Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          HUPm8AGoWbyEi5y+SLS2pq9jRQv4ThJjXHySyluJb9M=
Subject key identifier:   52:5B:DD:6C:7C:E9:B3:E7:FA:83:28:3A:90:1E:C2:A8:37:B4:CE:78
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       0198D4E0742293FDAB2E9D4486D6E913972F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0CEE
Signing time:             Sat 23 Aug 2025 03:02:16 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:16 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:16 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: 6XDWvaxVbOO/j9NxM4y6I+F8MsNNipT7lzkXfD8ZKZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:74:22:93:fd:ab:2e:9d:44:86:d6:e9:13:97:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Aug 23 03:02:16 2025 GMT
            Not After : Aug 24 03:02:16 2025 GMT
        Subject: CN=525bdd6c7ce9b3e7fa83283a901ec2a837b4ce78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:8c:b1:85:38:63:df:6d:b5:41:01:41:a6:12:
                    95:e0:e8:98:8e:3a:e8:03:9f:68:4c:17:14:25:11:
                    fc:60:c3:a8:a8:38:0a:4c:93:bc:b5:af:20:cb:ca:
                    ae:76:a6:54:a6:d9:99:0d:49:87:14:67:2c:3b:34:
                    f1:25:91:75:0c:68:10:98:16:14:c8:38:8c:32:83:
                    7c:f2:ae:54:41:3c:a9:b9:4e:0f:40:a1:a3:20:e6:
                    86:89:84:2c:0b:2d:f6:03:10:1e:e7:44:4a:08:1b:
                    b4:00:a3:35:01:66:cf:c6:41:4c:1d:52:57:aa:60:
                    a8:4d:79:b4:f7:42:d9:3c:c7:e7:f0:35:b9:3e:38:
                    f1:66:01:8a:a3:63:cc:3b:8d:3a:60:28:4f:de:70:
                    59:4f:24:6a:a0:8b:c6:0b:1c:12:38:8f:97:f8:09:
                    97:1d:40:22:81:1e:c2:78:22:a3:92:82:32:1e:37:
                    5d:00:d4:d1:2c:f9:60:10:a2:9f:27:67:7d:57:b9:
                    55:dc:35:cf:bf:1e:fe:d7:3f:70:d9:aa:e7:f0:4f:
                    5d:fc:43:f2:01:58:98:0f:34:87:c5:d8:29:24:05:
                    79:70:b0:e2:20:3b:cc:7f:07:94:8e:d5:97:dd:b7:
                    87:71:95:b1:f1:5f:d0:f3:46:10:66:dd:fa:e3:e6:
                    2b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:5B:DD:6C:7C:E9:B3:E7:FA:83:28:3A:90:1E:C2:A8:37:B4:CE:78
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:84:6c:07:f7:3b:f9:0d:15:91:2d:79:e9:3c:d7:c9:5e:1d:
         11:6b:e3:e3:d5:82:4d:1b:78:5f:fd:59:8f:c1:e1:cc:b9:df:
         ff:03:62:6b:e7:fc:27:84:ed:d1:5f:41:c8:83:3a:1e:50:2b:
         46:10:91:fb:a3:4e:27:36:f3:ba:b9:5c:b5:39:57:bf:66:57:
         2b:50:49:fb:c4:81:99:b1:0e:56:0c:46:a7:5d:22:ed:0c:6a:
         36:c9:98:b6:f1:be:48:8a:70:1b:55:6c:29:d9:3e:42:70:fb:
         07:86:95:c4:ed:b4:65:72:ed:a7:a0:ee:fc:2c:fc:ed:11:04:
         aa:2b:3e:68:84:57:14:cb:eb:1c:37:1f:02:22:72:05:8e:b6:
         72:71:fa:ad:49:01:45:f8:b0:66:cc:12:9a:c1:2d:3f:60:90:
         bb:22:f6:0c:c8:fa:5e:8a:1c:e8:ac:c1:92:77:f0:a8:f9:16:
         32:c4:62:50:37:df:6c:30:ff:60:fd:70:52:6e:30:86:56:82:
         5e:a2:6d:3d:15:42:fc:eb:dd:2e:c3:83:a7:2d:71:c8:fe:24:
         87:ba:3d:d6:2e:c1:58:3b:a0:7d:9e:77:ec:2b:61:02:24:e8:
         16:c4:8f:ac:4d:d5:9a:88:1e:4e:b1:23:c9:6b:00:6f:e3:8d:
         b7:05:7e:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4HQik/2rLp1EhtbpE5cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwODIzMDMwMjE2WhcNMjUwODI0MDMwMjE2WjAzMTEwLwYDVQQD
Eyg1MjViZGQ2YzdjZTliM2U3ZmE4MzI4M2E5MDFlYzJhODM3YjRjZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYyxhThj3221QQFBphKV4OiYjjro
A59oTBcUJRH8YMOoqDgKTJO8ta8gy8qudqZUptmZDUmHFGcsOzTxJZF1DGgQmBYU
yDiMMoN88q5UQTypuU4PQKGjIOaGiYQsCy32AxAe50RKCBu0AKM1AWbPxkFMHVJX
qmCoTXm090LZPMfn8DW5PjjxZgGKo2PMO406YChP3nBZTyRqoIvGCxwSOI+X+AmX
HUAigR7CeCKjkoIyHjddANTRLPlgEKKfJ2d9V7lV3DXPvx7+1z9w2arn8E9d/EPy
AViYDzSHxdgpJAV5cLDiIDvMfweUjtWX3beHcZWx8V/Q80YQZt364+YrvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJb3Wx86bPn+oMoOpAewqg3tM54MB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoRsB/c7
+Q0VkS156TzXyV4dEWvj49WCTRt4X/1Zj8HhzLnf/wNia+f8J4Tt0V9ByIM6HlAr
RhCR+6NOJzbzurlctTlXv2ZXK1BJ+8SBmbEOVgxGp10i7QxqNsmYtvG+SIpwG1Vs
Kdk+QnD7B4aVxO20ZXLtp6Du/Cz87REEqis+aIRXFMvrHDcfAiJyBY62cnH6rUkB
RfiwZswSmsEtP2CQuyL2DMj6Xooc6KzBknfwqPkWMsRiUDffbDD/YP1wUm4whlaC
XqJtPRVC/OvdLsODpy1xyP4kh7o91i7BWDugfZ537CthAiToFsSPrE3VmogeTrEj
yWsAb+ONtwV+Cw==
-----END CERTIFICATE-----