Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          YzSKhB9xEC73D7EiYSaROtB8wGa97u2eakLkLMpAOhI=
Subject key identifier:   78:9B:98:2F:62:E0:D5:99:E8:50:A3:57:32:AD:DE:38:7D:9D:4C:E8
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       01984589181DF8E95386572E0692B553FE96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0D11
Signing time:             Sat 26 Jul 2025 07:01:09 +0000
Manifest this update:     Sat 26 Jul 2025 07:01:09 +0000
Manifest next update:     Sun 27 Jul 2025 07:01:09 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: J3fY2MVajfRMq90Bp+Ly/zXf7EGg1IEA5XXakEUToAc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 02:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:45:89:18:1d:f8:e9:53:86:57:2e:06:92:b5:53:fe:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: Jul 26 07:01:09 2025 GMT
            Not After : Jul 27 07:01:09 2025 GMT
        Subject: CN=789b982f62e0d599e850a35732adde387d9d4ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e5:72:f8:2e:5d:92:43:63:e4:7b:88:53:81:
                    ff:16:2a:aa:e7:66:84:7a:97:9f:81:94:0b:7c:53:
                    d9:86:b6:84:a4:c9:f5:94:92:54:c0:b1:b7:e7:59:
                    45:6b:50:ff:c6:cc:21:8f:fa:1b:ae:29:6c:03:88:
                    c1:94:f6:17:b9:2d:c5:d3:c5:70:ef:86:57:fc:ab:
                    1b:94:62:1e:31:57:c9:e1:36:fb:39:bf:07:2b:26:
                    7d:2f:1a:b3:dd:c3:19:c8:b7:f4:bf:b9:3e:5d:c9:
                    ae:2a:37:6c:ea:28:b5:10:43:96:68:ce:dc:fa:8c:
                    16:47:bd:a4:c2:c4:fc:cc:7d:42:5b:f2:6f:26:a2:
                    88:6e:52:85:05:f4:0b:06:2c:5a:84:ca:64:3c:63:
                    b0:27:6b:5b:35:de:40:77:3e:36:f0:a0:b8:dd:94:
                    5a:c5:07:12:39:e3:c2:b3:4e:5d:ca:a3:9c:a4:36:
                    9b:2f:77:cb:af:78:07:8f:92:2c:35:65:7e:32:7c:
                    d1:ea:c7:2f:04:3b:30:47:98:f6:dc:7e:3c:f2:05:
                    c6:26:3f:df:65:12:01:5a:ea:63:62:2d:e1:ac:87:
                    e8:aa:84:78:0c:a4:c9:26:ad:20:b7:27:9b:c4:ab:
                    0f:1d:1b:1d:22:34:b2:2d:a3:e8:87:38:e5:53:a8:
                    9e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:9B:98:2F:62:E0:D5:99:E8:50:A3:57:32:AD:DE:38:7D:9D:4C:E8
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:de:1f:cf:73:fb:4b:e8:81:07:f9:e0:c4:9f:dc:7b:38:48:
         d7:ea:8d:87:46:02:51:81:5a:62:da:7a:c6:57:99:d8:48:e8:
         7e:57:30:e6:bd:9e:ea:39:33:d5:47:41:22:c8:e8:48:fd:5a:
         43:be:97:94:43:22:ef:9e:d0:35:e8:43:9d:3e:49:a2:6f:0d:
         8f:6d:8d:a3:47:6b:f3:23:1b:da:42:a2:75:86:62:52:75:63:
         9d:60:91:90:2c:13:67:b7:c9:0b:cf:69:57:55:79:9f:cd:7d:
         56:77:68:2a:0b:8b:07:f7:23:93:48:c9:74:d6:08:96:d8:01:
         22:2d:65:35:1e:00:8b:ee:05:da:64:09:7a:09:6d:6b:36:84:
         04:9e:ba:82:af:d8:6c:3a:e0:72:47:4f:11:51:7c:2d:08:20:
         88:6e:33:18:27:a3:a6:f1:94:6b:ae:09:88:10:50:b7:3e:3e:
         14:18:d0:0f:15:26:c2:8f:37:56:de:64:46:21:18:a2:80:5b:
         77:33:2a:41:38:33:59:8b:b8:40:d3:d9:e5:68:44:d7:f9:b8:
         62:47:c8:67:31:5a:fc:10:10:14:c7:13:50:61:a6:a3:58:51:
         0e:8d:20:e4:23:50:45:02:06:95:5f:7c:f7:fb:df:68:67:20:
         7e:ab:2a:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhFiRgd+OlThlcuBpK1U/6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjUwNzI2MDcwMTA5WhcNMjUwNzI3MDcwMTA5WjAzMTEwLwYDVQQD
Eyg3ODliOTgyZjYyZTBkNTk5ZTg1MGEzNTczMmFkZGUzODdkOWQ0Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OVy+C5dkkNj5HuIU4H/Fiqq52aE
epefgZQLfFPZhraEpMn1lJJUwLG351lFa1D/xswhj/obrilsA4jBlPYXuS3F08Vw
74ZX/KsblGIeMVfJ4Tb7Ob8HKyZ9Lxqz3cMZyLf0v7k+XcmuKjds6ii1EEOWaM7c
+owWR72kwsT8zH1CW/JvJqKIblKFBfQLBixahMpkPGOwJ2tbNd5Adz428KC43ZRa
xQcSOePCs05dyqOcpDabL3fLr3gHj5IsNWV+MnzR6scvBDswR5j23H488gXGJj/f
ZRIBWupjYi3hrIfoqoR4DKTJJq0gtyebxKsPHRsdIjSyLaPohzjlU6ienwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHibmC9i4NWZ6FCjVzKt3jh9nUzoMB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGd4fz3P7
S+iBB/ngxJ/cezhI1+qNh0YCUYFaYtp6xleZ2Ejoflcw5r2e6jkz1UdBIsjoSP1a
Q76XlEMi757QNehDnT5Jom8Nj22No0dr8yMb2kKidYZiUnVjnWCRkCwTZ7fJC89p
V1V5n819VndoKguLB/cjk0jJdNYIltgBIi1lNR4Ai+4F2mQJegltazaEBJ66gq/Y
bDrgckdPEVF8LQggiG4zGCejpvGUa64JiBBQtz4+FBjQDxUmwo83Vt5kRiEYooBb
dzMqQTgzWYu4QNPZ5WhE1/m4YkfIZzFa/BAQFMcTUGGmo1hRDo0g5CNQRQIGlV98
9/vfaGcgfqsqtw==
-----END CERTIFICATE-----