Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          8QG2mUlNhs0NInqG15pVnKzOvn3dMuJW2KZcdichKvk=
Subject key identifier:   6D:B4:3E:D7:A0:E4:28:D9:07:2E:3C:1A:DF:83:EC:6B:08:7A:A4:4C
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       0198D6CD9DA4A104C01355C1E9CCEEB9E892
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0B2F
Signing time:             Sat 23 Aug 2025 12:00:56 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:56 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:56 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: xSN0Dc5be8+wqgBKDxGUUAaryGvrF4gy8BZEbpbJ+Ic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:9d:a4:a1:04:c0:13:55:c1:e9:cc:ee:b9:e8:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Aug 23 12:00:56 2025 GMT
            Not After : Aug 24 12:00:56 2025 GMT
        Subject: CN=6db43ed7a0e428d9072e3c1adf83ec6b087aa44c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:26:f8:50:ea:d1:a5:ff:48:b5:5a:39:17:2b:
                    40:9e:6a:8d:4e:87:3e:f0:8c:69:73:bb:05:b8:95:
                    ed:cf:39:f1:a7:cc:0a:6a:92:28:dd:49:92:fd:72:
                    da:88:40:bf:64:00:f8:4a:37:0b:e4:e4:dc:bd:c2:
                    a6:5f:a1:ee:36:a7:27:ba:6e:5b:82:1b:b3:0b:77:
                    26:70:7e:c7:68:e6:6e:da:73:b5:29:22:b3:f6:80:
                    1a:54:9d:08:b2:60:1c:b8:73:6b:47:77:48:d5:31:
                    d8:b6:c7:64:f8:9d:3b:37:bd:93:b5:29:28:c8:97:
                    0e:ac:c3:73:96:cb:36:6a:6c:c8:10:86:41:a3:7d:
                    36:30:27:ca:be:15:fc:05:ca:96:3e:51:a9:5a:8d:
                    6b:6b:86:f7:54:43:3a:5a:9c:24:78:8a:30:c9:f7:
                    1d:5f:07:b8:b2:e0:4a:27:f7:8e:4f:81:a4:7e:93:
                    85:37:93:5c:c5:95:c1:95:13:5b:9f:54:75:66:6a:
                    4a:25:29:52:de:96:b3:6a:ac:36:9b:d6:f8:27:ef:
                    b8:14:ad:09:a1:11:a3:31:be:97:89:61:7b:45:c1:
                    b9:3c:6f:2e:6f:8e:38:69:1d:6f:bf:79:cd:c2:01:
                    8a:4d:38:f8:86:1c:9d:2b:6d:32:82:1f:1c:c4:19:
                    82:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:B4:3E:D7:A0:E4:28:D9:07:2E:3C:1A:DF:83:EC:6B:08:7A:A4:4C
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:77:5b:10:bb:18:47:3f:3d:02:b8:70:93:81:76:79:8e:8b:
         c7:9e:82:27:63:eb:e2:f1:9d:d4:f6:f4:7b:5d:eb:8a:35:f9:
         da:72:4e:0e:b1:eb:d1:ab:64:b1:2d:8d:87:dd:f1:12:1b:29:
         66:c3:8b:be:90:08:f1:eb:ad:2a:8d:6e:3a:16:ec:8f:56:4a:
         e4:ec:67:cc:bb:34:c4:c2:1b:74:b4:f9:9f:0b:74:2d:9d:ed:
         74:37:66:2e:dd:b8:c6:58:bb:9b:0c:71:70:88:49:44:a9:19:
         9e:73:b5:68:a5:b3:da:8d:ba:7d:03:4f:d8:0d:41:25:66:bc:
         fe:dd:21:1b:49:0b:25:3a:b2:6e:f1:81:6c:8f:ee:7f:e5:c8:
         ce:db:e0:39:06:d6:d6:dc:d5:08:37:ab:db:b8:10:43:4a:8f:
         31:b6:01:b5:74:9b:4e:cf:c1:fd:fa:a4:d0:b1:45:f8:a5:d5:
         2c:34:38:82:9c:97:de:36:76:ca:c2:30:0b:af:3b:cc:28:11:
         2e:0b:f5:bb:56:ce:98:1e:7d:14:40:b0:e4:ac:b7:08:bf:b1:
         62:75:31:fe:bd:bf:dd:17:d8:16:da:e9:9d:8a:86:10:1f:12:
         1a:c8:8f:92:1b:88:b8:68:61:89:12:85:50:d1:91:f9:c3:b6:
         45:2f:89:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZ2koQTAE1XB6czuueiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUwODIzMTIwMDU2WhcNMjUwODI0MTIwMDU2WjAzMTEwLwYDVQQD
Eyg2ZGI0M2VkN2EwZTQyOGQ5MDcyZTNjMWFkZjgzZWM2YjA4N2FhNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCb4UOrRpf9ItVo5FytAnmqNToc+
8Ixpc7sFuJXtzznxp8wKapIo3UmS/XLaiEC/ZAD4SjcL5OTcvcKmX6HuNqcnum5b
ghuzC3cmcH7HaOZu2nO1KSKz9oAaVJ0IsmAcuHNrR3dI1THYtsdk+J07N72TtSko
yJcOrMNzlss2amzIEIZBo302MCfKvhX8BcqWPlGpWo1ra4b3VEM6WpwkeIowyfcd
Xwe4suBKJ/eOT4GkfpOFN5NcxZXBlRNbn1R1ZmpKJSlS3pazaqw2m9b4J++4FK0J
oRGjMb6XiWF7RcG5PG8ub444aR1vv3nNwgGKTTj4hhydK20ygh8cxBmCBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG20Pteg5CjZBy48Gt+D7GsIeqRMMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXdbELsY
Rz89Arhwk4F2eY6Lx56CJ2Pr4vGd1Pb0e13rijX52nJODrHr0atksS2Nh93xEhsp
ZsOLvpAI8eutKo1uOhbsj1ZK5OxnzLs0xMIbdLT5nwt0LZ3tdDdmLt24xli7mwxx
cIhJRKkZnnO1aKWz2o26fQNP2A1BJWa8/t0hG0kLJTqybvGBbI/uf+XIztvgOQbW
1tzVCDer27gQQ0qPMbYBtXSbTs/B/fqk0LFF+KXVLDQ4gpyX3jZ2ysIwC687zCgR
Lgv1u1bOmB59FECw5Ky3CL+xYnUx/r2/3RfYFtrpnYqGEB8SGsiPkhuIuGhhiRKF
UNGR+cO2RS+JTA==
-----END CERTIFICATE-----