Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          HH9tZtJ511TaN9Xnhmvw56T7gzxEkn87qyVynfOA8dQ=
Subject key identifier:   D1:61:5E:66:B1:E6:E4:D4:F4:9F:17:89:3B:81:C2:BA:A7:6D:AF:5B
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       0197B7EA26C5D87ACB40052D88D408828BC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          099E
Signing time:             Sat 28 Jun 2025 19:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:05 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: qQ5Di/sBg2M5mWr7226OUn9etw3PLKOW0BHSw686L1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:26:c5:d8:7a:cb:40:05:2d:88:d4:08:82:8b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Jun 28 19:01:05 2025 GMT
            Not After : Jun 29 19:01:05 2025 GMT
        Subject: CN=d1615e66b1e6e4d4f49f17893b81c2baa76daf5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:9c:28:a8:de:73:b1:2a:9b:76:69:f4:57:86:
                    76:67:1a:fe:c9:b9:41:a7:6f:ba:dd:41:d9:cf:e2:
                    49:74:a7:aa:02:3e:14:36:b0:4b:2b:6b:c2:80:19:
                    e3:96:05:7d:9f:46:5c:64:a3:74:a9:3f:d5:a7:d3:
                    24:16:59:fa:80:0a:04:ef:6a:82:a7:f3:bb:7f:44:
                    da:8a:4d:4b:97:f4:2a:74:91:5f:20:8a:b4:ed:08:
                    0f:61:4b:4e:c2:66:1e:03:27:b2:59:32:10:47:ff:
                    bf:b3:2c:a6:b8:41:c4:35:0f:5b:33:3a:c8:c5:05:
                    65:e5:3f:a2:3a:35:50:6d:12:f8:09:5c:e9:64:fb:
                    54:45:1b:86:de:82:10:07:6a:30:09:9a:90:06:07:
                    41:d0:38:01:bd:88:e6:9d:39:13:2f:15:98:c1:66:
                    96:38:78:6d:76:97:e5:b2:6b:e6:1f:29:14:98:12:
                    05:cb:62:86:d9:e4:64:6d:5e:21:d8:0a:26:7b:97:
                    ba:dc:55:cf:cb:aa:45:5f:3e:78:49:41:8a:83:3a:
                    ee:6c:41:17:13:c1:0f:83:5b:55:18:fe:64:5c:e9:
                    7e:d4:fc:a1:b9:9a:9b:7f:e8:54:9c:31:fb:4d:e7:
                    06:5a:cc:45:cf:b8:ae:16:f3:16:47:3a:4d:a5:b0:
                    95:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:61:5E:66:B1:E6:E4:D4:F4:9F:17:89:3B:81:C2:BA:A7:6D:AF:5B
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:84:e5:55:43:6e:ad:ac:17:d2:a6:60:8d:c1:d4:ac:cf:df:
         50:fd:57:a3:fd:e0:33:12:5b:9a:c4:33:53:ef:35:d8:45:da:
         96:32:80:ec:23:ee:25:ac:54:1a:1f:d1:ed:b2:00:f5:00:c3:
         ae:2a:21:a6:dd:eb:ae:07:89:a4:b6:59:c2:c2:db:c1:71:3b:
         50:5f:7b:b2:51:90:f8:3f:de:3b:fe:a1:c6:24:4c:ac:02:d6:
         cf:a4:eb:30:fa:f2:0e:2b:cb:b9:76:1e:4a:b2:78:b1:b3:a4:
         20:4b:33:74:4f:2d:c9:cd:59:a4:69:23:70:d6:f8:11:cd:47:
         3d:1e:ac:23:e6:c2:5e:1e:15:41:7a:96:a3:5b:ac:4c:a2:7d:
         a3:fd:c0:f0:c2:40:02:c9:e3:a2:b4:5a:e5:22:07:69:aa:bc:
         b0:90:9c:61:18:1b:21:8d:55:0f:14:ff:60:3f:ce:59:cb:5d:
         19:95:53:b4:4f:d9:d8:ba:8b:b7:a4:69:99:8f:31:c2:89:99:
         1c:6f:19:4e:dc:4f:01:75:65:f0:53:74:6b:49:dd:52:a6:ce:
         89:02:86:f0:d4:27:8f:b7:34:aa:1b:48:66:6a:8d:47:0c:a8:
         91:bb:0d:1a:fa:d3:03:b9:3e:37:db:d2:38:90:ed:92:3d:51:
         00:cf:7d:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36ibF2HrLQAUtiNQIgovGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwNjI4MTkwMTA1WhcNMjUwNjI5MTkwMTA1WjAzMTEwLwYDVQQD
EyhkMTYxNWU2NmIxZTZlNGQ0ZjQ5ZjE3ODkzYjgxYzJiYWE3NmRhZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JwoqN5zsSqbdmn0V4Z2Zxr+yblB
p2+63UHZz+JJdKeqAj4UNrBLK2vCgBnjlgV9n0ZcZKN0qT/Vp9MkFln6gAoE72qC
p/O7f0Taik1Ll/QqdJFfIIq07QgPYUtOwmYeAyeyWTIQR/+/syymuEHENQ9bMzrI
xQVl5T+iOjVQbRL4CVzpZPtURRuG3oIQB2owCZqQBgdB0DgBvYjmnTkTLxWYwWaW
OHhtdpflsmvmHykUmBIFy2KG2eRkbV4h2Aome5e63FXPy6pFXz54SUGKgzrubEEX
E8EPg1tVGP5kXOl+1PyhuZqbf+hUnDH7TecGWsxFz7iuFvMWRzpNpbCViQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFhXmax5uTU9J8XiTuBwrqnba9bMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYTlVUNu
rawX0qZgjcHUrM/fUP1Xo/3gMxJbmsQzU+812EXaljKA7CPuJaxUGh/R7bIA9QDD
riohpt3rrgeJpLZZwsLbwXE7UF97slGQ+D/eO/6hxiRMrALWz6TrMPryDivLuXYe
SrJ4sbOkIEszdE8tyc1ZpGkjcNb4Ec1HPR6sI+bCXh4VQXqWo1usTKJ9o/3A8MJA
AsnjorRa5SIHaaq8sJCcYRgbIY1VDxT/YD/OWctdGZVTtE/Z2LqLt6RpmY8xwomZ
HG8ZTtxPAXVl8FN0a0ndUqbOiQKG8NQnj7c0qhtIZmqNRwyokbsNGvrTA7k+N9vS
OJDtkj1RAM99rQ==
-----END CERTIFICATE-----