Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
File:                     xBHDOVke38lmej55EY3SPEAr6H8.mft (raw, json)
Hash identifier:          d6pmlTh8LG/radPfkvHWSLBabriTxDf8EMillY6QDo4=
Subject key identifier:   8A:06:BF:4F:92:22:7C:78:26:69:E3:62:1D:71:CE:A7:9C:29:C9:32
Authority key identifier: C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F
Certificate issuer:       /CN=c411c339591edfc9667a3e79118dd23c402be87f
Certificate serial:       01992255A6AFA7D2F0E723538C8C8805E0CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
Manifest number:          066B
Signing time:             Sun 07 Sep 2025 04:01:02 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:02 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:02 +0000
Files and hashes:         1: xBHDOVke38lmej55EY3SPEAr6H8.crl (hash: /eOYs23+lUbycyBfyGMSz6a5VntoD4pt0Ook14c3+7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:a6:af:a7:d2:f0:e7:23:53:8c:8c:88:05:e0:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c411c339591edfc9667a3e79118dd23c402be87f
        Validity
            Not Before: Sep  7 04:01:02 2025 GMT
            Not After : Sep  8 04:01:02 2025 GMT
        Subject: CN=8a06bf4f92227c782669e3621d71cea79c29c932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:64:55:3d:92:2a:7d:be:9e:ce:96:1d:7b:b6:
                    db:4d:11:67:bf:02:a8:6a:99:96:79:0f:b6:90:e3:
                    1e:52:a9:69:7a:65:35:df:ce:ee:4a:91:24:0e:b9:
                    a1:d3:ec:14:9e:f3:b3:53:62:30:ee:ca:b4:3c:c8:
                    d3:2c:87:a3:5e:24:f3:00:50:80:b8:da:fd:2f:32:
                    90:6f:6c:5f:d8:85:58:5a:0a:f5:4a:e8:9d:f7:3e:
                    aa:a5:cb:70:09:96:2d:ac:49:9f:ba:8e:6a:a3:80:
                    e7:c7:89:a0:12:48:84:1c:6c:16:7d:f1:da:f9:bc:
                    12:be:27:1f:84:b3:12:b9:8f:96:91:fb:10:0b:50:
                    04:74:53:b7:ee:ac:5d:30:12:0e:e7:54:14:fd:c3:
                    10:9d:08:08:6b:fc:56:47:a6:b8:6a:00:2d:16:ad:
                    b4:80:98:89:b4:3e:85:53:14:3e:b5:3f:68:c1:1e:
                    a0:59:89:97:93:48:7b:65:c5:ff:ac:3f:06:10:be:
                    4e:25:ce:91:69:b9:f1:e4:64:08:32:ea:1c:46:d2:
                    ae:17:db:b2:72:9c:52:58:cb:52:4a:25:48:fe:41:
                    8b:73:7e:bd:8b:50:9c:af:fd:2e:e1:3c:9c:62:e5:
                    92:3c:bc:ad:ff:b6:ca:d9:96:94:b7:3e:c9:bc:16:
                    1e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:06:BF:4F:92:22:7C:78:26:69:E3:62:1D:71:CE:A7:9C:29:C9:32
            X509v3 Authority Key Identifier:
                keyid:C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:e3:89:b3:63:26:89:1e:2c:2a:9f:1b:42:d2:d4:f7:bc:05:
         d8:80:ba:13:d1:68:d8:ba:ae:39:e3:30:ed:67:ef:f7:21:6c:
         ce:19:8e:40:ec:8e:21:2b:5e:4e:c5:7f:85:18:6f:6c:b7:5f:
         84:63:60:73:0a:14:13:87:21:49:4b:4f:79:c1:35:57:c9:f5:
         ef:f6:43:bc:90:cc:8d:b9:f4:e9:42:26:dd:7e:3e:a9:00:d7:
         26:4d:ca:77:65:7d:3a:3b:26:6b:3c:1b:fd:84:3a:b4:68:ad:
         5b:65:71:1c:50:e4:6f:90:ca:c8:bd:81:8f:ee:7b:4f:74:a0:
         0b:8f:7d:bd:43:36:56:fc:e3:41:8e:76:1f:59:b4:f9:1a:97:
         10:5e:24:3e:d8:47:d6:de:3e:ed:dd:e9:3d:81:a3:72:83:42:
         44:7f:4d:3a:6d:2e:9f:d8:26:05:5c:f8:6f:d8:cd:73:07:fd:
         b2:f3:c4:47:b3:77:c3:e3:cc:a1:4b:a9:23:46:fe:28:86:b5:
         4a:86:a5:3f:4b:a0:33:e4:ee:a3:fc:e2:76:df:2e:aa:3b:20:
         e1:ba:3b:23:59:f5:3f:c1:55:51:02:35:ae:ef:9a:a1:49:ce:
         eb:c3:c1:a5:ae:53:58:61:5b:6d:64:89:2b:de:9a:33:e2:81:
         7a:9e:c5:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVaavp9Lw5yNTjIyIBeDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTFjMzM5NTkxZWRmYzk2NjdhM2U3OTExOGRkMjNjNDAy
YmU4N2YwHhcNMjUwOTA3MDQwMTAyWhcNMjUwOTA4MDQwMTAyWjAzMTEwLwYDVQQD
Eyg4YTA2YmY0ZjkyMjI3Yzc4MjY2OWUzNjIxZDcxY2VhNzljMjljOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2RVPZIqfb6ezpYde7bbTRFnvwKo
apmWeQ+2kOMeUqlpemU1387uSpEkDrmh0+wUnvOzU2Iw7sq0PMjTLIejXiTzAFCA
uNr9LzKQb2xf2IVYWgr1Suid9z6qpctwCZYtrEmfuo5qo4Dnx4mgEkiEHGwWffHa
+bwSvicfhLMSuY+WkfsQC1AEdFO37qxdMBIO51QU/cMQnQgIa/xWR6a4agAtFq20
gJiJtD6FUxQ+tT9owR6gWYmXk0h7ZcX/rD8GEL5OJc6Rabnx5GQIMuocRtKuF9uy
cpxSWMtSSiVI/kGLc369i1Ccr/0u4TycYuWSPLyt/7bK2ZaUtz7JvBYeXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoGv0+SInx4JmnjYh1xzqecKckyMB8GA1UdIwQY
MBaAFMQRwzlZHt/JZno+eRGN0jxAK+h/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMt
ZWNiZjdmMTdmNjA0LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMtZWNiZjdmMTdmNjA0
LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmeOJs2Mm
iR4sKp8bQtLU97wF2IC6E9Fo2LquOeMw7Wfv9yFszhmOQOyOISteTsV/hRhvbLdf
hGNgcwoUE4chSUtPecE1V8n17/ZDvJDMjbn06UIm3X4+qQDXJk3Kd2V9Ojsmazwb
/YQ6tGitW2VxHFDkb5DKyL2Bj+57T3SgC499vUM2VvzjQY52H1m0+RqXEF4kPthH
1t4+7d3pPYGjcoNCRH9NOm0un9gmBVz4b9jNcwf9svPER7N3w+PMoUupI0b+KIa1
SoalP0ugM+Tuo/zidt8uqjsg4bo7I1n1P8FVUQI1ru+aoUnO68PBpa5TWGFbbWSJ
K96aM+KBep7F1Q==
-----END CERTIFICATE-----