Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
File:                     rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json)
Hash identifier:          24e9QrWLSHk/wENbx8TR3PlAw/KOVne6T6RLgshqXFo=
Subject key identifier:   B5:FA:91:F8:49:F7:7B:CE:18:7A:E3:C7:99:4B:FC:41:7B:3E:7A:F5
Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9
Certificate issuer:       /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
Certificate serial:       0199239EC8EB3620D214506BF00C28AD7625
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
Manifest number:          0B6F
Signing time:             Sun 07 Sep 2025 10:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:32 +0000
Files and hashes:         1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: HoMBEkFRjSga327fLyCikKBWyO02PQc19/Peq+t8jYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:c8:eb:36:20:d2:14:50:6b:f0:0c:28:ad:76:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
        Validity
            Not Before: Sep  7 10:00:32 2025 GMT
            Not After : Sep  8 10:00:32 2025 GMT
        Subject: CN=b5fa91f849f77bce187ae3c7994bfc417b3e7af5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:93:25:b8:fb:7d:e6:72:8b:f0:70:57:25:6b:
                    10:50:e1:58:26:8e:2a:89:11:41:69:23:ef:9d:68:
                    8f:90:26:bc:f3:c8:8c:c8:61:33:73:20:dd:99:b0:
                    ab:c9:69:54:f6:33:2e:92:b3:cb:34:0a:8c:9b:11:
                    20:05:07:5d:6c:c8:c5:21:e0:4f:45:76:49:54:4d:
                    36:52:9a:bc:c5:b4:5c:a0:a0:67:ce:36:e4:94:8f:
                    53:47:c6:d6:bd:ce:24:8a:3f:e7:75:14:6c:c6:f8:
                    eb:a2:78:7c:4a:0c:ec:1d:6f:49:4e:f8:37:de:12:
                    e5:fd:b2:06:82:ff:dd:a7:ba:56:e8:d7:35:02:e6:
                    1e:ea:1d:7f:72:43:61:16:fe:5e:9d:2e:89:fc:04:
                    5b:da:35:95:75:84:f0:a5:d5:d0:2f:51:db:34:6e:
                    10:ed:bc:33:b6:81:4b:af:7d:61:ab:6e:e4:64:12:
                    f2:15:3c:08:e7:91:ce:3c:28:6f:74:a3:3d:6f:a6:
                    a0:cf:57:a5:28:45:c9:c7:f4:f6:30:15:c0:e0:90:
                    ad:35:22:a8:f6:fc:96:4b:11:fe:38:da:d3:18:8c:
                    61:7b:70:df:cd:12:e3:57:19:b8:8b:83:40:b4:8c:
                    8d:70:b0:c9:82:8f:f6:60:a6:1c:81:f5:d7:21:f6:
                    c8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:FA:91:F8:49:F7:7B:CE:18:7A:E3:C7:99:4B:FC:41:7B:3E:7A:F5
            X509v3 Authority Key Identifier:
                keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:9a:1f:f9:7d:ae:16:b0:0d:08:31:21:db:dc:59:0a:5c:9c:
         c5:ce:96:f7:fa:6f:64:89:84:35:8b:5e:78:40:fc:2f:aa:67:
         72:06:0e:f4:61:3b:9a:79:e5:56:74:67:1e:9c:dc:1a:0e:58:
         ec:82:01:4e:ad:18:6f:f1:55:5b:c2:04:f2:d8:c8:38:fd:cf:
         2c:80:f9:01:e2:44:cf:7c:83:ad:b4:c4:6b:41:9b:28:1b:ce:
         74:a6:70:8b:cd:15:10:b1:39:f7:36:87:fd:03:e3:fe:8d:bf:
         19:df:6a:2f:00:90:69:76:b1:ee:52:95:b1:c3:93:3c:4d:f6:
         3e:83:4d:29:01:c4:02:a8:08:7c:87:4d:06:ca:d4:e6:e9:cc:
         fe:cb:f9:47:2c:61:a3:e6:19:36:2e:96:46:9b:b3:78:d9:1d:
         96:e3:71:55:30:8b:1b:a9:11:a3:f5:1b:10:15:42:a9:0a:fe:
         2e:ef:18:e6:4d:95:e4:2b:d4:e0:ae:0b:d8:f1:c9:fc:df:fa:
         c6:49:43:92:c8:0e:13:1f:03:70:20:18:8c:20:38:b2:94:53:
         8e:14:b4:e9:83:5d:5b:a8:eb:93:ba:3d:0b:ab:bb:6f:40:ee:
         7a:ba:6e:f1:b0:cb:55:25:2f:82:77:97:7e:33:90:f4:95:68:
         ef:b9:03:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnsjrNiDSFFBr8AworXYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0
OTAwZjkwHhcNMjUwOTA3MTAwMDMyWhcNMjUwOTA4MTAwMDMyWjAzMTEwLwYDVQQD
EyhiNWZhOTFmODQ5Zjc3YmNlMTg3YWUzYzc5OTRiZmM0MTdiM2U3YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZMluPt95nKL8HBXJWsQUOFYJo4q
iRFBaSPvnWiPkCa888iMyGEzcyDdmbCryWlU9jMukrPLNAqMmxEgBQddbMjFIeBP
RXZJVE02Upq8xbRcoKBnzjbklI9TR8bWvc4kij/ndRRsxvjronh8SgzsHW9JTvg3
3hLl/bIGgv/dp7pW6Nc1AuYe6h1/ckNhFv5enS6J/ARb2jWVdYTwpdXQL1HbNG4Q
7bwztoFLr31hq27kZBLyFTwI55HOPChvdKM9b6agz1elKEXJx/T2MBXA4JCtNSKo
9vyWSxH+ONrTGIxhe3DfzRLjVxm4i4NAtIyNcLDJgo/2YKYcgfXXIfbIEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLX6kfhJ93vOGHrjx5lL/EF7Pnr1MB8GA1UdIwQY
MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt
MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy
LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYpof+X2u
FrANCDEh29xZClycxc6W9/pvZImENYteeED8L6pncgYO9GE7mnnlVnRnHpzcGg5Y
7IIBTq0Yb/FVW8IE8tjIOP3PLID5AeJEz3yDrbTEa0GbKBvOdKZwi80VELE59zaH
/QPj/o2/Gd9qLwCQaXax7lKVscOTPE32PoNNKQHEAqgIfIdNBsrU5unM/sv5Ryxh
o+YZNi6WRpuzeNkdluNxVTCLG6kRo/UbEBVCqQr+Lu8Y5k2V5CvU4K4L2PHJ/N/6
xklDksgOEx8DcCAYjCA4spRTjhS06YNdW6jrk7o9C6u7b0Duerpu8bDLVSUvgneX
fjOQ9JVo77kDbA==
-----END CERTIFICATE-----