Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
File:                     Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json)
Hash identifier:          87NeJa+pYrquk8pEjNep0VURuc2FIZdEvreMS73xuUk=
Subject key identifier:   17:E9:77:3A:E6:7E:CC:76:18:EA:26:94:8C:7E:B3:EC:F7:E1:7D:AA
Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C
Certificate issuer:       /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
Certificate serial:       0198D472E2829671A5A64AD8506226ADB485
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
Manifest number:          FD
Signing time:             Sat 23 Aug 2025 01:02:35 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:35 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:35 +0000
Files and hashes:         1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: U51MxC6yAl1vqwctt+csi+Nq8i+Ig82gTPwHBDkcAOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:e2:82:96:71:a5:a6:4a:d8:50:62:26:ad:b4:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
        Validity
            Not Before: Aug 23 01:02:35 2025 GMT
            Not After : Aug 24 01:02:35 2025 GMT
        Subject: CN=17e9773ae67ecc7618ea26948c7eb3ecf7e17daa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:86:84:64:a6:b3:3c:10:d6:ac:29:07:be:75:
                    20:ae:01:77:59:05:a1:56:57:85:aa:f3:d9:0a:a1:
                    1c:2d:95:85:5c:c1:c0:8f:7d:3c:73:e7:ec:bf:89:
                    1b:6c:b1:fe:b0:38:07:e1:bf:40:5a:da:75:d0:65:
                    b5:fa:d2:3f:99:33:0e:c7:1b:1a:99:b4:a3:5d:46:
                    39:98:18:cd:1b:d0:9c:7d:15:50:c4:0b:0a:77:02:
                    14:41:4d:ee:8a:d1:63:f7:fd:85:d8:f5:f9:66:3b:
                    4f:fb:6d:63:82:07:e3:dd:f6:d2:0c:45:db:4d:f9:
                    e0:14:b6:65:87:90:0f:11:4e:df:ad:a3:94:94:8d:
                    af:31:77:18:43:fe:7d:35:5a:da:1f:51:87:c9:d7:
                    6f:1b:c9:20:1c:8f:a0:69:af:23:ac:7a:7a:76:fd:
                    9c:e7:32:ac:18:f5:1d:ee:fe:88:84:49:00:90:31:
                    b0:f3:77:59:23:37:36:0a:73:ce:dd:d0:ee:77:56:
                    9f:4f:cd:3a:dd:3e:0a:f0:34:56:5e:09:8e:b6:0d:
                    2f:32:c3:73:d6:24:ef:40:28:09:3c:33:3a:de:a2:
                    3d:95:fb:b5:63:f3:82:fa:4a:72:73:af:f2:f4:e2:
                    42:08:47:ce:8e:6a:ce:27:d1:9c:fd:11:d4:0d:91:
                    52:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:E9:77:3A:E6:7E:CC:76:18:EA:26:94:8C:7E:B3:EC:F7:E1:7D:AA
            X509v3 Authority Key Identifier:
                keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:4a:eb:96:ce:8f:a6:4c:f9:6a:a2:3b:59:aa:9d:3e:6b:49:
         63:e0:24:3f:0c:7d:5d:77:a9:96:66:59:5f:d8:21:ed:22:99:
         75:b8:1d:84:95:a7:c4:9b:db:fc:5e:2c:eb:81:53:3d:17:d8:
         81:cd:a8:b5:83:27:0a:87:a5:54:6c:4d:37:e9:f1:8b:dc:81:
         e9:36:4a:d4:fd:12:ed:a6:69:a5:07:5c:e4:41:17:bd:3c:09:
         c0:6e:b6:d6:be:7e:a6:0d:99:b6:88:a0:d0:4e:1f:40:73:ba:
         64:43:a1:14:44:b1:62:65:77:67:08:34:9f:27:9e:6d:60:71:
         ba:66:47:75:f5:19:35:14:84:5d:00:86:24:16:2e:a3:83:85:
         1a:ed:15:c6:9c:13:69:d5:ba:ab:69:e0:1b:e1:fc:d0:99:84:
         2c:e9:ec:d2:88:e0:85:58:6e:54:b5:1a:18:17:c9:5d:f8:e8:
         d8:83:1e:6d:e3:30:b5:48:4d:94:e5:30:bb:96:73:57:5d:fa:
         ea:61:a8:e4:3a:53:ce:fb:e2:d6:fd:82:38:02:e7:df:6d:f6:
         98:3f:2f:fa:f7:ff:50:b3:07:66:28:9a:24:49:87:ed:89:9b:
         60:ea:35:a9:53:95:26:6c:1d:5e:07:41:7d:2d:c3:bb:f5:05:
         f3:e5:96:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcuKClnGlpkrYUGImrbSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh
MWQ3OGMwHhcNMjUwODIzMDEwMjM1WhcNMjUwODI0MDEwMjM1WjAzMTEwLwYDVQQD
EygxN2U5NzczYWU2N2VjYzc2MThlYTI2OTQ4YzdlYjNlY2Y3ZTE3ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYaEZKazPBDWrCkHvnUgrgF3WQWh
VleFqvPZCqEcLZWFXMHAj308c+fsv4kbbLH+sDgH4b9AWtp10GW1+tI/mTMOxxsa
mbSjXUY5mBjNG9CcfRVQxAsKdwIUQU3uitFj9/2F2PX5ZjtP+21jggfj3fbSDEXb
TfngFLZlh5APEU7fraOUlI2vMXcYQ/59NVraH1GHyddvG8kgHI+gaa8jrHp6dv2c
5zKsGPUd7v6IhEkAkDGw83dZIzc2CnPO3dDud1afT8063T4K8DRWXgmOtg0vMsNz
1iTvQCgJPDM63qI9lfu1Y/OC+kpyc6/y9OJCCEfOjmrOJ9Gc/RHUDZFS1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfpdzrmfsx2GOomlIx+s+z34X2qMB8GA1UdIwQY
MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct
NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj
LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFUrrls6P
pkz5aqI7WaqdPmtJY+AkPwx9XXeplmZZX9gh7SKZdbgdhJWnxJvb/F4s64FTPRfY
gc2otYMnCoelVGxNN+nxi9yB6TZK1P0S7aZppQdc5EEXvTwJwG621r5+pg2Ztoig
0E4fQHO6ZEOhFESxYmV3Zwg0nyeebWBxumZHdfUZNRSEXQCGJBYuo4OFGu0VxpwT
adW6q2ngG+H80JmELOns0ojghVhuVLUaGBfJXfjo2IMebeMwtUhNlOUwu5ZzV136
6mGo5DpTzvvi1v2COALn3232mD8v+vf/ULMHZiiaJEmH7YmbYOo1qVOVJmwdXgdB
fS3Du/UF8+WWxw==
-----END CERTIFICATE-----