Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          yEQNHXwj6GtbcuGm+PGBPyUQZ4XJ5vVkWcF3zkqxFFQ=
Subject key identifier:   A3:2F:82:55:16:1B:0D:CE:89:66:78:F2:7D:5A:38:F9:C7:F4:7C:AE
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019923A0165C6487C484D01B499E5E13DAE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          10D6
Signing time:             Sun 07 Sep 2025 10:01:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:57 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: 47yZTpVeR1DcoUcbgSo7ssNCeoRRBqfxnFyc/VrBK68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:16:5c:64:87:c4:84:d0:1b:49:9e:5e:13:da:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Sep  7 10:01:57 2025 GMT
            Not After : Sep  8 10:01:57 2025 GMT
        Subject: CN=a32f8255161b0dce896678f27d5a38f9c7f47cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e0:6f:78:61:f3:0b:ff:43:54:6a:6d:5c:9c:
                    f2:e1:e8:d1:6c:a8:c3:c1:46:68:c3:20:57:21:5c:
                    d4:2b:4c:b1:03:bc:9c:9b:47:77:71:6d:5e:21:6e:
                    66:55:01:b8:03:9d:b0:09:b7:04:1d:d7:a5:f3:d5:
                    47:c8:05:ff:50:ac:66:e1:c6:ed:46:e5:79:d6:82:
                    93:b2:18:52:26:5f:dd:24:61:9b:a7:74:5d:8a:53:
                    09:ce:42:d3:b0:ca:2e:bc:c3:63:bd:da:70:24:d1:
                    b3:bc:75:2c:cb:8c:3f:b3:47:73:58:b5:30:53:4e:
                    f3:61:46:17:64:da:f2:2f:3f:43:92:c0:4c:8b:79:
                    55:c0:93:2d:fc:ee:88:11:c9:d2:14:33:2f:b9:c9:
                    72:54:2c:92:71:50:f2:f8:59:3d:fa:5e:a7:ab:e0:
                    ff:dd:90:bf:24:63:3c:49:50:6a:58:db:ed:11:e4:
                    b2:78:86:47:3d:1d:02:2a:c4:b7:f1:68:16:68:62:
                    08:0f:77:cf:74:b0:4f:b2:7f:32:e4:90:36:d3:63:
                    e9:22:ab:a6:e9:98:11:54:66:5e:02:3c:da:9b:7b:
                    b7:9a:5d:54:60:8f:11:18:6c:b9:87:dc:e3:67:10:
                    35:85:b7:8f:2e:f3:c2:c9:5b:6b:3a:b9:47:b4:04:
                    5f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:2F:82:55:16:1B:0D:CE:89:66:78:F2:7D:5A:38:F9:C7:F4:7C:AE
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:75:01:e5:43:37:c9:93:f0:09:e5:a3:94:dd:e8:e4:31:af:
         b7:d1:4a:be:ee:be:0e:6c:b8:75:33:32:e0:8c:8d:a0:f0:74:
         45:93:57:ac:08:cd:be:a2:fe:e6:be:fa:55:c2:be:49:38:b3:
         5c:f2:51:83:9e:bf:d0:fb:c3:42:cc:6f:fe:81:d4:c1:de:df:
         e4:5b:0f:6c:74:e7:34:83:c9:7e:0a:6f:64:57:1d:e6:5b:50:
         0e:db:ae:25:87:34:16:f0:76:25:0b:97:c7:ab:df:ca:16:d9:
         c7:0e:fb:a9:26:f4:eb:90:e1:69:40:28:83:64:bd:18:ca:06:
         2a:bb:fa:ea:7d:99:30:75:e0:e6:a3:d8:d4:15:b7:37:9e:0e:
         07:0c:83:11:f9:4d:d6:a1:82:76:87:22:75:20:06:d5:4b:77:
         4d:fb:b9:da:23:2c:0e:c2:50:2d:f7:11:38:de:5c:56:fd:00:
         e1:a5:f4:c2:86:2b:00:4c:62:83:6f:d7:00:d2:bc:43:bf:ee:
         99:66:1c:8d:c7:65:11:1e:94:f7:f8:d6:af:a3:0f:19:75:f4:
         2f:d9:10:ca:9f:14:ba:35:8d:fc:07:d8:8d:43:32:1b:74:6b:
         03:51:6b:25:88:c4:b1:d6:31:1f:c6:4e:0a:87:98:39:35:ea:
         38:33:00:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoBZcZIfEhNAbSZ5eE9rkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUwOTA3MTAwMTU3WhcNMjUwOTA4MTAwMTU3WjAzMTEwLwYDVQQD
EyhhMzJmODI1NTE2MWIwZGNlODk2Njc4ZjI3ZDVhMzhmOWM3ZjQ3Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+BveGHzC/9DVGptXJzy4ejRbKjD
wUZowyBXIVzUK0yxA7ycm0d3cW1eIW5mVQG4A52wCbcEHdel89VHyAX/UKxm4cbt
RuV51oKTshhSJl/dJGGbp3RdilMJzkLTsMouvMNjvdpwJNGzvHUsy4w/s0dzWLUw
U07zYUYXZNryLz9DksBMi3lVwJMt/O6IEcnSFDMvuclyVCyScVDy+Fk9+l6nq+D/
3ZC/JGM8SVBqWNvtEeSyeIZHPR0CKsS38WgWaGIID3fPdLBPsn8y5JA202PpIqum
6ZgRVGZeAjzam3u3ml1UYI8RGGy5h9zjZxA1hbePLvPCyVtrOrlHtARfzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMvglUWGw3OiWZ48n1aOPnH9HyuMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxHUB5UM3
yZPwCeWjlN3o5DGvt9FKvu6+Dmy4dTMy4IyNoPB0RZNXrAjNvqL+5r76VcK+STiz
XPJRg56/0PvDQsxv/oHUwd7f5FsPbHTnNIPJfgpvZFcd5ltQDtuuJYc0FvB2JQuX
x6vfyhbZxw77qSb065DhaUAog2S9GMoGKrv66n2ZMHXg5qPY1BW3N54OBwyDEflN
1qGCdocidSAG1Ut3Tfu52iMsDsJQLfcRON5cVv0A4aX0woYrAExig2/XANK8Q7/u
mWYcjcdlER6U9/jWr6MPGXX0L9kQyp8UujWN/AfYjUMyG3RrA1FrJYjEsdYxH8ZO
CoeYOTXqODMAbg==
-----END CERTIFICATE-----