Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          kn7Dfx8QYpGn0f34py5N4KZRbTnzp8nR12s48OgS7Bg=
Subject key identifier:   14:CA:45:14:16:BE:99:E9:C8:DD:50:05:E5:0F:8A:5D:20:ED:9D:D6
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       0198D7A8AEEC783126AB53F7CFAEF7B7F531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0A33
Signing time:             Sat 23 Aug 2025 16:00:12 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:12 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:12 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: R2Fgwx8vFK4Xic9WAj2ViSMDm2O514FR0el/s3HHnMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:ae:ec:78:31:26:ab:53:f7:cf:ae:f7:b7:f5:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Aug 23 16:00:12 2025 GMT
            Not After : Aug 24 16:00:12 2025 GMT
        Subject: CN=14ca451416be99e9c8dd5005e50f8a5d20ed9dd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:dc:44:31:38:29:b5:f1:1b:1b:ff:3d:d2:1c:
                    ad:45:54:82:be:33:42:4e:97:2d:c9:f3:85:fe:51:
                    dd:4f:5d:b9:ff:a0:a3:6a:eb:4c:0b:fc:db:da:c2:
                    2b:2e:07:c8:39:c1:ce:e3:2a:12:e7:23:f9:ac:28:
                    39:93:b2:98:3f:51:60:59:32:ae:ae:82:8c:3e:ff:
                    b1:32:83:d4:ed:48:56:47:53:20:db:5f:5b:50:9c:
                    44:b7:e3:a6:34:d2:22:61:32:7b:ba:c6:ab:9f:ca:
                    72:69:0a:6c:8a:95:70:27:d2:af:2d:29:0c:78:fd:
                    45:55:e3:17:f1:ae:89:0b:12:75:f1:bd:52:30:7e:
                    0c:a5:88:91:47:d9:42:50:df:92:14:cd:4a:f2:ca:
                    95:aa:46:de:34:f7:2c:ae:cb:fa:5d:02:d0:07:a1:
                    0c:3a:d1:d2:34:ad:67:e2:41:ba:93:a7:3e:54:6a:
                    83:ae:5e:11:85:63:38:f3:e8:f4:47:3b:d8:d7:51:
                    3f:8f:da:92:d0:bd:62:24:04:59:ed:ff:6e:75:99:
                    d3:c3:bd:52:80:fb:87:9b:e3:52:43:af:08:e3:74:
                    b6:10:c0:96:ca:20:8e:40:e6:5b:a8:17:80:dc:1e:
                    1b:2b:6d:2d:88:bc:0a:dd:32:50:05:95:10:01:76:
                    53:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:CA:45:14:16:BE:99:E9:C8:DD:50:05:E5:0F:8A:5D:20:ED:9D:D6
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:25:c0:2a:5b:32:35:e0:65:3e:32:4c:09:b9:22:c8:47:10:
         08:16:ee:27:03:32:1c:11:db:64:64:39:3b:03:5f:10:48:28:
         f8:d6:00:52:a4:9f:f4:88:9c:5a:b9:8d:3e:ae:fa:f7:a6:b9:
         10:16:a5:64:f1:20:ba:85:c8:fb:5b:10:cc:af:9a:ca:30:b2:
         cc:85:37:d2:68:9c:6e:1c:48:16:6d:dd:69:46:cb:d4:8e:dd:
         82:a7:3e:b7:3e:ca:42:66:f4:f6:12:d8:05:6a:b1:16:20:b6:
         58:0d:4a:58:a1:d9:72:b6:d6:51:ba:96:c0:0b:76:25:6d:93:
         cb:63:db:83:de:61:52:8a:64:27:79:3e:12:56:a5:df:7e:8a:
         eb:0d:e9:ec:bc:12:a5:19:6f:19:db:7b:af:7b:fd:b3:9e:a8:
         f8:e9:79:07:65:19:9d:15:f0:da:40:e7:bf:ec:29:e4:b9:5f:
         40:50:5d:7b:72:3a:4b:1d:9d:07:22:0c:aa:73:5e:63:92:c7:
         d7:89:82:7a:5f:10:f7:bd:80:a3:f7:52:e0:18:de:1c:4e:12:
         17:29:cc:73:66:5c:d9:cb:1c:1f:6e:c6:46:3c:71:2a:37:33:
         79:74:cf:af:98:a5:cf:b2:52:c6:49:40:07:ea:f1:c9:24:4f:
         e9:ee:25:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqK7seDEmq1P3z673t/UxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwODIzMTYwMDEyWhcNMjUwODI0MTYwMDEyWjAzMTEwLwYDVQQD
EygxNGNhNDUxNDE2YmU5OWU5YzhkZDUwMDVlNTBmOGE1ZDIwZWQ5ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1txEMTgptfEbG/890hytRVSCvjNC
TpctyfOF/lHdT125/6CjautMC/zb2sIrLgfIOcHO4yoS5yP5rCg5k7KYP1FgWTKu
roKMPv+xMoPU7UhWR1Mg219bUJxEt+OmNNIiYTJ7usarn8pyaQpsipVwJ9KvLSkM
eP1FVeMX8a6JCxJ18b1SMH4MpYiRR9lCUN+SFM1K8sqVqkbeNPcsrsv6XQLQB6EM
OtHSNK1n4kG6k6c+VGqDrl4RhWM48+j0RzvY11E/j9qS0L1iJARZ7f9udZnTw71S
gPuHm+NSQ68I43S2EMCWyiCOQOZbqBeA3B4bK20tiLwK3TJQBZUQAXZT8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTKRRQWvpnpyN1QBeUPil0g7Z3WMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSXAKlsy
NeBlPjJMCbkiyEcQCBbuJwMyHBHbZGQ5OwNfEEgo+NYAUqSf9IicWrmNPq7696a5
EBalZPEguoXI+1sQzK+ayjCyzIU30micbhxIFm3daUbL1I7dgqc+tz7KQmb09hLY
BWqxFiC2WA1KWKHZcrbWUbqWwAt2JW2Ty2Pbg95hUopkJ3k+Elal336K6w3p7LwS
pRlvGdt7r3v9s56o+Ol5B2UZnRXw2kDnv+wp5LlfQFBde3I6Sx2dByIMqnNeY5LH
14mCel8Q972Ao/dS4BjeHE4SFynMc2Zc2cscH27GRjxxKjczeXTPr5ilz7JSxklA
B+rxySRP6e4l0w==
-----END CERTIFICATE-----