Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          Etx5cpZPx4itTyX79/T5cqyWS/oToVqYivaunnCOhEs=
Subject key identifier:   BB:23:A7:0B:25:A4:56:FA:6D:25:12:7D:27:4E:76:63:CB:36:BE:3D
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       01992255C7836D13469BF293CAEAE9AEC0AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0DA9
Signing time:             Sun 07 Sep 2025 04:01:10 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:10 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:10 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: CEmHxU5xx1I+ZkwB/ilXskwFiDQ8AXyKplj5Cnv0Gcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:c7:83:6d:13:46:9b:f2:93:ca:ea:e9:ae:c0:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Sep  7 04:01:10 2025 GMT
            Not After : Sep  8 04:01:10 2025 GMT
        Subject: CN=bb23a70b25a456fa6d25127d274e7663cb36be3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:00:39:82:d5:72:b8:ef:15:30:6a:fe:74:91:
                    46:3f:41:0f:18:b9:e6:1a:93:09:10:3c:da:a4:92:
                    59:68:fa:d2:8d:0b:06:28:2a:7d:e1:ff:7d:bd:d8:
                    03:76:1a:59:d8:8f:6d:ad:a4:a3:ff:02:b3:1f:d2:
                    12:e2:50:23:db:7f:4b:0c:1a:77:95:a0:36:f4:28:
                    63:bd:16:2f:29:21:fc:88:c4:b7:25:62:f1:9d:4d:
                    3e:27:1d:96:1a:b1:3f:b2:72:c4:6c:8d:c3:c2:34:
                    1c:58:5b:a1:92:43:d2:ac:7a:85:1e:5b:31:da:d0:
                    20:35:fd:f3:18:94:e4:c9:17:ee:f3:c2:1e:29:50:
                    44:68:f9:60:4c:b1:51:41:d5:57:e1:ce:db:58:7d:
                    89:69:4b:16:07:aa:99:cf:37:bb:af:e2:70:8d:a9:
                    e3:cd:a7:7d:e5:9b:3b:36:4a:31:b2:85:3f:61:68:
                    75:ac:00:64:6f:6d:db:13:d5:96:ac:54:fa:16:d8:
                    65:e3:a3:4b:2b:d5:9e:1e:1a:db:55:3e:b6:7d:35:
                    9b:4e:c2:90:86:a4:93:ea:4f:d9:93:e5:cf:a4:13:
                    06:a1:ff:2e:36:ff:40:c5:7f:6c:5d:f4:85:b6:42:
                    38:3f:5b:cf:92:d6:75:a8:2d:76:c3:81:3d:5e:08:
                    d0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:23:A7:0B:25:A4:56:FA:6D:25:12:7D:27:4E:76:63:CB:36:BE:3D
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:d4:bf:14:b4:e2:4e:a8:5b:2f:1a:d1:65:01:71:20:1a:db:
         f8:b4:6e:2c:c6:90:f5:49:a5:ad:c7:ab:0e:37:46:08:14:ae:
         71:84:d1:df:f2:40:13:cd:b9:43:01:aa:87:66:2f:05:f8:3c:
         7b:a1:cd:b9:d3:cb:51:77:42:54:65:d8:50:ad:7c:3a:6a:15:
         4e:ee:ab:95:c2:55:fc:d4:50:cc:d3:a9:b2:a5:26:eb:d6:a6:
         db:59:5a:d0:4c:d2:13:dd:72:24:fb:cf:de:65:1f:18:21:45:
         68:35:fe:a1:27:59:5d:e9:c3:d6:79:66:57:5f:f9:05:1b:4c:
         ee:08:50:7c:8f:79:f0:21:1a:9f:6e:db:0d:31:9f:79:f9:d4:
         4b:ad:d4:08:e9:4b:94:59:13:ff:5f:25:f0:59:03:11:24:2b:
         64:8c:2e:a7:11:5f:52:cf:68:c7:8d:34:2d:07:1d:de:bf:8a:
         91:a1:39:66:a9:fd:af:13:b4:6b:7b:18:38:1d:bb:b5:ac:94:
         90:fb:69:7b:98:6f:93:4e:2f:63:0a:83:30:37:4c:48:a1:2e:
         ff:bc:05:15:81:5c:e6:93:cd:87:4d:bf:15:35:0e:da:4f:1f:
         c4:05:0b:b2:3c:4a:23:99:35:bf:09:59:b9:32:e3:c0:91:ef:
         92:46:59:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVceDbRNGm/KTyurprsCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjUwOTA3MDQwMTEwWhcNMjUwOTA4MDQwMTEwWjAzMTEwLwYDVQQD
EyhiYjIzYTcwYjI1YTQ1NmZhNmQyNTEyN2QyNzRlNzY2M2NiMzZiZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQA5gtVyuO8VMGr+dJFGP0EPGLnm
GpMJEDzapJJZaPrSjQsGKCp94f99vdgDdhpZ2I9traSj/wKzH9IS4lAj239LDBp3
laA29ChjvRYvKSH8iMS3JWLxnU0+Jx2WGrE/snLEbI3DwjQcWFuhkkPSrHqFHlsx
2tAgNf3zGJTkyRfu88IeKVBEaPlgTLFRQdVX4c7bWH2JaUsWB6qZzze7r+Jwjanj
zad95Zs7NkoxsoU/YWh1rABkb23bE9WWrFT6Fthl46NLK9WeHhrbVT62fTWbTsKQ
hqST6k/Zk+XPpBMGof8uNv9AxX9sXfSFtkI4P1vPktZ1qC12w4E9XgjQfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsjpwslpFb6bSUSfSdOdmPLNr49MB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9S/FLTi
TqhbLxrRZQFxIBrb+LRuLMaQ9UmlrcerDjdGCBSucYTR3/JAE825QwGqh2YvBfg8
e6HNudPLUXdCVGXYUK18OmoVTu6rlcJV/NRQzNOpsqUm69am21la0EzSE91yJPvP
3mUfGCFFaDX+oSdZXenD1nlmV1/5BRtM7ghQfI958CEan27bDTGfefnUS63UCOlL
lFkT/18l8FkDESQrZIwupxFfUs9ox400LQcd3r+KkaE5Zqn9rxO0a3sYOB27tayU
kPtpe5hvk04vYwqDMDdMSKEu/7wFFYFc5pPNh02/FTUO2k8fxAULsjxKI5k1vwlZ
uTLjwJHvkkZZeg==
-----END CERTIFICATE-----