Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
File:                     fKnhWNylWE83ofg0myiaaBLbkko.mft (raw, json)
Hash identifier:          droYGF7ubc3tFFJGrCp+f0xR08kS9gfWcDgvOi1swDs=
Subject key identifier:   89:A6:15:52:8B:D9:71:99:C7:59:9B:E4:70:67:A9:48:31:B7:1C:98
Authority key identifier: 7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A
Certificate issuer:       /CN=7ca9e158dca5584f37a1f8349b289a6812db924a
Certificate serial:       0197B7EA332CD5364BCF03EEF562A0B62071
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
Manifest number:          081F
Signing time:             Sat 28 Jun 2025 19:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:08 +0000
Files and hashes:         1: fKnhWNylWE83ofg0myiaaBLbkko.crl (hash: HNDxOPLt2lWwtaj1nmJXEYMz0CiFJpRdOzQJDvUYw50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:33:2c:d5:36:4b:cf:03:ee:f5:62:a0:b6:20:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ca9e158dca5584f37a1f8349b289a6812db924a
        Validity
            Not Before: Jun 28 19:01:08 2025 GMT
            Not After : Jun 29 19:01:08 2025 GMT
        Subject: CN=89a615528bd97199c7599be47067a94831b71c98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fa:33:26:78:00:46:99:7d:41:67:43:5f:61:
                    f2:52:52:66:f5:ea:22:98:bd:b5:03:07:cf:29:be:
                    fc:2d:4a:68:f7:33:28:c9:c4:9f:1e:f8:5b:e8:cf:
                    c3:84:91:f8:2b:78:68:d9:d0:52:aa:79:50:7b:c1:
                    26:96:a5:fe:e9:60:a0:60:1a:cc:4b:64:2c:76:56:
                    82:d0:de:5e:7f:ea:42:78:cc:41:a6:16:34:ce:27:
                    f7:3f:42:b7:07:b8:9c:60:f0:e8:92:c9:e0:1a:07:
                    b8:3d:60:6e:29:d6:44:a7:12:b9:2e:f5:9a:9e:5f:
                    67:9b:5c:30:42:18:3c:9f:24:a2:f1:12:3f:a2:6c:
                    58:2e:d1:81:d1:93:04:ec:4a:e3:44:0f:ce:97:47:
                    af:d4:96:de:17:6c:ae:14:49:70:94:85:8f:05:cf:
                    ee:4b:6f:6f:9a:c8:9a:06:4e:2d:10:f0:d6:18:f7:
                    6a:d8:ce:44:fb:60:7d:69:48:3d:96:32:5c:7c:77:
                    5f:ff:e0:f0:ad:c1:06:e7:c3:39:d4:16:a5:cb:0a:
                    b2:f8:2d:5e:b8:c9:68:14:38:17:31:c7:ea:e4:58:
                    51:d0:09:13:9d:59:39:9c:cf:3d:0c:84:41:22:1c:
                    0e:1b:aa:eb:54:0d:16:09:7c:b2:81:0a:5b:7e:a0:
                    5c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:A6:15:52:8B:D9:71:99:C7:59:9B:E4:70:67:A9:48:31:B7:1C:98
            X509v3 Authority Key Identifier:
                keyid:7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:ee:78:94:87:77:b9:e0:2c:c1:00:2c:65:a2:77:3f:87:c4:
         64:8f:c1:67:62:a5:79:e3:47:c3:79:fd:cb:a4:8e:0d:57:12:
         88:5b:b8:9f:3c:29:51:cd:43:70:2e:01:8f:4f:8b:c2:93:75:
         3a:9a:18:30:d4:de:6c:ad:d5:8b:10:24:74:a9:03:20:89:38:
         a0:ff:8a:5d:cd:91:54:fd:43:f8:61:61:8b:ba:fa:93:51:46:
         ba:e4:1b:ec:cf:3b:2a:72:2a:da:11:5f:82:52:ff:d7:98:78:
         75:d6:6a:eb:5d:d5:17:58:d5:af:0f:fe:11:ea:81:65:8c:0e:
         cc:91:3c:37:22:e0:ee:06:a1:cf:4c:46:28:fe:f8:96:3c:07:
         25:ff:e3:7b:ba:ee:4a:75:fa:30:b9:cc:20:34:2b:85:73:de:
         e4:5a:86:44:c2:b2:d2:9d:4d:4b:1a:4a:90:e3:b2:5c:c3:12:
         56:e8:6a:6a:b6:66:f0:8f:ae:d8:b3:b8:60:a2:c2:78:86:80:
         34:d1:60:28:52:a9:63:6e:93:9b:50:02:be:24:7d:a2:dc:3c:
         58:b7:ce:e8:4b:8d:2b:cd:f9:fa:4e:1e:fb:a1:64:68:1a:8f:
         a0:1f:6d:9c:3a:78:bf:21:e8:75:3a:e0:90:8a:88:ba:38:9a:
         0d:ee:d1:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36jMs1TZLzwPu9WKgtiBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTllMTU4ZGNhNTU4NGYzN2ExZjgzNDliMjg5YTY4MTJk
YjkyNGEwHhcNMjUwNjI4MTkwMTA4WhcNMjUwNjI5MTkwMTA4WjAzMTEwLwYDVQQD
Eyg4OWE2MTU1MjhiZDk3MTk5Yzc1OTliZTQ3MDY3YTk0ODMxYjcxYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvozJngARpl9QWdDX2HyUlJm9eoi
mL21AwfPKb78LUpo9zMoycSfHvhb6M/DhJH4K3ho2dBSqnlQe8EmlqX+6WCgYBrM
S2QsdlaC0N5ef+pCeMxBphY0zif3P0K3B7icYPDoksngGge4PWBuKdZEpxK5LvWa
nl9nm1wwQhg8nySi8RI/omxYLtGB0ZME7ErjRA/Ol0ev1JbeF2yuFElwlIWPBc/u
S29vmsiaBk4tEPDWGPdq2M5E+2B9aUg9ljJcfHdf/+DwrcEG58M51Balywqy+C1e
uMloFDgXMcfq5FhR0AkTnVk5nM89DIRBIhwOG6rrVA0WCXyygQpbfqBcawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImmFVKL2XGZx1mb5HBnqUgxtxyYMB8GA1UdIwQY
MBaAFHyp4VjcpVhPN6H4NJsommgS25JKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQt
NzhhNzdmN2ExMzQyLzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQtNzhhNzdmN2ExMzQy
LzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXu54lId3
ueAswQAsZaJ3P4fEZI/BZ2KleeNHw3n9y6SODVcSiFu4nzwpUc1DcC4Bj0+LwpN1
OpoYMNTebK3VixAkdKkDIIk4oP+KXc2RVP1D+GFhi7r6k1FGuuQb7M87KnIq2hFf
glL/15h4ddZq613VF1jVrw/+EeqBZYwOzJE8NyLg7gahz0xGKP74ljwHJf/je7ru
SnX6MLnMIDQrhXPe5FqGRMKy0p1NSxpKkOOyXMMSVuhqarZm8I+u2LO4YKLCeIaA
NNFgKFKpY26Tm1ACviR9otw8WLfO6EuNK835+k4e+6FkaBqPoB9tnDp4vyHodTrg
kIqIujiaDe7RoA==
-----END CERTIFICATE-----