Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          njknguS0kapsZBuRZvXYtmN/eBKpkRbtulMfGzEG4XM=
Subject key identifier:   CC:95:08:EE:AC:06:EC:0F:DA:BC:77:86:1D:EF:EB:0F:F5:49:E0:42
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       0198D705C97E0012FFBD07BE0867ABFF4076
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          06C3
Signing time:             Sat 23 Aug 2025 13:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:17 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: YPnS72Fig52Tn/nND1ZIvPIzKvMOqqM9wKLwx4/KCds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:c9:7e:00:12:ff:bd:07:be:08:67:ab:ff:40:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: Aug 23 13:02:17 2025 GMT
            Not After : Aug 24 13:02:17 2025 GMT
        Subject: CN=cc9508eeac06ec0fdabc77861defeb0ff549e042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:ba:24:d9:6a:0c:f2:5f:09:e1:39:1f:ce:50:
                    b7:c6:12:50:82:68:77:83:cf:89:82:19:16:22:b8:
                    1a:4e:8e:2a:2d:59:26:47:5f:f5:3a:f0:f2:17:95:
                    c0:9a:43:0f:84:47:69:8d:5c:9b:ca:2d:96:ff:b5:
                    a9:a2:73:86:17:23:81:92:e9:21:89:be:13:fc:fe:
                    96:71:bd:c1:3e:e7:6b:61:26:b4:fd:14:7a:3b:64:
                    09:a1:b9:d1:44:45:35:dc:1a:21:c4:df:33:90:20:
                    7a:e5:f9:13:72:6e:af:e2:c7:5a:ec:c9:7b:1b:5d:
                    b6:ef:0b:88:85:61:d4:11:da:a7:2c:63:fb:9a:81:
                    cc:5e:87:ba:b8:e0:01:d3:e5:c1:c6:1b:7c:11:49:
                    8b:4b:6b:e9:77:cb:da:3f:75:53:54:34:cb:e7:80:
                    21:0f:12:43:90:04:ca:bd:d5:d4:12:7f:29:1f:c8:
                    47:04:a6:fb:e4:5f:9e:7f:16:da:a7:c0:64:91:78:
                    f1:fa:1d:41:f1:2e:59:82:a3:11:ef:73:8c:dd:34:
                    c9:d5:5f:2d:a0:57:fb:7d:38:ee:4d:b5:0c:80:aa:
                    c1:e0:97:14:aa:14:3c:18:3e:28:f6:56:47:e4:57:
                    b8:68:be:53:d9:a6:75:9e:19:44:0c:54:04:9f:52:
                    b0:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:95:08:EE:AC:06:EC:0F:DA:BC:77:86:1D:EF:EB:0F:F5:49:E0:42
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:bd:d7:f8:78:c3:91:c9:9d:29:79:6c:64:19:af:fe:fd:d1:
         d3:d4:4a:20:33:eb:3e:89:51:3c:2e:9f:bd:66:a6:d0:ab:ce:
         cb:5e:91:12:6d:7a:8f:02:04:7a:4c:63:5f:ad:30:7b:a3:96:
         38:2b:f7:7a:cc:a9:16:47:b1:e8:3c:50:03:1a:cc:68:e2:ec:
         7c:fb:8a:bc:62:8d:c3:67:41:c4:a0:e0:a5:f2:84:2b:c5:02:
         2c:e6:bf:a1:ae:de:4a:0f:9a:00:74:24:a1:b4:a2:dc:04:7c:
         15:33:7c:96:58:c4:00:4f:17:4a:8c:90:12:59:81:a9:67:c8:
         38:31:fc:8a:1e:3b:d1:33:6a:5c:b3:f0:82:31:1c:28:ad:9c:
         f2:ad:36:5a:ad:84:cd:36:bd:ef:72:e7:51:1a:a8:a7:34:eb:
         33:2f:5f:38:b3:93:4d:91:48:1a:2b:41:67:76:28:75:59:c6:
         9d:31:65:8b:86:f4:bf:c6:96:21:60:ac:28:31:38:35:e1:9c:
         79:cd:ab:b6:a4:44:43:a1:95:13:ef:a8:34:df:16:f0:d5:14:
         2e:aa:34:09:ff:87:7d:8e:62:e2:45:d0:0d:3c:ca:15:de:dc:
         71:66:42:aa:fa:c7:64:bd:f8:1a:b0:d6:c7:b1:34:dc:12:fe:
         c0:4c:ad:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBcl+ABL/vQe+CGer/0B2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjUwODIzMTMwMjE3WhcNMjUwODI0MTMwMjE3WjAzMTEwLwYDVQQD
EyhjYzk1MDhlZWFjMDZlYzBmZGFiYzc3ODYxZGVmZWIwZmY1NDllMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Lok2WoM8l8J4TkfzlC3xhJQgmh3
g8+JghkWIrgaTo4qLVkmR1/1OvDyF5XAmkMPhEdpjVybyi2W/7WponOGFyOBkukh
ib4T/P6Wcb3BPudrYSa0/RR6O2QJobnRREU13BohxN8zkCB65fkTcm6v4sda7Ml7
G1227wuIhWHUEdqnLGP7moHMXoe6uOAB0+XBxht8EUmLS2vpd8vaP3VTVDTL54Ah
DxJDkATKvdXUEn8pH8hHBKb75F+efxbap8BkkXjx+h1B8S5ZgqMR73OM3TTJ1V8t
oFf7fTjuTbUMgKrB4JcUqhQ8GD4o9lZH5Fe4aL5T2aZ1nhlEDFQEn1Kw9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyVCO6sBuwP2rx3hh3v6w/1SeBCMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANL3X+HjD
kcmdKXlsZBmv/v3R09RKIDPrPolRPC6fvWam0KvOy16REm16jwIEekxjX60we6OW
OCv3esypFkex6DxQAxrMaOLsfPuKvGKNw2dBxKDgpfKEK8UCLOa/oa7eSg+aAHQk
obSi3AR8FTN8lljEAE8XSoyQElmBqWfIODH8ih470TNqXLPwgjEcKK2c8q02Wq2E
zTa973LnURqopzTrMy9fOLOTTZFIGitBZ3YodVnGnTFli4b0v8aWIWCsKDE4NeGc
ec2rtqREQ6GVE++oNN8W8NUULqo0Cf+HfY5i4kXQDTzKFd7ccWZCqvrHZL34GrDW
x7E03BL+wEytpA==
-----END CERTIFICATE-----