Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          wg0ZQFV/IDCujyLZpVDI5dGVxpyG1PajzawUpzglhsI=
Subject key identifier:   5B:CA:31:FE:E9:12:B2:D8:67:10:48:D0:E1:9A:02:49:20:A1:3C:73
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       01984AAF071D80522B151E2565A8DB1FB59D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          1602
Signing time:             Sun 27 Jul 2025 07:00:41 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:41 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:41 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: P5zSrp6IkXiUiaxH2HwE2i+U7ztPqdJD1SlonBOpuh8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:af:07:1d:80:52:2b:15:1e:25:65:a8:db:1f:b5:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Jul 27 07:00:41 2025 GMT
            Not After : Jul 28 07:00:41 2025 GMT
        Subject: CN=5bca31fee912b2d8671048d0e19a024920a13c73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:04:af:5a:7f:ad:50:bf:ab:39:0c:31:01:a7:
                    07:45:15:6e:b9:72:69:72:e5:f7:a4:d2:fb:39:f8:
                    5c:89:07:65:75:1a:7d:51:e2:a7:55:d0:7a:47:cd:
                    d5:6f:16:3f:a1:62:27:61:94:3d:15:0e:67:cb:cb:
                    81:bb:25:88:7d:68:58:21:72:d9:e5:1d:53:02:9b:
                    2d:f6:b6:c4:6b:7d:cb:2e:70:28:2e:7e:0c:a4:c5:
                    d7:b2:42:2f:c6:81:f5:56:bb:be:32:65:f2:39:20:
                    c1:b0:67:c3:44:27:dc:1d:f1:86:48:d8:e1:96:88:
                    ad:cd:ca:46:7c:ea:e8:4a:16:29:c7:21:91:04:6d:
                    46:1b:f5:88:ea:2f:79:80:3d:df:25:50:b6:6f:be:
                    f6:cd:9c:05:a5:e3:91:0b:c2:77:39:54:9f:cd:ad:
                    8c:de:2b:da:a2:9d:3b:e5:39:41:22:a9:67:83:c1:
                    63:c8:a8:10:b6:61:03:20:54:ce:f3:1d:e3:21:27:
                    d0:ab:02:26:68:16:9b:3f:82:e5:9a:95:f5:11:c2:
                    d2:c2:f6:44:ed:7b:db:d5:79:53:6a:d0:4e:d5:b0:
                    69:67:75:0e:fe:41:c0:d3:59:34:25:5d:8f:7f:ba:
                    65:70:91:89:66:a2:fe:fe:62:77:18:32:96:d3:27:
                    dc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CA:31:FE:E9:12:B2:D8:67:10:48:D0:E1:9A:02:49:20:A1:3C:73
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:4b:e2:f6:05:ec:da:1f:1e:0f:d7:86:e3:24:83:84:77:f8:
         c9:c6:ee:dd:9a:8d:ae:4b:04:ee:48:a2:ff:8b:c7:c8:a4:c2:
         4f:4e:54:22:f5:69:59:2a:67:6e:75:ee:02:5f:9d:c7:67:6a:
         63:38:53:68:52:8a:65:7e:3f:f8:7a:77:6b:d9:f9:bd:1a:0b:
         3b:fc:1d:36:2a:0f:fc:97:6b:a1:15:5b:e1:8a:09:50:ee:12:
         82:89:6f:ba:86:14:b8:32:c7:6d:4d:60:a9:74:41:ef:1c:3e:
         f1:cf:4f:ce:6f:2e:83:a6:44:b4:6e:c1:6c:8a:75:15:d0:8b:
         03:5c:7b:11:4c:b9:be:66:2e:f0:e1:f2:4b:5d:fd:2b:ca:82:
         a1:5e:68:f3:ab:8f:07:65:cc:33:01:55:81:39:54:61:fc:b3:
         ed:ae:33:11:9f:7b:5c:48:cf:fd:3d:1d:38:c5:0f:70:b1:74:
         ee:4c:34:d3:73:69:e5:18:e4:f8:b2:d6:03:e0:2f:71:74:51:
         24:8e:3b:2a:10:3c:88:a7:64:45:36:92:16:25:a1:31:47:71:
         f2:ef:69:39:ee:ab:1c:7e:d3:36:94:76:af:3c:63:d1:21:c0:
         71:c3:9f:07:91:5a:bd:f0:46:9a:0b:52:68:62:8e:47:b8:da:
         a5:38:bc:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKrwcdgFIrFR4lZajbH7WdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjUwNzI3MDcwMDQxWhcNMjUwNzI4MDcwMDQxWjAzMTEwLwYDVQQD
Eyg1YmNhMzFmZWU5MTJiMmQ4NjcxMDQ4ZDBlMTlhMDI0OTIwYTEzYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ASvWn+tUL+rOQwxAacHRRVuuXJp
cuX3pNL7OfhciQdldRp9UeKnVdB6R83VbxY/oWInYZQ9FQ5ny8uBuyWIfWhYIXLZ
5R1TApst9rbEa33LLnAoLn4MpMXXskIvxoH1Vru+MmXyOSDBsGfDRCfcHfGGSNjh
loitzcpGfOroShYpxyGRBG1GG/WI6i95gD3fJVC2b772zZwFpeORC8J3OVSfza2M
3ivaop075TlBIqlng8FjyKgQtmEDIFTO8x3jISfQqwImaBabP4LlmpX1EcLSwvZE
7Xvb1XlTatBO1bBpZ3UO/kHA01k0JV2Pf7plcJGJZqL+/mJ3GDKW0yfcmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvKMf7pErLYZxBI0OGaAkkgoTxzMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEEvi9gXs
2h8eD9eG4ySDhHf4ycbu3ZqNrksE7kii/4vHyKTCT05UIvVpWSpnbnXuAl+dx2dq
YzhTaFKKZX4/+Hp3a9n5vRoLO/wdNioP/JdroRVb4YoJUO4SgolvuoYUuDLHbU1g
qXRB7xw+8c9Pzm8ug6ZEtG7BbIp1FdCLA1x7EUy5vmYu8OHyS139K8qCoV5o86uP
B2XMMwFVgTlUYfyz7a4zEZ97XEjP/T0dOMUPcLF07kw003Np5Rjk+LLWA+AvcXRR
JI47KhA8iKdkRTaSFiWhMUdx8u9pOe6rHH7TNpR2rzxj0SHAccOfB5FavfBGmgtS
aGKOR7japTi8CQ==
-----END CERTIFICATE-----