:7d:83:b0:f5:ba:c1:46:
         52:a3:aa:36:33:df:cb:d6:42:95:85:e7:05:45:15:27:4b:59:
         26:86:5c:88:d4:a0:7f:8e:e2:94:89:fc:32:33:64:12:0a:b4:
         5d:5d:df:64:f3:e4:0b:d6:35:71:5c:5a:fb:8b:05:d4:11:22:
         71:60:e9:03:82:42:e8:19:c5:f4:1c:0a:d8:1b:1e:6c:86:d3:
         d9:ba:27:5b:cd:35:01:05:fd:50:f8:bf:ee:a0:9e:2d:9d:db:
         22:71:38:5f:33:28:cb:16:6d:09:f2:fb:7c:dd:93:1a:b4:84:
         86:a5:48:5d:5f:82:aa:4d:fc:d4:e4:86:ba:6d:6e:92:6d:79:
         e1:46:10:4e:b7:b0:f8:cf:74:69:16:da:1a:b6:66:60:6c:12:
         74:6f:a1:7b:01:a4:3e:17:8f:d9:ca:36:02:eb:ef:b8:2a:1f:
         8b:31:ad:95:fb:29:bb:7a:b5:c2:51:63:bb:1f:e2:b0:1f:5f:
         62:f7:73:fb:a1:82:f8:13:48:ef:a2:36:30:67:d8:f4:0b:5c:
         ef:7b:b8:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoPhYh8P8cutXO8zzUB7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUwOTA3MTAwMjU1WhcNMjUwOTA4MTAwMjU1WjAzMTEwLwYDVQQD
EyhmOGFhNTBkZDA4YWIyNTllZWM5ODBhYjYwM2M0ZjQyZDFmYmNmNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nOS5a5VJwNaXp9k/6YoaF08Q22R
2PjMQhHbn2r10HNz/x0UprGgFo7mFJFWxkNLsnkuAOF61mrtth+FA0ZHBpcJxe1+
6QWHRwa8dvZUWtecpw2potl8wmvY7w4xe7hXD7owkXpAlk7zFR2XAEZ5uhldeiWH
yZ4kx+u778Uec8uOtaqNROtkOVQDV0d7Oiy18b+FqtbwqMiDnaDEhe5MJVdPhOMy
0I8K9f+kw9Z/P8658gHc+ew54f4oJW7TPJ97wBQv62OhxM2yUFrAui0XX0+gpeBo
ANIJBlSV5WVhV/rxpoKIwHnNnwHsViPv2WP360F4eae5ztkph9a1IgO4dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiqUN0IqyWe7JgKtgPE9C0fvPc7MB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNWvONH5
a/PapVh9DBNkOPW2cmRvAG88T91jOozmtpJx2TXMruDAPo9VAO6WTYZ9g7D1usFG
UqOqNjPfy9ZClYXnBUUVJ0tZJoZciNSgf47ilIn8MjNkEgq0XV3fZPPkC9Y1cVxa
+4sF1BEicWDpA4JC6BnF9BwK2BsebIbT2bonW801AQX9UPi/7qCeLZ3bInE4XzMo
yxZtCfL7fN2TGrSEhqVIXV+Cqk381OSGum1ukm154UYQTrew+M90aRbaGrZmYGwS
dG+hewGkPheP2co2AuvvuCofizGtlfspu3q1wlFjux/isB9fYvdz+6GC+BNI76I2
MGfY9Atc73u4OQ==
-----END CERTIFICATE-----