Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
File:                     iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json)
Hash identifier:          zjBc9hwK/QbkofLPjbPa7d4oVCEYubqaIWFPpVoRGBQ=
Subject key identifier:   87:43:D9:F0:7F:57:39:36:20:B1:60:F2:BF:81:9B:9C:21:B9:62:41
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Certificate issuer:       /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial:       019921E7DB0EC28E729F2FF8F13F17C1E493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
Manifest number:          0B01
Signing time:             Sun 07 Sep 2025 02:01:06 +0000
Manifest this update:     Sun 07 Sep 2025 02:01:06 +0000
Manifest next update:     Mon 08 Sep 2025 02:01:06 +0000
Files and hashes:         1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: EJahoKaIkT7ViEnIXFKlM/i4FuhIJU9bssYU9ib7wO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:db:0e:c2:8e:72:9f:2f:f8:f1:3f:17:c1:e4:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
        Validity
            Not Before: Sep  7 02:01:06 2025 GMT
            Not After : Sep  8 02:01:06 2025 GMT
        Subject: CN=8743d9f07f57393620b160f2bf819b9c21b96241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e7:e2:8e:ef:ce:ce:6c:32:ba:3c:3d:6f:59:
                    5a:55:66:04:10:04:ac:d1:f8:d8:b1:65:8b:7a:8e:
                    0e:42:85:10:26:1f:f9:2e:6d:74:01:02:f1:63:bb:
                    c9:4f:0c:14:9c:e3:30:fd:29:c4:af:dd:8d:d0:8b:
                    90:6b:2b:c1:3e:ad:b4:5a:5c:08:94:a1:29:37:6a:
                    68:ba:e1:f3:b9:55:2c:25:83:8f:86:15:7a:4d:4a:
                    2b:77:62:32:f6:65:09:2a:fa:7e:e4:f8:96:14:a7:
                    f5:59:1f:8d:8c:5f:ef:79:57:f6:a1:25:77:d9:c5:
                    fb:1f:8e:91:a4:3b:ce:7b:47:6c:cf:5e:1a:df:24:
                    c9:59:ce:10:98:dc:a2:82:54:26:1c:87:14:0f:e0:
                    88:a3:6c:06:d8:de:cc:ab:a7:f2:fe:1d:92:b7:4c:
                    6f:bc:c0:89:25:00:b5:67:d8:ab:a3:c8:f1:1a:d7:
                    8e:56:4c:db:b6:be:76:4e:67:25:13:38:41:a3:2b:
                    b6:fd:32:1d:9b:f1:77:cb:43:fc:e6:4a:d8:c1:0a:
                    23:af:bd:43:71:62:0d:c1:f7:8d:59:62:f0:37:17:
                    31:72:ca:f0:49:8e:4c:27:88:67:10:5f:6b:53:84:
                    dd:da:a7:c7:b0:4f:dd:c8:c1:6c:2b:4c:4e:1d:2e:
                    56:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:43:D9:F0:7F:57:39:36:20:B1:60:F2:BF:81:9B:9C:21:B9:62:41
            X509v3 Authority Key Identifier:
                keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:82:25:35:53:ff:2d:2a:c9:a3:9c:1c:cd:9c:19:a8:9f:f9:
         58:89:4b:d1:e2:a1:8e:fb:73:b5:86:36:11:47:73:92:3c:ca:
         30:78:61:aa:dc:d2:6e:4d:4b:b6:0f:24:48:f5:c1:77:2f:c2:
         90:28:c6:26:fb:31:e9:dd:7a:16:0d:ca:2e:11:1d:b6:7d:e5:
         86:ad:ca:5a:0a:25:80:2e:9f:c6:d1:a9:fe:86:b4:66:55:45:
         02:8a:b9:b9:5a:d8:67:96:b4:90:13:11:b1:2d:fb:b9:5e:d5:
         a7:f8:a0:9d:ee:81:0e:6c:31:1a:55:b5:1e:51:94:36:da:80:
         0e:9b:f1:89:8b:5b:f9:48:17:6e:ea:5c:e8:b1:dd:82:97:4e:
         e9:c1:a6:78:aa:23:d8:ab:d2:a9:4c:45:c4:bb:3a:c9:ac:ea:
         e2:87:38:f7:b6:8d:1f:11:c4:e3:b1:bf:e6:b9:a0:5a:42:9b:
         df:53:5a:fc:77:08:ff:2c:5b:ab:cc:e3:4d:08:25:f6:48:bf:
         43:25:b7:57:ae:fc:f0:72:ce:64:5c:92:8e:88:b8:08:ab:e2:
         47:31:9b:bc:d4:68:39:59:11:24:69:79:27:6d:e2:d6:1e:7c:
         41:ac:15:b9:52:02:b2:8e:f4:07:5f:f5:e3:bf:5a:aa:f0:2d:
         e3:e7:e3:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh59sOwo5yny/48T8XweSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjUwOTA3MDIwMTA2WhcNMjUwOTA4MDIwMTA2WjAzMTEwLwYDVQQD
Eyg4NzQzZDlmMDdmNTczOTM2MjBiMTYwZjJiZjgxOWI5YzIxYjk2MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArufiju/Ozmwyujw9b1laVWYEEASs
0fjYsWWLeo4OQoUQJh/5Lm10AQLxY7vJTwwUnOMw/SnEr92N0IuQayvBPq20WlwI
lKEpN2pouuHzuVUsJYOPhhV6TUord2Iy9mUJKvp+5PiWFKf1WR+NjF/veVf2oSV3
2cX7H46RpDvOe0dsz14a3yTJWc4QmNyiglQmHIcUD+CIo2wG2N7Mq6fy/h2St0xv
vMCJJQC1Z9iro8jxGteOVkzbtr52TmclEzhBoyu2/TIdm/F3y0P85krYwQojr71D
cWINwfeNWWLwNxcxcsrwSY5MJ4hnEF9rU4Td2qfHsE/dyMFsK0xOHS5WcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdD2fB/Vzk2ILFg8r+Bm5whuWJBMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeoIlNVP/
LSrJo5wczZwZqJ/5WIlL0eKhjvtztYY2EUdzkjzKMHhhqtzSbk1Ltg8kSPXBdy/C
kCjGJvsx6d16Fg3KLhEdtn3lhq3KWgolgC6fxtGp/oa0ZlVFAoq5uVrYZ5a0kBMR
sS37uV7Vp/igne6BDmwxGlW1HlGUNtqADpvxiYtb+UgXbupc6LHdgpdO6cGmeKoj
2KvSqUxFxLs6yazq4oc497aNHxHE47G/5rmgWkKb31Na/HcI/yxbq8zjTQgl9ki/
QyW3V6788HLOZFySjoi4CKviRzGbvNRoOVkRJGl5J23i1h58QawVuVICso70B1/1
479aqvAt4+fj1w==
-----END CERTIFICATE-----