Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
File:                     fPxZzhNuPpOobeVfBdSaWeFcu78.mft (raw, json)
Hash identifier:          lixbt/bIyhqjISfqOV0YwNdCghex3mA98+CWtOsArRA=
Subject key identifier:   AE:4E:5F:D8:FB:A6:71:08:3B:73:14:27:C2:5F:49:09:36:3C:C1:69
Authority key identifier: 7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF
Certificate issuer:       /CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
Certificate serial:       0198526824572433399BEBEEAE399E1DC9C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
Manifest number:          09A2
Signing time:             Mon 28 Jul 2025 19:00:13 +0000
Manifest this update:     Mon 28 Jul 2025 19:00:13 +0000
Manifest next update:     Tue 29 Jul 2025 19:00:13 +0000
Files and hashes:         1: fPxZzhNuPpOobeVfBdSaWeFcu78.crl (hash: o5TljSjgEM5VZZWiCg54eQs9CLTU1PeQmpFCzS5lGIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 19:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:52:68:24:57:24:33:39:9b:eb:ee:ae:39:9e:1d:c9:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
        Validity
            Not Before: Jul 28 19:00:13 2025 GMT
            Not After : Jul 29 19:00:13 2025 GMT
        Subject: CN=ae4e5fd8fba671083b731427c25f4909363cc169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d0:96:d3:82:27:d4:d0:cc:39:2c:ab:3f:41:
                    3b:65:4a:e7:96:27:c3:a0:c4:6f:82:2f:bd:91:2e:
                    56:6c:09:3b:8e:62:6c:dd:a4:37:58:bb:0a:de:e1:
                    02:28:30:2c:93:1c:e7:60:fa:c3:fc:e1:b0:44:bb:
                    4f:c7:87:2c:e9:d8:64:5b:f6:a7:61:15:f0:1d:7f:
                    10:13:3b:1d:11:e6:b7:b6:5d:ff:85:28:9a:4a:26:
                    31:76:b2:fc:9d:70:ac:77:4b:96:85:6d:1e:e8:2f:
                    31:8e:51:13:38:e7:5a:ac:d8:6b:e3:04:de:b7:f1:
                    8a:c6:f1:4d:e3:a2:5e:7e:51:05:fd:33:2d:76:5b:
                    40:68:d6:c3:85:99:cc:23:5c:c2:8e:3e:38:2d:f2:
                    91:ae:03:ab:c5:51:ad:61:81:36:80:3f:9a:3e:8b:
                    d0:e1:97:c3:8e:1f:cc:4a:ba:f6:49:89:18:fe:3b:
                    68:21:f6:27:1d:53:cc:64:0b:fc:41:ee:cd:21:1f:
                    a2:24:35:71:4c:bf:27:09:f0:b6:54:c9:f0:3b:cf:
                    d8:5b:af:b7:82:3e:0b:6e:30:7d:5f:e7:c2:54:0c:
                    d2:03:6d:9e:9e:95:0a:22:de:fa:94:85:35:bb:80:
                    db:bc:8a:8a:4d:9b:a9:76:c0:aa:ef:3f:60:85:b3:
                    40:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4E:5F:D8:FB:A6:71:08:3B:73:14:27:C2:5F:49:09:36:3C:C1:69
            X509v3 Authority Key Identifier:
                keyid:7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:58:1a:ae:d9:61:2f:8a:8b:3f:fd:88:87:d6:65:9e:fe:29:
         b2:94:5c:50:d3:6a:ab:7f:24:03:cc:e9:fd:6a:26:74:29:d6:
         6e:61:d3:9b:73:77:33:09:5a:24:55:3a:ef:ee:67:c0:fc:8c:
         fa:db:5d:17:09:a5:61:6b:b5:d0:1a:ab:24:1e:7f:50:2a:4c:
         ee:44:09:d8:c7:c7:86:dd:27:42:c4:1e:1d:07:2e:b5:a3:3f:
         7b:70:73:73:85:6f:11:5e:44:7b:76:4f:66:d6:8a:73:ff:96:
         51:73:84:1a:0b:1e:2f:5a:22:d7:70:7e:7d:31:cd:a3:ee:7c:
         c0:ab:d0:2b:97:4c:9a:f7:2a:af:a1:11:67:e0:4a:48:06:e7:
         f8:00:eb:fd:8f:98:ac:a9:a1:31:fe:04:11:c1:c3:11:f6:72:
         40:09:f3:fb:17:71:8e:54:9f:6f:09:a5:16:41:a7:d0:57:8b:
         5f:0b:ed:81:2e:c1:77:25:55:3a:bf:e3:e5:08:06:9a:5d:9c:
         9e:03:21:f5:4b:6d:8b:aa:5f:73:ce:b8:9a:1b:b5:c6:9f:fe:
         2b:2e:bf:a1:f1:b6:c6:57:db:b0:6c:21:2f:c1:e2:01:2e:81:
         0e:64:0f:b5:66:0d:34:a0:4e:f1:9a:aa:10:2b:3b:fe:b9:3f:
         1e:c3:48:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSaCRXJDM5m+vurjmeHcnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZmM1OWNlMTM2ZTNlOTNhODZkZTU1ZjA1ZDQ5YTU5ZTE1
Y2JiYmYwHhcNMjUwNzI4MTkwMDEzWhcNMjUwNzI5MTkwMDEzWjAzMTEwLwYDVQQD
EyhhZTRlNWZkOGZiYTY3MTA4M2I3MzE0MjdjMjVmNDkwOTM2M2NjMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9CW04In1NDMOSyrP0E7ZUrnlifD
oMRvgi+9kS5WbAk7jmJs3aQ3WLsK3uECKDAskxznYPrD/OGwRLtPx4cs6dhkW/an
YRXwHX8QEzsdEea3tl3/hSiaSiYxdrL8nXCsd0uWhW0e6C8xjlETOOdarNhr4wTe
t/GKxvFN46JeflEF/TMtdltAaNbDhZnMI1zCjj44LfKRrgOrxVGtYYE2gD+aPovQ
4ZfDjh/MSrr2SYkY/jtoIfYnHVPMZAv8Qe7NIR+iJDVxTL8nCfC2VMnwO8/YW6+3
gj4LbjB9X+fCVAzSA22enpUKIt76lIU1u4DbvIqKTZupdsCq7z9ghbNAswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5OX9j7pnEIO3MUJ8JfSQk2PMFpMB8GA1UdIwQY
MBaAFHz8Wc4Tbj6TqG3lXwXUmlnhXLu/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2Mt
ODA4OTVmODhmNWQ1LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2MtODA4OTVmODhmNWQ1
LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFFgartlh
L4qLP/2Ih9Zlnv4pspRcUNNqq38kA8zp/WomdCnWbmHTm3N3MwlaJFU67+5nwPyM
+ttdFwmlYWu10BqrJB5/UCpM7kQJ2MfHht0nQsQeHQcutaM/e3Bzc4VvEV5Ee3ZP
ZtaKc/+WUXOEGgseL1oi13B+fTHNo+58wKvQK5dMmvcqr6ERZ+BKSAbn+ADr/Y+Y
rKmhMf4EEcHDEfZyQAnz+xdxjlSfbwmlFkGn0FeLXwvtgS7BdyVVOr/j5QgGml2c
ngMh9Utti6pfc864mhu1xp/+Ky6/ofG2xlfbsGwhL8HiAS6BDmQPtWYNNKBO8Zqq
ECs7/rk/HsNIdA==
-----END CERTIFICATE-----