Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          Gbj7GKxNyVyhMma9HZMPFd2eVOQhz/b2ecZFjfx9lSE=
Subject key identifier:   23:C2:33:DD:77:36:D0:AA:65:D0:B1:1C:88:EC:B6:1F:14:8E:31:3A
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       0198D65F054F17BD3623F769CBECAE6A101E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          0858
Signing time:             Sat 23 Aug 2025 10:00:07 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:07 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:07 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: RFic61KhWaeiemF3x6T/YXzxkA09tChWC/5x1johesI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:05:4f:17:bd:36:23:f7:69:cb:ec:ae:6a:10:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Aug 23 10:00:07 2025 GMT
            Not After : Aug 24 10:00:07 2025 GMT
        Subject: CN=23c233dd7736d0aa65d0b11c88ecb61f148e313a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cc:c7:8c:77:d0:4b:6a:cf:9e:52:49:84:39:
                    9b:36:bc:3d:81:af:e2:dc:0b:e0:38:2a:de:e6:a0:
                    f1:d5:b0:25:25:7b:c9:a3:e9:e0:d9:e2:34:fd:2e:
                    a1:52:94:f2:09:40:b6:33:3f:f6:ab:e9:3a:28:86:
                    d7:f6:26:cb:f5:4a:80:57:f6:a8:06:89:f3:e8:26:
                    f5:24:d5:64:b2:18:d9:69:30:1a:5c:3a:25:43:79:
                    ae:27:8d:da:60:77:e7:e2:42:56:d6:0d:03:88:f1:
                    36:0a:65:36:31:df:57:3c:d3:13:48:27:d1:02:e0:
                    f9:de:be:fa:80:b1:f0:3c:93:b6:b7:a7:9a:f4:47:
                    8f:60:b9:a4:5b:17:13:84:cc:24:86:4b:cc:56:fe:
                    80:3f:28:3f:49:a7:69:30:f2:0e:48:52:ac:27:f6:
                    db:26:ad:d3:80:5e:8f:f1:3d:af:2d:b7:1b:ca:fa:
                    be:5a:2e:88:19:31:f3:d2:f4:90:29:37:24:15:1a:
                    1e:ad:60:f6:f9:f2:3d:57:5d:43:ba:52:1f:df:b8:
                    ed:29:b5:4f:32:ec:27:54:66:07:07:8b:5c:1b:1e:
                    69:47:53:28:81:44:7e:d8:ac:40:61:25:a2:db:15:
                    a2:64:21:cd:58:0c:fc:d8:79:18:ec:34:9e:3a:ad:
                    f9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C2:33:DD:77:36:D0:AA:65:D0:B1:1C:88:EC:B6:1F:14:8E:31:3A
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:8a:9e:58:c8:2a:c4:e8:37:41:41:5a:06:55:e7:eb:81:93:
         cc:81:43:15:3f:f2:7b:ed:b8:0b:f9:f6:24:5c:8d:59:14:91:
         60:6c:70:8c:7a:3c:50:fd:74:e1:bb:55:83:e3:07:8e:e9:ab:
         03:e3:cd:f3:2d:b3:2a:fe:7e:21:61:a7:84:d9:e3:86:e6:94:
         66:72:b0:34:78:7f:99:03:d0:6f:ef:63:55:39:ee:63:8c:ad:
         f9:74:71:ae:38:44:bb:07:c5:22:bd:49:64:20:72:ac:a1:cc:
         71:43:66:1e:04:39:b7:06:6e:1e:a6:14:5c:0e:68:d1:0c:c7:
         c3:c6:61:3c:22:da:c9:5e:e1:de:76:ee:12:2c:23:8b:43:4b:
         0b:74:3a:68:d5:f2:18:c0:d7:cb:ce:23:93:9b:fd:63:da:f3:
         d1:e8:60:c5:79:51:5d:49:a5:36:05:96:cd:2b:eb:81:c9:d1:
         39:50:d1:4f:7a:56:9d:9c:f5:4b:32:14:35:bd:7d:75:d7:5a:
         82:b1:e0:57:9c:d5:d5:91:a5:33:ac:68:99:d0:44:0c:c7:c9:
         8f:50:32:f7:45:a2:11:a9:fc:8e:ef:b0:e2:7d:5b:c2:41:df:
         fe:1d:17:37:2d:fa:5c:07:14:61:be:76:25:e1:51:1e:9b:20:
         7d:a5:05:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXwVPF702I/dpy+yuahAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjUwODIzMTAwMDA3WhcNMjUwODI0MTAwMDA3WjAzMTEwLwYDVQQD
EygyM2MyMzNkZDc3MzZkMGFhNjVkMGIxMWM4OGVjYjYxZjE0OGUzMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMzHjHfQS2rPnlJJhDmbNrw9ga/i
3AvgOCre5qDx1bAlJXvJo+ng2eI0/S6hUpTyCUC2Mz/2q+k6KIbX9ibL9UqAV/ao
Bonz6Cb1JNVkshjZaTAaXDolQ3muJ43aYHfn4kJW1g0DiPE2CmU2Md9XPNMTSCfR
AuD53r76gLHwPJO2t6ea9EePYLmkWxcThMwkhkvMVv6APyg/SadpMPIOSFKsJ/bb
Jq3TgF6P8T2vLbcbyvq+Wi6IGTHz0vSQKTckFRoerWD2+fI9V11DulIf37jtKbVP
MuwnVGYHB4tcGx5pR1MogUR+2KxAYSWi2xWiZCHNWAz82HkY7DSeOq35mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPCM913NtCqZdCxHIjsth8UjjE6MB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQYqeWMgq
xOg3QUFaBlXn64GTzIFDFT/ye+24C/n2JFyNWRSRYGxwjHo8UP104btVg+MHjumr
A+PN8y2zKv5+IWGnhNnjhuaUZnKwNHh/mQPQb+9jVTnuY4yt+XRxrjhEuwfFIr1J
ZCByrKHMcUNmHgQ5twZuHqYUXA5o0QzHw8ZhPCLayV7h3nbuEiwji0NLC3Q6aNXy
GMDXy84jk5v9Y9rz0ehgxXlRXUmlNgWWzSvrgcnROVDRT3pWnZz1SzIUNb19ddda
grHgV5zV1ZGlM6xomdBEDMfJj1Ay90WiEan8ju+w4n1bwkHf/h0XNy36XAcUYb52
JeFRHpsgfaUFWw==
-----END CERTIFICATE-----