Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
File:                     v5ulghwIWljj4dM6TvQem3YQXuU.mft (raw, json)
Hash identifier:          rO2FGS7YDAOb17dx8H8YUSjEwjeZaBbTklXyXkQtpjE=
Subject key identifier:   0F:7B:F0:64:E5:FC:67:C9:B7:5E:BC:EA:54:43:44:0A:30:39:15:0D
Authority key identifier: BF:9B:A5:82:1C:08:5A:58:E3:E1:D3:3A:4E:F4:1E:9B:76:10:5E:E5
Certificate issuer:       /CN=bf9ba5821c085a58e3e1d33a4ef41e9b76105ee5
Certificate serial:       0198D6600E5DC46FCAB67327987CB0A98B1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
Manifest number:          120E
Signing time:             Sat 23 Aug 2025 10:01:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:16 +0000
Files and hashes:         1: v5ulghwIWljj4dM6TvQem3YQXuU.crl (hash: lJUbbBv3Kk0LkCIFlf0Nf5jYU5b3rJSpUlfjuodZa80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:0e:5d:c4:6f:ca:b6:73:27:98:7c:b0:a9:8b:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf9ba5821c085a58e3e1d33a4ef41e9b76105ee5
        Validity
            Not Before: Aug 23 10:01:16 2025 GMT
            Not After : Aug 24 10:01:16 2025 GMT
        Subject: CN=0f7bf064e5fc67c9b75ebcea5443440a3039150d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:89:ae:c4:66:15:c6:87:53:ba:da:86:1d:7d:
                    01:94:b4:0a:6d:68:fe:d8:59:be:b3:da:4a:2d:f4:
                    cf:88:d3:8c:f0:e5:dd:c5:de:c0:74:85:fd:36:86:
                    2c:92:a3:9e:9f:01:94:77:05:a0:c6:d9:99:56:f9:
                    8c:53:d4:a7:77:52:2c:46:3c:a9:1d:02:66:e5:42:
                    8a:6a:72:ac:67:11:f1:b1:1f:c8:34:5d:f1:93:8d:
                    42:a6:00:4f:89:46:e0:b7:74:23:07:94:29:4d:e0:
                    73:3d:bc:a9:bb:4c:7f:02:3d:61:b3:63:ba:29:44:
                    10:0c:01:63:7a:ad:c6:c7:df:f8:9a:6a:cf:6c:f7:
                    8e:c1:65:01:06:d3:38:43:3d:17:6f:e3:d3:1f:03:
                    8d:ef:f7:bf:ae:18:4b:82:c4:11:06:a1:77:1d:fc:
                    c2:1c:bb:06:5e:47:4b:f5:27:d9:a6:cc:77:26:bc:
                    f9:83:b1:84:c7:bf:c6:0b:c3:40:5b:7b:54:01:bb:
                    35:f6:9c:76:cd:0b:03:af:f5:9b:b8:b1:e6:26:e4:
                    3e:57:ec:94:81:df:ea:a7:ec:e5:1a:17:df:4f:df:
                    14:ea:f1:54:fa:a6:6c:b2:18:17:a0:bb:90:40:e5:
                    9f:9c:31:cb:e3:10:62:55:45:29:84:38:33:10:79:
                    aa:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:7B:F0:64:E5:FC:67:C9:B7:5E:BC:EA:54:43:44:0A:30:39:15:0D
            X509v3 Authority Key Identifier:
                keyid:BF:9B:A5:82:1C:08:5A:58:E3:E1:D3:3A:4E:F4:1E:9B:76:10:5E:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:c6:c5:86:0f:6a:4e:a8:62:42:2f:6c:f0:2b:fc:89:b4:a1:
         8e:8f:f8:8a:b1:4b:40:6a:30:8e:d7:3c:cd:bc:e5:2b:5b:fd:
         50:c4:08:ee:8b:91:87:d5:e7:b1:e5:54:40:f4:a2:f7:27:60:
         ad:16:14:f6:e4:e7:bb:4e:5a:70:16:31:e8:de:63:90:3f:a0:
         48:22:43:98:40:15:6f:ea:d2:8b:bc:ae:cf:6e:ad:f1:08:3f:
         ad:b9:6a:61:18:13:91:b1:27:fb:33:3a:f9:f1:e6:5f:f3:2c:
         b9:77:02:03:c9:fa:02:e0:6a:9f:49:61:11:90:68:64:4f:a1:
         d5:d6:c8:98:57:dd:31:7d:c7:b2:0f:8b:79:61:c6:f7:77:a4:
         45:94:b7:bf:02:22:87:ef:d8:15:d5:97:05:4a:3d:13:0c:f6:
         c6:a2:b0:cc:13:df:c1:c6:cc:6b:ee:d4:f6:07:46:19:4a:ce:
         9d:fa:19:73:cb:74:21:76:9f:b4:1c:fe:af:97:78:22:09:56:
         5a:4d:c4:23:9b:bc:c6:87:e6:65:e7:ba:94:5f:57:6e:57:25:
         24:60:47:79:20:ad:0f:50:b1:9c:06:fa:10:39:62:c3:95:70:
         50:e6:32:21:3b:96:87:eb:29:8a:b2:17:f2:f5:7f:02:5e:4b:
         33:3d:a1:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYA5dxG/KtnMnmHywqYsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOWJhNTgyMWMwODVhNThlM2UxZDMzYTRlZjQxZTliNzYx
MDVlZTUwHhcNMjUwODIzMTAwMTE2WhcNMjUwODI0MTAwMTE2WjAzMTEwLwYDVQQD
EygwZjdiZjA2NGU1ZmM2N2M5Yjc1ZWJjZWE1NDQzNDQwYTMwMzkxNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgomuxGYVxodTutqGHX0BlLQKbWj+
2Fm+s9pKLfTPiNOM8OXdxd7AdIX9NoYskqOenwGUdwWgxtmZVvmMU9Snd1IsRjyp
HQJm5UKKanKsZxHxsR/INF3xk41CpgBPiUbgt3QjB5QpTeBzPbypu0x/Aj1hs2O6
KUQQDAFjeq3Gx9/4mmrPbPeOwWUBBtM4Qz0Xb+PTHwON7/e/rhhLgsQRBqF3HfzC
HLsGXkdL9SfZpsx3Jrz5g7GEx7/GC8NAW3tUAbs19px2zQsDr/WbuLHmJuQ+V+yU
gd/qp+zlGhffT98U6vFU+qZsshgXoLuQQOWfnDHL4xBiVUUphDgzEHmqmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA978GTl/GfJt1686lRDRAowORUNMB8GA1UdIwQY
MBaAFL+bpYIcCFpY4+HTOk70Hpt2EF7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mYmM4YjUtYzVmNS00MGI4LThhNzQt
YmZhZmIyOTM3MWNmLzEvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mYmM4YjUtYzVmNS00MGI4LThhNzQtYmZhZmIyOTM3MWNm
LzEvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcbFhg9q
TqhiQi9s8Cv8ibShjo/4irFLQGowjtc8zbzlK1v9UMQI7ouRh9XnseVUQPSi9ydg
rRYU9uTnu05acBYx6N5jkD+gSCJDmEAVb+rSi7yuz26t8Qg/rblqYRgTkbEn+zM6
+fHmX/MsuXcCA8n6AuBqn0lhEZBoZE+h1dbImFfdMX3Hsg+LeWHG93ekRZS3vwIi
h+/YFdWXBUo9Ewz2xqKwzBPfwcbMa+7U9gdGGUrOnfoZc8t0IXaftBz+r5d4IglW
Wk3EI5u8xofmZee6lF9XblclJGBHeSCtD1CxnAb6EDliw5VwUOYyITuWh+spirIX
8vV/Al5LMz2h+A==
-----END CERTIFICATE-----