Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          uz5gTZGItMpdIDEUEMIUwuzsdgYJW8P+M/C32/zy6aQ=
Subject key identifier:   7F:F5:54:00:57:D7:DE:76:74:47:53:6E:4B:F7:4D:CA:47:2F:B2:6C
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0198D705C96ACF77408343A118DD89A6773B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          072F
Signing time:             Sat 23 Aug 2025 13:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:17 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: g4wnSmvzma279FoN8qWT5WohQlDngiPhSVPMiGb/A1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:c9:6a:cf:77:40:83:43:a1:18:dd:89:a6:77:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Aug 23 13:02:17 2025 GMT
            Not After : Aug 24 13:02:17 2025 GMT
        Subject: CN=7ff5540057d7de767447536e4bf74dca472fb26c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dc:4e:59:5e:cd:21:e9:23:b6:e5:d0:6f:eb:
                    a1:7e:97:c9:54:cf:33:03:0d:8a:b5:0d:d1:b2:90:
                    2a:92:52:8c:cb:e2:ff:93:5c:da:83:9e:d8:47:86:
                    4a:a0:bb:7f:d4:44:56:ca:72:79:e9:c5:1d:8c:62:
                    62:4a:b6:38:5d:8b:c6:25:03:36:d9:e7:52:f4:56:
                    48:94:8f:74:e4:0b:d2:1e:70:f8:a9:7f:24:ee:e1:
                    4e:2f:a5:0c:68:d0:31:9f:77:03:9d:e4:43:b1:ab:
                    89:df:e7:87:01:96:13:8b:de:f9:17:34:e0:ec:da:
                    61:9c:c9:99:83:79:af:48:1e:6b:fd:d9:64:2a:20:
                    b2:55:ee:67:4a:9c:7d:55:09:c8:ca:c8:ba:9d:6a:
                    7f:b2:c8:6e:e6:bd:76:d6:ed:3a:04:52:4c:81:67:
                    91:a7:df:94:c3:7f:af:23:e4:f9:3c:84:c0:b0:78:
                    54:dd:73:f6:17:e4:ae:b9:56:4a:1a:b0:fb:d8:43:
                    ed:fc:fd:14:ae:5a:c7:5a:2c:48:af:88:e4:41:1f:
                    43:5c:c2:6c:54:41:b6:a6:f1:63:53:3a:d5:f3:c9:
                    6b:d2:4c:66:dc:4b:3f:b0:4b:ca:a0:c1:0d:83:d1:
                    ec:7f:a8:a3:b1:3e:b4:58:2f:81:dc:1f:b5:5c:bd:
                    8d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:F5:54:00:57:D7:DE:76:74:47:53:6E:4B:F7:4D:CA:47:2F:B2:6C
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:2a:72:e9:52:44:fd:0b:2b:ac:48:22:42:45:92:52:a1:79:
         e9:d4:20:06:69:81:84:68:06:77:1a:5f:02:c0:32:01:23:bf:
         84:e1:af:63:46:06:24:20:fa:1f:d4:b0:65:d0:aa:fb:92:85:
         8e:57:46:cf:b4:fd:e4:2a:2b:3d:a0:e5:fe:29:88:1f:9e:ed:
         8f:0d:8e:1c:05:72:63:28:cd:5b:b4:f6:ff:b6:c4:04:09:04:
         0a:17:63:d1:08:7a:c8:3b:72:d0:d2:0d:ff:e7:a4:3e:cb:90:
         29:92:d8:30:9f:51:82:cc:ed:7e:e6:d9:1b:09:c2:56:2a:be:
         a2:ee:33:6b:64:47:97:8f:93:26:43:45:69:a2:e8:0d:d7:0e:
         ff:8e:04:67:95:17:c7:c1:e9:b5:45:fe:b1:9a:7d:ea:e6:ed:
         c7:a2:4d:fa:66:1b:4a:49:1b:b8:4d:08:c2:03:2a:fc:f1:21:
         7d:66:ea:f5:c2:33:d7:30:9b:0c:6c:0c:63:0d:6c:31:b3:46:
         6c:29:4a:0d:02:bc:ee:ff:ae:ec:36:9b:07:22:b8:9b:5e:47:
         de:d8:1f:44:b5:aa:cd:9f:78:58:05:28:4c:ca:41:c9:9f:74:
         aa:7f:ca:52:7a:21:dd:34:a9:96:74:52:51:f4:42:e2:86:c4:
         8d:21:04:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBclqz3dAg0OhGN2Jpnc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwODIzMTMwMjE3WhcNMjUwODI0MTMwMjE3WjAzMTEwLwYDVQQD
Eyg3ZmY1NTQwMDU3ZDdkZTc2NzQ0NzUzNmU0YmY3NGRjYTQ3MmZiMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNxOWV7NIekjtuXQb+uhfpfJVM8z
Aw2KtQ3RspAqklKMy+L/k1zag57YR4ZKoLt/1ERWynJ56cUdjGJiSrY4XYvGJQM2
2edS9FZIlI905AvSHnD4qX8k7uFOL6UMaNAxn3cDneRDsauJ3+eHAZYTi975FzTg
7NphnMmZg3mvSB5r/dlkKiCyVe5nSpx9VQnIysi6nWp/sshu5r121u06BFJMgWeR
p9+Uw3+vI+T5PITAsHhU3XP2F+SuuVZKGrD72EPt/P0UrlrHWixIr4jkQR9DXMJs
VEG2pvFjUzrV88lr0kxm3Es/sEvKoMENg9Hsf6ijsT60WC+B3B+1XL2N4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/1VABX1952dEdTbkv3TcpHL7JsMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANypy6VJE
/QsrrEgiQkWSUqF56dQgBmmBhGgGdxpfAsAyASO/hOGvY0YGJCD6H9SwZdCq+5KF
jldGz7T95CorPaDl/imIH57tjw2OHAVyYyjNW7T2/7bEBAkEChdj0Qh6yDty0NIN
/+ekPsuQKZLYMJ9RgsztfubZGwnCViq+ou4za2RHl4+TJkNFaaLoDdcO/44EZ5UX
x8HptUX+sZp96ubtx6JN+mYbSkkbuE0IwgMq/PEhfWbq9cIz1zCbDGwMYw1sMbNG
bClKDQK87v+u7DabByK4m15H3tgfRLWqzZ94WAUoTMpByZ90qn/KUnoh3TSplnRS
UfRC4obEjSEEXA==
-----END CERTIFICATE-----