Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          Rz1BxXfwbtWbedu7fANGWxypliENhQ84qTun7Re9d3w=
Subject key identifier:   0C:9E:95:F1:2F:5E:6E:63:8C:77:7D:85:1E:42:58:2F:BE:5F:11:B5
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       0198D473A79015CBD93A8B4717CDA4EF5875
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0DE1
Signing time:             Sat 23 Aug 2025 01:03:25 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:25 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:25 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: JiF+RFrTjF8PwAbh/zvGcTYSBUGIZajq/AhkoGqzON4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:a7:90:15:cb:d9:3a:8b:47:17:cd:a4:ef:58:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Aug 23 01:03:25 2025 GMT
            Not After : Aug 24 01:03:25 2025 GMT
        Subject: CN=0c9e95f12f5e6e638c777d851e42582fbe5f11b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:eb:c4:2d:c4:60:2b:30:e0:8c:75:9f:9b:a9:
                    f6:0b:cc:52:fa:66:68:df:e0:54:f7:c9:3c:3a:88:
                    f2:f2:e2:c5:d8:93:9f:dd:28:cb:60:cf:e1:e3:0c:
                    68:27:be:19:d1:b4:25:77:68:e5:cc:c4:90:40:40:
                    fb:dc:d2:a7:f4:f6:63:d4:e5:8f:fb:71:6e:e0:91:
                    dc:d1:ce:22:21:c7:9c:ac:f0:42:cb:fd:d5:0a:bb:
                    ab:dc:ff:37:4a:ee:a0:dc:60:e5:b6:e1:54:ff:9b:
                    01:ac:bc:6d:f6:99:f0:f1:40:f4:12:1e:a8:86:25:
                    28:20:c1:ae:68:b3:bd:71:77:85:e0:74:a2:3b:51:
                    a5:06:de:23:87:dc:b1:54:50:d9:72:41:0f:6f:98:
                    7a:e5:3e:31:ec:3d:21:9c:41:24:13:60:8b:c1:bd:
                    88:a8:6a:c2:b9:91:6f:76:23:2f:89:32:2e:a2:97:
                    bc:2d:0b:33:ef:ce:8f:b6:24:10:aa:8e:9f:a9:28:
                    ea:fe:e3:df:bc:f9:80:86:b1:bc:3c:81:9c:1b:d3:
                    62:97:3e:51:da:94:06:67:a2:aa:db:ee:99:8e:2f:
                    37:00:de:a2:41:9c:15:35:e1:68:b8:dc:c8:fc:ba:
                    82:a9:c0:c9:78:63:a3:b9:6c:0f:64:19:18:a5:31:
                    5f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9E:95:F1:2F:5E:6E:63:8C:77:7D:85:1E:42:58:2F:BE:5F:11:B5
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:eb:0d:af:e2:44:f5:44:7a:2a:7d:63:0b:7b:67:18:2a:aa:
         22:4a:ef:6c:66:56:87:fb:45:d9:d5:d7:45:6d:e3:70:92:8e:
         29:8a:7d:ca:0d:66:19:ca:90:db:a6:2b:2b:9f:dc:86:30:f5:
         19:c2:b8:3b:a0:5c:0d:a7:90:8a:9f:25:95:6e:0c:02:b9:40:
         c7:a7:71:6e:b5:23:68:1b:35:ce:fc:d2:10:7f:b2:3b:04:a3:
         3a:c1:6e:70:8c:f5:6a:63:89:e6:e5:22:de:fa:79:25:0f:b0:
         5f:cc:12:65:28:e2:a4:48:9a:8e:ee:9b:4f:39:2c:fd:67:9a:
         f2:c2:3a:6b:88:7e:a0:5e:43:58:1f:89:c3:b3:40:a0:7e:c5:
         db:36:7c:27:bf:bc:3e:c9:ae:63:52:ad:5e:ad:14:15:85:6f:
         58:dd:de:77:0a:f9:14:6b:a5:a9:90:dd:e5:f6:2e:11:7e:93:
         ad:cb:9a:c8:88:c5:3b:a9:33:8f:0d:db:1f:51:87:ea:62:2d:
         47:7e:8c:0b:fe:c3:e7:60:d0:3a:14:d1:ba:f5:e7:47:c1:a2:
         2f:16:5c:f2:b0:6c:3d:e3:ff:af:bd:0c:fd:f3:5a:b8:35:0f:
         85:33:4b:7e:20:9d:24:a4:5f:5d:8e:bb:00:04:bd:2a:92:b3:
         db:9d:73:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc6eQFcvZOotHF82k71h1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUwODIzMDEwMzI1WhcNMjUwODI0MDEwMzI1WjAzMTEwLwYDVQQD
EygwYzllOTVmMTJmNWU2ZTYzOGM3NzdkODUxZTQyNTgyZmJlNWYxMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+vELcRgKzDgjHWfm6n2C8xS+mZo
3+BU98k8Oojy8uLF2JOf3SjLYM/h4wxoJ74Z0bQld2jlzMSQQED73NKn9PZj1OWP
+3Fu4JHc0c4iIcecrPBCy/3VCrur3P83Su6g3GDltuFU/5sBrLxt9pnw8UD0Eh6o
hiUoIMGuaLO9cXeF4HSiO1GlBt4jh9yxVFDZckEPb5h65T4x7D0hnEEkE2CLwb2I
qGrCuZFvdiMviTIuope8LQsz786PtiQQqo6fqSjq/uPfvPmAhrG8PIGcG9Nilz5R
2pQGZ6Kq2+6Zji83AN6iQZwVNeFouNzI/LqCqcDJeGOjuWwPZBkYpTFfqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyelfEvXm5jjHd9hR5CWC++XxG1MB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOsNr+JE
9UR6Kn1jC3tnGCqqIkrvbGZWh/tF2dXXRW3jcJKOKYp9yg1mGcqQ26YrK5/chjD1
GcK4O6BcDaeQip8llW4MArlAx6dxbrUjaBs1zvzSEH+yOwSjOsFucIz1amOJ5uUi
3vp5JQ+wX8wSZSjipEiaju6bTzks/Wea8sI6a4h+oF5DWB+Jw7NAoH7F2zZ8J7+8
PsmuY1KtXq0UFYVvWN3edwr5FGulqZDd5fYuEX6TrcuayIjFO6kzjw3bH1GH6mIt
R36MC/7D52DQOhTRuvXnR8GiLxZc8rBsPeP/r70M/fNauDUPhTNLfiCdJKRfXY67
AAS9KpKz251zHw==
-----END CERTIFICATE-----