Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          sZXmNuucoZunKK1SVi5DxDupU4LnXvfBYgIJ2SrlYgM=
Subject key identifier:   D2:E9:91:20:A5:F8:B1:EB:EC:60:62:CA:6F:EE:73:49:CA:6F:86:85
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       019922FA9910BE6D2950CA60C943E121D2AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          0766
Signing time:             Sun 07 Sep 2025 07:01:12 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:12 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:12 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: PbX8lgFVxb3UcdsVUnnkPAq9P0IENdzmhwrmVaSbTZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:99:10:be:6d:29:50:ca:60:c9:43:e1:21:d2:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Sep  7 07:01:12 2025 GMT
            Not After : Sep  8 07:01:12 2025 GMT
        Subject: CN=d2e99120a5f8b1ebec6062ca6fee7349ca6f8685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:11:59:d5:e5:31:03:5a:30:5b:b8:92:c4:16:
                    27:83:9b:d4:0a:56:f9:a6:c1:2f:d9:18:a9:b1:e8:
                    f6:04:66:fb:31:bd:69:fb:28:ce:91:94:79:e6:3e:
                    9a:e6:88:e7:bc:6d:32:f7:bb:9f:86:79:78:44:c5:
                    98:d1:69:7a:70:4b:63:de:11:fd:c8:07:75:88:b5:
                    25:8c:04:6b:f2:bf:f3:37:90:8a:ef:01:0f:86:0a:
                    2c:c1:07:7c:89:fc:c6:f9:f9:9a:41:18:f3:35:02:
                    70:78:4c:b6:47:80:f2:1c:5a:87:a2:20:b2:2b:ac:
                    83:ab:10:de:73:ed:9b:75:6c:d2:b0:22:c3:99:da:
                    56:bc:1a:d2:04:82:32:1e:74:96:a4:ae:2f:b8:40:
                    b9:d2:ac:de:55:98:7d:06:12:6c:82:da:80:9a:ca:
                    aa:7b:99:35:20:3d:ff:24:85:80:ef:c3:1e:81:48:
                    e1:21:02:15:aa:2e:c5:d6:8e:96:2f:e2:9b:89:3f:
                    83:79:ce:28:eb:d8:86:d5:08:4f:ab:df:6a:0a:2b:
                    13:e5:34:01:57:f5:f7:65:9d:0b:80:01:dc:90:b6:
                    7f:65:3d:bc:e7:8e:f3:33:e2:91:d0:97:61:43:0e:
                    44:4f:52:65:b1:06:57:92:a5:69:b6:eb:37:20:ab:
                    43:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:E9:91:20:A5:F8:B1:EB:EC:60:62:CA:6F:EE:73:49:CA:6F:86:85
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:7a:7d:62:c7:9d:1b:a7:a6:8a:5b:30:d0:88:00:6a:41:47:
         9f:97:f1:30:14:c0:94:06:48:a8:0a:60:dc:de:2f:f5:92:2b:
         05:49:e4:ac:7c:72:fa:3e:8a:6e:f5:cf:30:b8:61:44:30:fd:
         eb:8f:29:59:97:44:01:24:5d:be:23:19:55:8a:76:0c:96:48:
         63:7f:8c:38:38:8a:12:8f:28:3b:20:e5:e2:16:5e:7c:a0:ce:
         d3:cd:51:2e:74:1d:41:a1:d7:c0:e1:62:fc:b0:10:c1:2f:a0:
         05:6f:8b:ca:58:54:81:ed:a7:49:8f:f8:d4:01:d0:f3:7a:7d:
         a1:ff:49:f0:0e:45:98:1c:b3:5d:d9:03:d7:57:56:53:c3:1e:
         26:4d:f2:d7:5f:57:b8:2d:9e:57:bd:3b:0f:c0:a2:c3:f3:c6:
         36:43:85:1d:94:08:fe:97:8d:23:04:0f:f0:d0:62:ce:36:d5:
         9b:3c:79:eb:dc:b3:ae:bf:bc:87:da:f6:82:c4:fd:7b:dd:b1:
         ff:2d:94:40:ca:96:0a:5d:40:c5:51:8e:fc:c4:c7:24:d7:75:
         7f:d4:41:8a:8b:83:75:d2:2a:e2:ca:dd:03:98:54:ef:e2:41:
         c5:b0:df:9e:12:32:64:5a:fa:29:f9:0b:41:ea:d8:fe:f0:98:
         c0:09:48:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+pkQvm0pUMpgyUPhIdKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwOTA3MDcwMTEyWhcNMjUwOTA4MDcwMTEyWjAzMTEwLwYDVQQD
EyhkMmU5OTEyMGE1ZjhiMWViZWM2MDYyY2E2ZmVlNzM0OWNhNmY4Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBFZ1eUxA1owW7iSxBYng5vUClb5
psEv2Ripsej2BGb7Mb1p+yjOkZR55j6a5ojnvG0y97ufhnl4RMWY0Wl6cEtj3hH9
yAd1iLUljARr8r/zN5CK7wEPhgoswQd8ifzG+fmaQRjzNQJweEy2R4DyHFqHoiCy
K6yDqxDec+2bdWzSsCLDmdpWvBrSBIIyHnSWpK4vuEC50qzeVZh9BhJsgtqAmsqq
e5k1ID3/JIWA78MegUjhIQIVqi7F1o6WL+KbiT+Dec4o69iG1QhPq99qCisT5TQB
V/X3ZZ0LgAHckLZ/ZT28547zM+KR0JdhQw5ET1JlsQZXkqVptus3IKtDPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLpkSCl+LHr7GBiym/uc0nKb4aFMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3p9Ysed
G6emilsw0IgAakFHn5fxMBTAlAZIqApg3N4v9ZIrBUnkrHxy+j6KbvXPMLhhRDD9
648pWZdEASRdviMZVYp2DJZIY3+MODiKEo8oOyDl4hZefKDO081RLnQdQaHXwOFi
/LAQwS+gBW+LylhUge2nSY/41AHQ83p9of9J8A5FmByzXdkD11dWU8MeJk3y119X
uC2eV707D8Ciw/PGNkOFHZQI/peNIwQP8NBizjbVmzx569yzrr+8h9r2gsT9e92x
/y2UQMqWCl1AxVGO/MTHJNd1f9RBiouDddIq4srdA5hU7+JBxbDfnhIyZFr6KfkL
QerY/vCYwAlIEw==
-----END CERTIFICATE-----