Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          IaIU9bEbHu0eujyT39rgqtt9zSWgLHGZtNux0PqJtM0=
Subject key identifier:   81:D4:3B:CD:59:F6:7F:04:0E:8D:09:37:51:6F:9E:07:CF:2E:08:7C
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       0198D65F6E2A92331735040CD714CFC3CC22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0CE9
Signing time:             Sat 23 Aug 2025 10:00:35 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:35 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:35 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: Lo1E3135LAbesq0OVQIHwu7uxS60TGpUXL5wm7BUXMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:6e:2a:92:33:17:35:04:0c:d7:14:cf:c3:cc:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Aug 23 10:00:35 2025 GMT
            Not After : Aug 24 10:00:35 2025 GMT
        Subject: CN=81d43bcd59f67f040e8d0937516f9e07cf2e087c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9d:a1:7d:70:bf:1a:16:b5:2d:28:5a:64:16:
                    ae:99:80:d8:4d:ca:75:d5:7e:e5:00:2d:4a:6a:2d:
                    1a:f1:4d:af:27:b6:58:06:1e:e8:5a:b5:67:e7:3e:
                    f2:8b:83:57:f2:0f:1c:03:20:93:21:d3:f9:66:92:
                    98:43:18:20:40:03:fa:e0:36:15:10:25:89:a4:24:
                    2b:6e:74:e0:30:3b:b4:0b:b7:2d:73:19:c9:03:db:
                    17:9e:6b:9d:18:c9:7b:62:a9:a2:0f:ce:74:9e:d3:
                    6c:43:cd:7e:85:35:af:8c:86:78:46:8d:a4:73:cf:
                    35:73:07:65:3b:b7:e6:6e:dd:f6:36:90:8b:9a:90:
                    8b:99:c7:c8:e0:d2:ad:1f:90:23:64:b1:ac:84:9d:
                    b4:e6:0a:81:61:21:48:19:6e:53:37:c1:a1:44:7f:
                    64:54:58:5c:c2:a6:e8:a9:b5:5f:37:6c:1c:43:93:
                    66:58:1f:ff:67:46:86:f4:12:d6:e2:ce:90:4f:4e:
                    d2:05:20:31:6d:c8:9f:43:d7:04:6e:1a:04:f3:52:
                    45:cf:a9:35:71:3b:ad:12:a2:86:d0:86:1a:a1:0f:
                    8c:dd:e1:08:a9:b5:2b:97:66:88:73:94:cd:b1:e0:
                    e3:20:07:4b:0c:bb:6e:f0:b8:db:42:87:c0:bc:0a:
                    e8:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:D4:3B:CD:59:F6:7F:04:0E:8D:09:37:51:6F:9E:07:CF:2E:08:7C
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:30:4f:14:a1:b5:50:1b:bf:da:f4:d4:6f:ca:00:c3:ad:89:
         fc:dc:b6:3c:c4:4b:88:8b:26:6f:1f:4c:60:6b:d7:f4:ac:71:
         67:9e:3c:9e:90:3c:c0:f7:4f:47:ae:c3:2c:5f:29:7e:fb:e7:
         4e:4f:a0:d4:3e:33:7e:cb:f4:de:c2:ab:69:82:cc:c4:ae:8f:
         40:9d:cf:a1:fd:14:06:67:a0:3c:7e:c8:92:5b:77:97:86:39:
         43:c0:46:ed:36:8a:bc:7b:2c:b3:02:4f:3b:9f:ac:40:48:7b:
         9d:03:d6:ac:ed:a2:6e:e0:d2:6f:ee:02:39:68:09:3c:10:d9:
         80:ee:43:24:4c:9d:b4:23:e3:fd:fd:ab:f0:86:1e:83:51:bd:
         63:57:ce:f6:82:b1:c1:be:26:a5:f9:94:7a:d1:23:7e:cd:fc:
         54:f6:57:07:17:93:90:8c:dd:f6:51:dc:ab:48:5c:1b:53:9e:
         aa:fd:7a:68:19:2d:7f:14:74:1a:ae:8e:ff:1b:1b:65:ed:38:
         5d:42:c8:f5:4d:c2:51:b0:e6:5c:85:13:3c:85:f4:d6:2f:2a:
         db:93:52:8a:83:94:07:75:04:74:0b:cb:45:75:90:04:de:ad:
         56:bc:56:df:a7:35:a4:dc:bc:71:24:d4:2b:78:0a:68:07:c8:
         78:5f:3b:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX24qkjMXNQQM1xTPw8wiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUwODIzMTAwMDM1WhcNMjUwODI0MTAwMDM1WjAzMTEwLwYDVQQD
Eyg4MWQ0M2JjZDU5ZjY3ZjA0MGU4ZDA5Mzc1MTZmOWUwN2NmMmUwODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ2hfXC/Gha1LShaZBaumYDYTcp1
1X7lAC1Kai0a8U2vJ7ZYBh7oWrVn5z7yi4NX8g8cAyCTIdP5ZpKYQxggQAP64DYV
ECWJpCQrbnTgMDu0C7ctcxnJA9sXnmudGMl7YqmiD850ntNsQ81+hTWvjIZ4Ro2k
c881cwdlO7fmbt32NpCLmpCLmcfI4NKtH5AjZLGshJ205gqBYSFIGW5TN8GhRH9k
VFhcwqboqbVfN2wcQ5NmWB//Z0aG9BLW4s6QT07SBSAxbcifQ9cEbhoE81JFz6k1
cTutEqKG0IYaoQ+M3eEIqbUrl2aIc5TNseDjIAdLDLtu8LjbQofAvAro/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHUO81Z9n8EDo0JN1FvngfPLgh8MB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljBPFKG1
UBu/2vTUb8oAw62J/Ny2PMRLiIsmbx9MYGvX9KxxZ548npA8wPdPR67DLF8pfvvn
Tk+g1D4zfsv03sKraYLMxK6PQJ3Pof0UBmegPH7Iklt3l4Y5Q8BG7TaKvHssswJP
O5+sQEh7nQPWrO2ibuDSb+4COWgJPBDZgO5DJEydtCPj/f2r8IYeg1G9Y1fO9oKx
wb4mpfmUetEjfs38VPZXBxeTkIzd9lHcq0hcG1Oeqv16aBktfxR0Gq6O/xsbZe04
XULI9U3CUbDmXIUTPIX01i8q25NSioOUB3UEdAvLRXWQBN6tVrxW36c1pNy8cSTU
K3gKaAfIeF87vQ==
-----END CERTIFICATE-----