Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
File:                     j_QxWS3s8oXDMtMGJTHA589hAsA.mft (raw, json)
Hash identifier:          sHtgO12NQi6QkdPsfkQ6o0ey8Ujww6aHnMk2wo4kYR4=
Subject key identifier:   CF:CF:A3:42:2B:A9:A7:D1:0A:6A:99:9F:77:03:AF:08:35:10:13:99
Authority key identifier: 8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0
Certificate issuer:       /CN=8ff431592decf285c332d3062531c0e7cf6102c0
Certificate serial:       0197B7B33F923AE60E2F92D9D618B6AF3108
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 18:01:07 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:07 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:07 +0000
Files and hashes:         1: j_QxWS3s8oXDMtMGJTHA589hAsA.crl (hash: 3LCKh+xV21wmXANdFy4xoMjJFN8EJnajORgwlceCVXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:3f:92:3a:e6:0e:2f:92:d9:d6:18:b6:af:31:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ff431592decf285c332d3062531c0e7cf6102c0
        Validity
            Not Before: Jun 28 18:01:07 2025 GMT
            Not After : Jun 29 18:01:07 2025 GMT
        Subject: CN=cfcfa3422ba9a7d10a6a999f7703af0835101399
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:57:c3:ee:53:b6:d2:56:84:63:cd:9b:0d:9b:
                    b6:2f:f8:67:a1:da:77:b4:9c:f8:63:84:2f:59:5b:
                    7a:36:5e:dc:8b:26:92:63:a5:5e:bb:19:ee:f5:a5:
                    ec:b9:76:d8:cd:f0:73:94:4c:cb:fb:c7:ea:43:93:
                    a8:1a:b9:a5:9d:a3:77:08:44:7a:9d:58:d2:7f:dd:
                    02:5e:9d:40:e5:7f:e8:89:3a:73:38:e2:57:46:af:
                    39:c7:a7:85:21:e5:2b:7b:6e:4e:eb:5a:f6:40:d5:
                    69:d1:0b:cc:85:16:e5:01:c9:e5:7e:e0:03:d0:36:
                    fc:13:db:fc:5a:64:b9:69:95:61:9d:ba:dc:73:09:
                    f4:9b:ba:e8:65:aa:e8:d1:85:4e:79:a3:0e:7e:18:
                    1c:32:58:dc:25:7a:ac:71:eb:1a:a1:22:1d:6b:54:
                    ed:58:4a:ef:33:3f:ae:04:ac:89:61:5c:23:5e:aa:
                    6b:5a:da:1d:14:c7:b1:9f:a7:79:a6:db:47:ab:dd:
                    f7:51:f4:3e:f3:6c:21:7b:57:37:45:f4:f4:0e:8d:
                    51:48:78:b3:ad:17:f5:62:1b:67:3e:fd:16:57:55:
                    2f:b1:a2:9a:d7:25:50:23:77:b2:8a:ba:7d:e7:93:
                    3b:91:34:18:04:9a:14:e5:b7:4d:05:45:c1:43:a6:
                    88:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:CF:A3:42:2B:A9:A7:D1:0A:6A:99:9F:77:03:AF:08:35:10:13:99
            X509v3 Authority Key Identifier:
                keyid:8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:5b:46:c3:75:c6:39:b7:38:e0:49:5c:dc:20:9b:c7:50:a9:
         d8:d3:cc:26:5a:ae:10:34:e2:5c:21:0f:a3:c2:13:68:4e:18:
         93:6b:b8:69:9a:c7:aa:12:b8:ea:53:b5:5e:f1:81:4e:f3:34:
         5f:87:c2:5e:73:6a:d3:87:a8:7c:ba:ec:54:6f:b9:4c:6a:bf:
         72:ba:16:77:1b:da:06:c1:54:d5:64:90:04:c2:ff:c6:3e:92:
         5c:f7:22:9d:00:7c:25:68:bf:f6:1e:1f:de:0e:e3:32:d1:79:
         d5:59:80:7b:6c:02:1f:f8:b1:75:06:5a:5e:8b:e1:ca:a9:4d:
         b0:13:20:95:3a:32:93:b8:6f:0e:8e:d8:53:0a:96:c0:10:2c:
         54:08:50:5f:56:60:cc:2d:6d:88:d8:93:54:93:9f:18:8f:16:
         03:11:24:94:cc:23:ea:10:31:4e:a1:77:e9:13:5d:b4:80:83:
         b8:fc:4f:7c:3f:78:b8:39:cc:76:c7:77:26:c4:bc:60:12:65:
         28:d3:fa:ce:f4:01:07:2c:e6:09:1f:a6:c3:a1:56:a3:19:4a:
         9e:65:fb:d5:6d:ef:fe:0b:df:48:39:1c:1f:f9:c7:61:8e:18:
         63:68:c7:3a:68:29:5c:18:d0:48:12:b7:f8:37:33:ec:ff:60:
         dc:eb:1c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sz+SOuYOL5LZ1hi2rzEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZjQzMTU5MmRlY2YyODVjMzMyZDMwNjI1MzFjMGU3Y2Y2
MTAyYzAwHhcNMjUwNjI4MTgwMTA3WhcNMjUwNjI5MTgwMTA3WjAzMTEwLwYDVQQD
EyhjZmNmYTM0MjJiYTlhN2QxMGE2YTk5OWY3NzAzYWYwODM1MTAxMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1fD7lO20laEY82bDZu2L/hnodp3
tJz4Y4QvWVt6Nl7ciyaSY6Veuxnu9aXsuXbYzfBzlEzL+8fqQ5OoGrmlnaN3CER6
nVjSf90CXp1A5X/oiTpzOOJXRq85x6eFIeUre25O61r2QNVp0QvMhRblAcnlfuAD
0Db8E9v8WmS5aZVhnbrccwn0m7roZaro0YVOeaMOfhgcMljcJXqscesaoSIda1Tt
WErvMz+uBKyJYVwjXqprWtodFMexn6d5pttHq933UfQ+82whe1c3RfT0Do1RSHiz
rRf1YhtnPv0WV1UvsaKa1yVQI3eyirp955M7kTQYBJoU5bdNBUXBQ6aI8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/Po0IrqafRCmqZn3cDrwg1EBOZMB8GA1UdIwQY
MBaAFI/0MVkt7PKFwzLTBiUxwOfPYQLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjct
NDRiNzhlNzg4ZGViLzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjctNDRiNzhlNzg4ZGVi
LzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQltGw3XG
Obc44Elc3CCbx1Cp2NPMJlquEDTiXCEPo8ITaE4Yk2u4aZrHqhK46lO1XvGBTvM0
X4fCXnNq04eofLrsVG+5TGq/croWdxvaBsFU1WSQBML/xj6SXPcinQB8JWi/9h4f
3g7jMtF51VmAe2wCH/ixdQZaXovhyqlNsBMglToyk7hvDo7YUwqWwBAsVAhQX1Zg
zC1tiNiTVJOfGI8WAxEklMwj6hAxTqF36RNdtICDuPxPfD94uDnMdsd3JsS8YBJl
KNP6zvQBByzmCR+mw6FWoxlKnmX71W3v/gvfSDkcH/nHYY4YY2jHOmgpXBjQSBK3
+Dcz7P9g3Osc6g==
-----END CERTIFICATE-----