Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          HjVl2iBOCdhWYcYNZVuMH0bHvXVaqTAj48X3H1jWedo=
Subject key identifier:   20:B7:51:CD:B8:A1:2C:C0:78:A1:2D:96:87:29:B1:62:B7:C0:86:20
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0198D660916AB96B55E3557696CD36A62520
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          039E
Signing time:             Sat 23 Aug 2025 10:01:49 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:49 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:49 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: GLy7JX3pcSDMq3aBZhPaOfBsKEXHQdphc+627YgvBHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:91:6a:b9:6b:55:e3:55:76:96:cd:36:a6:25:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Aug 23 10:01:49 2025 GMT
            Not After : Aug 24 10:01:49 2025 GMT
        Subject: CN=20b751cdb8a12cc078a12d968729b162b7c08620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c1:20:c4:99:0b:0a:f7:fb:71:3d:05:aa:a0:
                    aa:e2:fd:9a:5f:0d:56:58:2a:f4:3c:ba:d1:c3:85:
                    62:ae:7a:9a:31:ef:0a:6d:a5:4e:ee:61:fe:4a:d6:
                    89:ff:68:e1:ed:30:3d:db:e8:50:e8:88:02:35:01:
                    a8:d5:65:4d:c1:e4:da:2e:63:a2:2a:3b:e7:a1:cf:
                    e6:a6:bb:d6:86:27:de:29:dd:e5:da:ee:3e:3c:05:
                    36:4f:c5:6d:c4:65:b2:76:7c:77:6d:ab:08:55:c8:
                    bf:7f:2b:eb:82:43:4f:a2:14:9c:50:e4:0f:4e:c3:
                    b5:59:be:11:5f:d4:24:24:cd:bd:22:6b:8e:59:78:
                    b2:15:14:80:f7:ea:e7:9f:ad:f8:52:c8:cc:d5:18:
                    b0:8b:9d:a8:03:1d:c7:20:ec:08:fd:fb:81:c9:56:
                    ac:e5:b9:ae:11:63:99:9b:40:9e:43:44:86:6c:b1:
                    af:97:8f:78:f3:39:12:0f:32:5a:eb:5f:38:b9:fc:
                    ba:53:ce:ad:85:9f:fb:fb:87:9b:2c:a7:93:e2:4c:
                    a1:ce:ba:c8:62:42:82:13:7a:6b:b5:6e:fd:aa:37:
                    48:3c:ad:c5:41:e9:bd:50:6c:b1:e8:18:e0:fd:6a:
                    0d:79:0d:1e:fa:5b:ae:49:fd:4c:d3:df:a6:96:5a:
                    f1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:B7:51:CD:B8:A1:2C:C0:78:A1:2D:96:87:29:B1:62:B7:C0:86:20
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:25:9b:65:77:3a:81:f3:cb:c8:ff:a0:85:b6:09:20:2c:dc:
         4b:b0:6c:6f:38:7e:a1:dc:47:5b:af:41:79:a3:63:15:1c:a9:
         e4:75:c0:d3:5b:18:59:91:1a:90:22:fe:83:ff:33:e3:75:b2:
         77:d9:df:19:69:4e:42:d1:1b:84:d4:f2:33:83:9e:dc:7d:bf:
         33:15:50:d4:af:3e:d4:a5:0c:4a:ab:42:a0:23:de:0d:c0:5c:
         10:16:b6:c3:12:e0:ec:47:34:ed:2e:4e:19:3d:9e:94:7a:a3:
         ce:7d:64:12:d3:c6:65:bd:50:1b:50:c4:c5:8b:fe:83:2b:4e:
         8f:d8:1d:60:91:23:b0:30:9b:2b:8f:ad:c9:39:e5:73:f7:21:
         3a:8c:3f:60:cd:ec:59:8e:53:f4:b3:4e:65:33:d0:9f:1e:23:
         bd:97:bc:06:b1:71:a2:71:ce:a2:4e:34:28:b8:96:84:18:03:
         7d:cb:6c:ec:0d:bd:02:0e:ea:57:a4:c8:88:57:7a:c0:bc:61:
         06:02:d7:31:de:5e:eb:04:d8:e1:c2:6c:bd:ec:56:a1:2f:33:
         ee:93:df:79:55:59:40:fc:fc:b8:23:57:dd:f9:1c:0d:87:45:
         f3:b7:18:bf:11:d9:24:97:bd:e2:43:c8:c9:79:be:96:d8:ca:
         9f:64:6b:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJFquWtV41V2ls02piUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUwODIzMTAwMTQ5WhcNMjUwODI0MTAwMTQ5WjAzMTEwLwYDVQQD
EygyMGI3NTFjZGI4YTEyY2MwNzhhMTJkOTY4NzI5YjE2MmI3YzA4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsEgxJkLCvf7cT0FqqCq4v2aXw1W
WCr0PLrRw4VirnqaMe8KbaVO7mH+StaJ/2jh7TA92+hQ6IgCNQGo1WVNweTaLmOi
Kjvnoc/mprvWhifeKd3l2u4+PAU2T8VtxGWydnx3basIVci/fyvrgkNPohScUOQP
TsO1Wb4RX9QkJM29ImuOWXiyFRSA9+rnn634UsjM1Riwi52oAx3HIOwI/fuByVas
5bmuEWOZm0CeQ0SGbLGvl4948zkSDzJa6184ufy6U86thZ/7+4ebLKeT4kyhzrrI
YkKCE3prtW79qjdIPK3FQem9UGyx6Bjg/WoNeQ0e+luuSf1M09+mllrxYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCC3Uc24oSzAeKEtlocpsWK3wIYgMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyWbZXc6
gfPLyP+ghbYJICzcS7Bsbzh+odxHW69BeaNjFRyp5HXA01sYWZEakCL+g/8z43Wy
d9nfGWlOQtEbhNTyM4Oe3H2/MxVQ1K8+1KUMSqtCoCPeDcBcEBa2wxLg7Ec07S5O
GT2elHqjzn1kEtPGZb1QG1DExYv+gytOj9gdYJEjsDCbK4+tyTnlc/chOow/YM3s
WY5T9LNOZTPQnx4jvZe8BrFxonHOok40KLiWhBgDfcts7A29Ag7qV6TIiFd6wLxh
BgLXMd5e6wTY4cJsvexWoS8z7pPfeVVZQPz8uCNX3fkcDYdF87cYvxHZJJe94kPI
yXm+ltjKn2RrwA==
-----END CERTIFICATE-----