Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          OCY8zETknxOirODBA73XXCUhjABjoqYU7Z2NsGfhFNg=
Subject key identifier:   14:C3:EE:D7:29:3F:06:A5:E6:84:CF:0B:39:99:CB:BC:EE:B5:53:EF
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       0199FBEB9868DB5EA75815879CE3973E9F76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0958
Signing time:             Sun 19 Oct 2025 10:02:25 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:25 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:25 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: ZxaGw5leStb+VqJD10RwfTZn1OHubb7xmQYWwd0955k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:98:68:db:5e:a7:58:15:87:9c:e3:97:3e:9f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: Oct 19 10:02:25 2025 GMT
            Not After : Oct 20 10:02:25 2025 GMT
        Subject: CN=14c3eed7293f06a5e684cf0b3999cbbceeb553ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b5:41:ba:0d:7b:4e:2c:27:5c:cd:cd:98:ff:
                    ea:48:fb:62:e8:30:93:43:24:54:d1:30:2d:95:8e:
                    64:ff:d0:1c:5e:22:5f:ae:59:35:bd:fe:94:0a:c4:
                    81:95:71:19:33:93:a2:82:02:f9:3d:38:55:2b:18:
                    1f:ec:4c:ed:3c:65:b4:d8:0c:63:27:2f:37:f2:34:
                    8b:11:67:a8:30:d1:77:c7:eb:37:13:a6:b0:a7:b9:
                    24:5b:89:df:75:82:9f:7b:6d:c2:c8:d1:15:fb:73:
                    d7:cc:30:f3:2a:35:8e:6e:5b:da:75:82:c5:4c:34:
                    f2:93:9d:94:b6:26:66:bb:17:6a:da:83:d3:a0:8b:
                    fb:94:40:ed:15:73:5b:ba:96:8d:e7:4d:68:53:bc:
                    30:4d:23:95:d3:15:0b:a9:7f:e2:78:05:fe:b3:79:
                    35:10:a1:12:ae:27:c9:ce:21:3c:9f:80:f6:cd:de:
                    53:43:51:a1:68:c9:40:ba:7d:81:52:d8:52:e7:e2:
                    f5:57:95:95:43:40:6b:11:3b:6e:58:77:1c:ec:dd:
                    76:92:48:bd:a6:c7:3e:da:aa:5f:84:e3:a1:31:72:
                    f9:b1:15:0b:66:35:1a:0a:7f:41:79:9b:05:c5:e1:
                    03:1f:4b:38:ae:e5:db:4e:38:98:6d:98:fe:0d:2d:
                    62:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C3:EE:D7:29:3F:06:A5:E6:84:CF:0B:39:99:CB:BC:EE:B5:53:EF
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:a7:41:d3:f0:1a:16:d1:3d:8b:85:ce:31:00:42:5b:e9:5d:
         59:c6:a3:bf:62:3c:7d:6b:f6:a9:a4:60:d8:cc:44:e4:6e:38:
         32:14:8e:3a:1b:d5:0a:df:01:63:e2:6d:60:69:90:89:e7:7d:
         98:fd:5d:5b:80:a2:8b:a7:43:a5:ad:e2:73:d5:f5:c1:b0:13:
         c3:08:35:b9:56:ef:ce:80:6a:f0:cf:01:15:2b:58:b1:ff:05:
         5d:e6:7b:2c:02:32:5e:e3:b5:89:80:00:55:2a:ce:42:41:b7:
         3c:ee:bb:a4:48:5d:dd:32:f5:81:71:0b:2f:cd:1e:54:d2:c0:
         b7:88:c9:32:31:1b:47:80:74:40:e8:4d:6c:a1:84:e1:fb:ce:
         80:ca:19:0c:6c:75:e8:bb:d8:2f:64:56:a9:df:54:8b:2b:cf:
         8b:1d:a7:c8:8e:43:71:cf:1a:27:31:79:b8:43:df:0c:de:31:
         61:04:ed:3e:15:3d:63:27:42:8b:99:36:a0:a7:69:03:63:9c:
         e5:de:2d:b7:3c:16:07:4e:25:51:ab:d0:81:07:af:91:8d:41:
         81:4f:09:e2:d4:3b:01:6d:82:f1:6c:05:95:64:ae:bb:fb:d5:
         18:f7:8c:e7:57:b1:8d:d1:f4:2b:f9:d2:79:71:69:43:f9:c8:
         e0:4d:95:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765ho216nWBWHnOOXPp92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjUxMDE5MTAwMjI1WhcNMjUxMDIwMTAwMjI1WjAzMTEwLwYDVQQD
EygxNGMzZWVkNzI5M2YwNmE1ZTY4NGNmMGIzOTk5Y2JiY2VlYjU1M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7VBug17TiwnXM3NmP/qSPti6DCT
QyRU0TAtlY5k/9AcXiJfrlk1vf6UCsSBlXEZM5OiggL5PThVKxgf7EztPGW02Axj
Jy838jSLEWeoMNF3x+s3E6awp7kkW4nfdYKfe23CyNEV+3PXzDDzKjWOblvadYLF
TDTyk52UtiZmuxdq2oPToIv7lEDtFXNbupaN501oU7wwTSOV0xULqX/ieAX+s3k1
EKESrifJziE8n4D2zd5TQ1GhaMlAun2BUthS5+L1V5WVQ0BrETtuWHcc7N12kki9
psc+2qpfhOOhMXL5sRULZjUaCn9BeZsFxeEDH0s4ruXbTjiYbZj+DS1i+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTD7tcpPwal5oTPCzmZy7zutVPvMB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbKdB0/Aa
FtE9i4XOMQBCW+ldWcajv2I8fWv2qaRg2MxE5G44MhSOOhvVCt8BY+JtYGmQied9
mP1dW4Cii6dDpa3ic9X1wbATwwg1uVbvzoBq8M8BFStYsf8FXeZ7LAIyXuO1iYAA
VSrOQkG3PO67pEhd3TL1gXELL80eVNLAt4jJMjEbR4B0QOhNbKGE4fvOgMoZDGx1
6LvYL2RWqd9UiyvPix2nyI5Dcc8aJzF5uEPfDN4xYQTtPhU9YydCi5k2oKdpA2Oc
5d4ttzwWB04lUavQgQevkY1BgU8J4tQ7AW2C8WwFlWSuu/vVGPeM51exjdH0K/nS
eXFpQ/nI4E2VAQ==
-----END CERTIFICATE-----