Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          IUdIxjkPN+eG4KFTRcxk82ez31a+w0hRVGVHKz6+xCY=
Subject key identifier:   E6:24:F6:93:44:11:1F:E3:C4:59:E3:F1:18:FD:E6:F8:6E:0D:57:F3
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0198D54E21977BF3EE62FD0F35A86C1643C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0361
Signing time:             Sat 23 Aug 2025 05:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:03 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: zEUTpJiZamqqiO/MxD5R4BUBZxZquT3RTijHXqQjTm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:21:97:7b:f3:ee:62:fd:0f:35:a8:6c:16:43:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Aug 23 05:02:03 2025 GMT
            Not After : Aug 24 05:02:03 2025 GMT
        Subject: CN=e624f69344111fe3c459e3f118fde6f86e0d57f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f2:eb:17:90:eb:f5:f7:c9:91:4c:fc:c5:f7:
                    b5:76:46:c0:68:8d:4b:16:10:3a:82:02:a6:6b:53:
                    90:ae:8b:87:d5:d6:76:73:f5:68:31:57:68:4b:3d:
                    c8:61:4f:f8:9f:4e:d3:02:0d:d2:5c:b6:19:4c:29:
                    ce:fc:fe:85:02:a1:44:32:e0:65:25:d7:84:e8:dd:
                    84:50:a4:7a:94:65:cb:74:96:c9:2d:48:c9:ae:05:
                    6b:b4:34:3a:79:1a:97:65:c2:d6:45:98:3e:9a:7d:
                    d1:99:64:f6:b2:cf:3f:81:69:b5:c7:f5:5e:c7:16:
                    9b:3d:0f:a7:a5:fa:8c:44:01:a9:8b:64:98:d9:22:
                    00:3a:ff:15:93:6e:78:99:93:c4:43:5e:5c:9f:26:
                    4c:a1:12:5e:7e:a5:a4:c4:e1:e6:b6:55:22:ca:d8:
                    d0:25:47:65:60:35:55:1b:c3:62:25:2b:ff:fa:69:
                    e2:d9:28:71:70:1c:e3:10:7a:22:4c:6e:f6:ee:8b:
                    6b:03:0b:ed:28:a1:25:81:dc:48:de:ed:ae:63:85:
                    2c:71:4e:b7:b4:05:aa:75:4d:f2:af:ae:dc:ff:60:
                    07:80:9d:6f:03:3c:f3:dc:28:0f:80:08:e2:57:fc:
                    06:52:09:9e:ce:54:2a:19:09:39:a5:e4:7a:9f:39:
                    3a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:24:F6:93:44:11:1F:E3:C4:59:E3:F1:18:FD:E6:F8:6E:0D:57:F3
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:69:93:4a:cd:41:97:c1:3c:2c:22:cc:9d:5f:76:09:ad:3c:
         c8:3a:8a:aa:93:92:a3:bc:db:64:fe:50:2f:f8:02:6d:1c:ef:
         25:39:96:d8:cb:01:62:a3:f9:77:7f:47:cf:cc:18:98:3b:c9:
         8f:33:35:08:92:70:02:98:d4:91:45:cd:f4:09:1f:04:88:bc:
         2e:1f:c0:0d:2a:ce:22:43:9d:df:ad:25:27:86:1b:74:32:f8:
         56:cd:c8:ac:22:89:88:2c:61:9b:f9:ff:7d:f4:01:b5:10:b0:
         e4:d8:e2:33:cf:87:45:a8:1c:1e:4c:17:11:a1:3f:f8:44:7d:
         4d:f4:7a:6c:01:93:c5:7f:7b:20:56:b8:1f:cd:6f:4e:89:da:
         46:c8:32:3d:a1:9b:ea:a3:e7:08:e6:73:42:89:a9:b4:54:09:
         56:f4:4f:fe:da:60:27:f4:37:b9:1d:45:2e:09:4b:77:20:10:
         ca:e5:3a:d0:4a:ad:49:7e:ae:bb:06:5b:33:3c:21:28:54:84:
         72:70:a1:ba:d5:d5:3b:b1:69:3f:24:69:b9:48:73:82:79:cb:
         ce:fd:78:70:05:94:ab:d1:93:ba:98:f0:8f:ab:4c:69:33:8b:
         d9:65:36:9a:38:6b:0e:b2:ea:cf:df:5a:40:85:f3:0f:ec:0f:
         96:84:19:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTiGXe/PuYv0PNahsFkPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwODIzMDUwMjAzWhcNMjUwODI0MDUwMjAzWjAzMTEwLwYDVQQD
EyhlNjI0ZjY5MzQ0MTExZmUzYzQ1OWUzZjExOGZkZTZmODZlMGQ1N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPLrF5Dr9ffJkUz8xfe1dkbAaI1L
FhA6ggKma1OQrouH1dZ2c/VoMVdoSz3IYU/4n07TAg3SXLYZTCnO/P6FAqFEMuBl
JdeE6N2EUKR6lGXLdJbJLUjJrgVrtDQ6eRqXZcLWRZg+mn3RmWT2ss8/gWm1x/Ve
xxabPQ+npfqMRAGpi2SY2SIAOv8Vk254mZPEQ15cnyZMoRJefqWkxOHmtlUiytjQ
JUdlYDVVG8NiJSv/+mni2ShxcBzjEHoiTG727otrAwvtKKElgdxI3u2uY4UscU63
tAWqdU3yr67c/2AHgJ1vAzzz3CgPgAjiV/wGUgmezlQqGQk5peR6nzk6JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYk9pNEER/jxFnj8Rj95vhuDVfzMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWmTSs1B
l8E8LCLMnV92Ca08yDqKqpOSo7zbZP5QL/gCbRzvJTmW2MsBYqP5d39Hz8wYmDvJ
jzM1CJJwApjUkUXN9AkfBIi8Lh/ADSrOIkOd360lJ4YbdDL4Vs3IrCKJiCxhm/n/
ffQBtRCw5NjiM8+HRagcHkwXEaE/+ER9TfR6bAGTxX97IFa4H81vTonaRsgyPaGb
6qPnCOZzQomptFQJVvRP/tpgJ/Q3uR1FLglLdyAQyuU60EqtSX6uuwZbMzwhKFSE
cnChutXVO7FpPyRpuUhzgnnLzv14cAWUq9GTupjwj6tMaTOL2WU2mjhrDrLqz99a
QIXzD+wPloQZxA==
-----END CERTIFICATE-----