Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          ycKUKI5n52xjKzxAN/cmW/ERvgo13RbOSBZ3QLYTva4=
Subject key identifier:   A0:C3:9A:11:E5:01:09:20:1C:F1:66:10:FB:4C:CC:1D:1C:AD:58:5E
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       01984B5449A3B0DF4EEA2263998EF33927A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          0DA3
Signing time:             Sun 27 Jul 2025 10:01:11 +0000
Manifest this update:     Sun 27 Jul 2025 10:01:11 +0000
Manifest next update:     Mon 28 Jul 2025 10:01:11 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: zsNLUSHLNKTyXq81AqO51y+Nuoq1XClmwsaIR5ik1qM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:54:49:a3:b0:df:4e:ea:22:63:99:8e:f3:39:27:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: Jul 27 10:01:11 2025 GMT
            Not After : Jul 28 10:01:11 2025 GMT
        Subject: CN=a0c39a11e50109201cf16610fb4ccc1d1cad585e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:c0:9a:22:ef:49:a6:75:65:0a:4d:06:ed:20:
                    1d:97:fa:04:4a:2b:50:c2:52:ab:97:e2:9b:e4:13:
                    0e:60:d4:c8:3d:61:50:25:fa:58:f2:36:d4:9e:0d:
                    1a:89:84:cd:35:2c:7d:90:82:97:b6:9b:12:1d:99:
                    b5:5c:32:51:c9:32:57:31:8f:52:f6:ef:cf:a1:77:
                    d1:02:5f:cf:90:33:68:b9:7d:4d:b9:98:ee:4e:c6:
                    b4:2c:a7:29:48:42:63:06:c0:fd:07:97:52:39:18:
                    00:0e:a8:57:c5:a1:37:db:89:92:a2:19:f7:44:01:
                    19:a4:6c:ff:3f:2e:38:fa:5b:d2:04:f5:bd:28:a3:
                    be:ca:63:78:b6:3f:4a:19:de:fc:dd:5e:c8:9f:5b:
                    7f:a9:22:f9:5a:35:10:0e:4e:20:05:2a:57:78:47:
                    45:be:3f:62:4f:65:b9:ca:f2:a4:b9:0e:e1:15:7e:
                    a8:79:d1:ce:f7:5d:b1:a1:72:8a:e5:b0:eb:a0:a9:
                    68:39:ee:fa:bc:00:9c:77:24:b3:d8:89:f8:f8:4e:
                    8b:76:c7:a0:96:a6:a5:76:c4:9c:99:07:cf:ed:8e:
                    06:00:b0:70:aa:78:11:99:10:a1:9d:eb:e3:59:72:
                    96:0f:fe:44:d4:aa:5e:96:7c:fb:a8:54:16:17:6b:
                    e5:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:C3:9A:11:E5:01:09:20:1C:F1:66:10:FB:4C:CC:1D:1C:AD:58:5E
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:3e:bd:78:5c:c1:95:13:e6:97:8d:9c:0d:d6:00:bf:b5:c8:
         f0:ab:d1:f4:dc:32:46:75:20:7d:60:72:fc:7c:3c:8d:3d:30:
         d5:7c:ee:e4:a1:88:37:a1:2a:06:50:c0:7c:6a:87:a2:d0:11:
         a0:22:4d:8f:9c:a7:75:ad:da:21:18:32:59:a3:1c:18:61:bc:
         05:8c:85:3a:13:04:6c:af:d0:73:90:c0:09:49:a2:cb:b5:d4:
         e1:59:50:86:d6:65:fe:3d:08:bf:a3:29:cf:e8:51:d2:1a:e6:
         a4:ec:36:f4:40:1e:26:77:71:3c:c8:4c:23:85:bd:2a:4a:8c:
         7a:6f:6a:66:46:3e:27:35:4b:6c:7e:8c:4d:28:e3:a9:3e:fd:
         63:ca:ae:0b:58:c4:ed:5a:56:94:8c:0c:eb:a6:8d:f7:d2:53:
         a1:d7:95:70:90:74:0a:3a:2d:f2:e7:5f:c5:8e:3c:98:de:6b:
         6a:e4:5d:58:27:dc:f2:67:de:a6:f8:61:f8:da:31:5d:a4:76:
         f8:0d:95:51:65:16:79:ed:a8:7f:d3:f3:ea:a8:e3:53:76:d0:
         a8:3c:d2:73:40:e0:a4:19:17:b6:b8:28:fa:c2:14:b1:1e:1c:
         24:4a:1f:f3:ed:59:db:8f:18:20:da:3e:04:aa:ab:db:58:a0:
         f2:ec:e1:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVEmjsN9O6iJjmY7zOSepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjUwNzI3MTAwMTExWhcNMjUwNzI4MTAwMTExWjAzMTEwLwYDVQQD
EyhhMGMzOWExMWU1MDEwOTIwMWNmMTY2MTBmYjRjY2MxZDFjYWQ1ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cCaIu9JpnVlCk0G7SAdl/oESitQ
wlKrl+Kb5BMOYNTIPWFQJfpY8jbUng0aiYTNNSx9kIKXtpsSHZm1XDJRyTJXMY9S
9u/PoXfRAl/PkDNouX1NuZjuTsa0LKcpSEJjBsD9B5dSORgADqhXxaE324mSohn3
RAEZpGz/Py44+lvSBPW9KKO+ymN4tj9KGd783V7In1t/qSL5WjUQDk4gBSpXeEdF
vj9iT2W5yvKkuQ7hFX6oedHO912xoXKK5bDroKloOe76vACcdySz2In4+E6Ldseg
lqaldsScmQfP7Y4GALBwqngRmRChnevjWXKWD/5E1Kpelnz7qFQWF2vlOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDDmhHlAQkgHPFmEPtMzB0crVheMB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALD69eFzB
lRPml42cDdYAv7XI8KvR9NwyRnUgfWBy/Hw8jT0w1Xzu5KGIN6EqBlDAfGqHotAR
oCJNj5ynda3aIRgyWaMcGGG8BYyFOhMEbK/Qc5DACUmiy7XU4VlQhtZl/j0Iv6Mp
z+hR0hrmpOw29EAeJndxPMhMI4W9KkqMem9qZkY+JzVLbH6MTSjjqT79Y8quC1jE
7VpWlIwM66aN99JTodeVcJB0Cjot8udfxY48mN5rauRdWCfc8mfepvhh+NoxXaR2
+A2VUWUWee2of9Pz6qjjU3bQqDzSc0DgpBkXtrgo+sIUsR4cJEof8+1Z248YINo+
BKqr21ig8uzhDQ==
-----END CERTIFICATE-----