Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File:                     M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier:          08QiWYlqf4utypJxsxg0WaXeDAE8LJ+1dDiUdupgS7k=
Subject key identifier:   5C:EA:12:9E:A3:0C:6C:DF:FD:DA:0F:53:7B:4E:F8:AE:9D:B1:AE:92
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer:       /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial:       019923A015A592DC412AA9056B3131B65DF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number:          1257
Signing time:             Sun 07 Sep 2025 10:01:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:57 +0000
Files and hashes:         1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: i0BfFcN89Cp16jpE09NKFm6mlUqkRoRN2aLTHTyZSzk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:15:a5:92:dc:41:2a:a9:05:6b:31:31:b6:5d:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
        Validity
            Not Before: Sep  7 10:01:57 2025 GMT
            Not After : Sep  8 10:01:57 2025 GMT
        Subject: CN=5cea129ea30c6cdffdda0f537b4ef8ae9db1ae92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:fe:8c:f8:40:eb:7e:02:bf:38:02:a0:0b:e2:
                    e9:3a:ed:37:24:84:65:0c:59:56:58:15:a0:33:38:
                    57:ad:ad:f9:13:af:db:24:25:d4:dc:aa:55:79:58:
                    2f:51:50:35:36:4a:52:99:b8:77:8e:06:fc:28:bb:
                    22:d2:3b:ee:3b:2b:27:1e:50:e4:9b:60:1b:44:18:
                    10:02:c6:2a:8e:a7:a1:b2:6b:5f:ea:5f:19:3c:05:
                    0b:01:c7:e9:9a:32:d3:f5:d1:8e:3c:cb:22:2f:5e:
                    5d:58:5a:06:0d:49:95:08:cc:76:3e:2a:43:b7:9e:
                    7c:b1:d6:ce:57:55:a1:dc:30:50:27:d2:79:6a:1a:
                    51:a3:e7:39:82:fd:7c:08:f0:6b:a1:32:01:0a:7e:
                    70:a0:3e:82:ab:97:bf:d8:2f:be:ba:b1:01:cb:84:
                    94:eb:ef:b0:ed:0a:d3:d7:91:8d:76:92:68:00:f3:
                    5f:09:bd:9a:c2:c9:79:50:fe:c1:29:bf:45:fb:36:
                    52:8c:ad:84:7e:bb:8b:cd:14:0c:95:de:d6:c3:6e:
                    69:52:30:42:f7:2d:a3:f0:24:34:02:87:c1:1b:6c:
                    1b:2b:27:5b:6d:89:4e:d4:98:d9:0f:5e:a2:00:9a:
                    f1:b6:97:ec:de:28:22:be:a9:70:83:4f:41:6d:83:
                    ce:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:EA:12:9E:A3:0C:6C:DF:FD:DA:0F:53:7B:4E:F8:AE:9D:B1:AE:92
            X509v3 Authority Key Identifier:
                keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:44:81:fc:61:2a:13:c9:31:34:13:17:50:73:77:f6:11:05:
         7b:26:fb:5d:8c:63:93:8a:04:e3:24:4f:71:fc:be:6f:0b:62:
         1d:a9:d8:ff:ba:cc:95:5f:44:2f:6a:2a:8b:33:67:c7:8f:8c:
         b1:4f:9f:00:57:2c:87:7d:2f:e2:b8:21:71:9a:78:76:fb:b3:
         f4:a1:8b:d2:c0:10:b1:55:5c:5f:a6:ab:be:42:f8:e2:34:f8:
         09:9c:29:2b:8e:9f:76:5e:9e:b9:3b:5e:45:3e:5b:77:13:56:
         99:57:b1:bd:63:e9:11:bc:aa:4f:2e:f8:66:27:ba:7c:c3:78:
         5c:c1:e4:d8:5c:8c:56:2f:06:1f:0c:21:1e:7f:b7:f5:02:ca:
         ba:6a:13:39:96:10:dd:d3:f0:28:9f:3d:2e:85:d3:ab:62:0e:
         cf:77:a1:b6:d7:24:11:ec:92:6a:25:e0:1a:b8:ec:a5:e3:f1:
         05:89:38:f0:1e:80:87:29:74:78:97:f9:69:0b:77:ab:12:78:
         18:b2:97:24:3e:bf:a4:66:ef:fa:26:65:23:43:11:45:c4:d2:
         b4:71:4a:60:b4:2e:de:24:9f:18:eb:be:98:fd:e6:46:f1:0c:
         6c:62:13:15:41:2e:93:b7:5b:7e:07:74:21:97:4f:f1:8b:7f:
         9c:19:91:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoBWlktxBKqkFazExtl35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjUwOTA3MTAwMTU3WhcNMjUwOTA4MTAwMTU3WjAzMTEwLwYDVQQD
Eyg1Y2VhMTI5ZWEzMGM2Y2RmZmRkYTBmNTM3YjRlZjhhZTlkYjFhZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP6M+EDrfgK/OAKgC+LpOu03JIRl
DFlWWBWgMzhXra35E6/bJCXU3KpVeVgvUVA1NkpSmbh3jgb8KLsi0jvuOysnHlDk
m2AbRBgQAsYqjqehsmtf6l8ZPAULAcfpmjLT9dGOPMsiL15dWFoGDUmVCMx2PipD
t558sdbOV1Wh3DBQJ9J5ahpRo+c5gv18CPBroTIBCn5woD6Cq5e/2C++urEBy4SU
6++w7QrT15GNdpJoAPNfCb2awsl5UP7BKb9F+zZSjK2EfruLzRQMld7Ww25pUjBC
9y2j8CQ0AofBG2wbKydbbYlO1JjZD16iAJrxtpfs3igivqlwg09BbYPORwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzqEp6jDGzf/doPU3tO+K6dsa6SMB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATESB/GEq
E8kxNBMXUHN39hEFeyb7XYxjk4oE4yRPcfy+bwtiHanY/7rMlV9EL2oqizNnx4+M
sU+fAFcsh30v4rghcZp4dvuz9KGL0sAQsVVcX6arvkL44jT4CZwpK46fdl6euTte
RT5bdxNWmVexvWPpEbyqTy74Zie6fMN4XMHk2FyMVi8GHwwhHn+39QLKumoTOZYQ
3dPwKJ89LoXTq2IOz3ehttckEeySaiXgGrjspePxBYk48B6Ahyl0eJf5aQt3qxJ4
GLKXJD6/pGbv+iZlI0MRRcTStHFKYLQu3iSfGOu+mP3mRvEMbGITFUEuk7dbfgd0
IZdP8Yt/nBmRBw==
-----END CERTIFICATE-----