Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
File:                     P9WU69efjdhbR5LpUzvkaBaohgY.mft (raw, json)
Hash identifier:          5lzw0xsdRvuOr/09Jy+NwXkqVCj4+G+THjp7BZE/B7w=
Subject key identifier:   52:76:D9:37:95:26:3E:D6:6E:34:65:64:AF:47:7D:0D:0F:A4:75:DF
Authority key identifier: 3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06
Certificate issuer:       /CN=3fd594ebd79f8dd85b4792e9533be46816a88606
Certificate serial:       019922FA1323E53F446BF04F8488B949CC2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
Manifest number:          11F0
Signing time:             Sun 07 Sep 2025 07:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:38 +0000
Files and hashes:         1: P9WU69efjdhbR5LpUzvkaBaohgY.crl (hash: 5ZWUFqxkJqOVxrgB83gzY/K/t5+XymAGwDByV5LIQYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:13:23:e5:3f:44:6b:f0:4f:84:88:b9:49:cc:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd594ebd79f8dd85b4792e9533be46816a88606
        Validity
            Not Before: Sep  7 07:00:38 2025 GMT
            Not After : Sep  8 07:00:38 2025 GMT
        Subject: CN=5276d93795263ed66e346564af477d0d0fa475df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1f:46:ff:a5:13:e1:66:08:a8:22:60:7d:93:
                    a0:51:dc:4b:ca:3f:87:ce:29:21:cb:7c:a9:03:d7:
                    3c:0a:60:0e:3d:81:5e:37:ed:d4:12:22:c4:09:3c:
                    e0:49:a5:5c:61:72:ec:2d:00:5f:04:68:ad:00:f8:
                    8d:10:46:e7:19:ef:eb:db:ec:c1:a1:70:ac:54:97:
                    37:53:f5:69:fd:0e:3c:6d:ba:ef:3e:7f:e1:49:b2:
                    d8:05:0c:08:af:48:fa:7b:ed:d5:95:bd:e0:c3:1a:
                    fe:79:62:9b:6b:4e:28:0e:74:64:41:65:1f:b6:a7:
                    29:f5:73:19:ee:fd:b9:bf:fd:03:9f:a1:e4:63:13:
                    1b:61:23:ae:4e:84:b1:98:8e:b0:4a:82:80:d9:3f:
                    82:32:e9:45:6a:1f:9c:2a:30:53:19:2e:1b:83:be:
                    af:c0:60:11:3a:06:08:60:59:02:bf:88:96:07:00:
                    8f:bc:74:ae:33:22:5b:92:0d:28:bc:93:29:77:57:
                    2c:42:dd:be:d3:e7:d1:7f:14:bc:62:19:1a:1a:a0:
                    48:64:03:88:f7:47:c4:5b:05:e2:12:93:08:b9:26:
                    91:b9:6f:9b:13:2d:bb:25:26:21:fb:2d:1b:d2:a9:
                    c9:fc:46:d8:7e:a4:20:90:6f:38:6d:90:c3:ab:61:
                    fb:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:76:D9:37:95:26:3E:D6:6E:34:65:64:AF:47:7D:0D:0F:A4:75:DF
            X509v3 Authority Key Identifier:
                keyid:3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:9c:ec:bc:fd:55:6e:30:73:2a:f3:fa:cc:94:dd:72:1e:03:
         22:eb:45:91:c2:18:b0:49:9e:70:8e:17:e0:ea:99:da:22:74:
         79:4d:ad:e8:8e:d9:51:7c:43:8d:f1:30:58:3e:be:38:07:f2:
         21:af:b8:32:35:38:76:40:d4:0d:30:68:c8:6d:af:10:b0:0f:
         dc:26:ba:3a:9b:0d:22:14:7a:c9:07:8c:08:b2:96:db:df:13:
         42:79:e7:3e:9b:ba:10:ab:00:8e:02:1e:a0:09:d9:2b:5f:f8:
         a6:09:60:fb:6f:4c:a0:23:b2:48:db:f2:7c:64:85:32:2d:79:
         51:de:fa:d5:b0:19:17:13:08:62:3e:9c:e2:d2:37:8b:ed:4c:
         78:ad:a4:77:ef:c3:2d:3f:35:03:71:c3:92:4c:75:32:69:18:
         27:c9:3d:4f:10:84:76:10:2d:d4:0d:bb:48:1a:86:25:53:f0:
         17:e0:92:e7:80:71:a2:70:92:2c:2b:79:af:7a:dd:bc:5d:f0:
         85:33:1d:f4:28:0f:f9:60:57:46:54:27:ca:28:da:2a:62:61:
         a4:76:25:a2:e2:26:3a:0f:c4:13:dc:8f:03:0c:2c:4a:21:05:
         5c:49:26:e6:9e:8a:64:bf:dc:35:56:4d:9e:54:b2:0b:60:7d:
         6b:f3:ed:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+hMj5T9Ea/BPhIi5ScwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDU5NGViZDc5ZjhkZDg1YjQ3OTJlOTUzM2JlNDY4MTZh
ODg2MDYwHhcNMjUwOTA3MDcwMDM4WhcNMjUwOTA4MDcwMDM4WjAzMTEwLwYDVQQD
Eyg1Mjc2ZDkzNzk1MjYzZWQ2NmUzNDY1NjRhZjQ3N2QwZDBmYTQ3NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB9G/6UT4WYIqCJgfZOgUdxLyj+H
zikhy3ypA9c8CmAOPYFeN+3UEiLECTzgSaVcYXLsLQBfBGitAPiNEEbnGe/r2+zB
oXCsVJc3U/Vp/Q48bbrvPn/hSbLYBQwIr0j6e+3Vlb3gwxr+eWKba04oDnRkQWUf
tqcp9XMZ7v25v/0Dn6HkYxMbYSOuToSxmI6wSoKA2T+CMulFah+cKjBTGS4bg76v
wGAROgYIYFkCv4iWBwCPvHSuMyJbkg0ovJMpd1csQt2+0+fRfxS8YhkaGqBIZAOI
90fEWwXiEpMIuSaRuW+bEy27JSYh+y0b0qnJ/EbYfqQgkG84bZDDq2H7BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJ22TeVJj7WbjRlZK9HfQ0PpHXfMB8GA1UdIwQY
MBaAFD/VlOvXn43YW0eS6VM75GgWqIYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEt
NjYyNDY5MWY2ZjEzLzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEtNjYyNDY5MWY2ZjEz
LzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJzsvP1V
bjBzKvP6zJTdch4DIutFkcIYsEmecI4X4OqZ2iJ0eU2t6I7ZUXxDjfEwWD6+OAfy
Ia+4MjU4dkDUDTBoyG2vELAP3Ca6OpsNIhR6yQeMCLKW298TQnnnPpu6EKsAjgIe
oAnZK1/4pglg+29MoCOySNvyfGSFMi15Ud761bAZFxMIYj6c4tI3i+1MeK2kd+/D
LT81A3HDkkx1MmkYJ8k9TxCEdhAt1A27SBqGJVPwF+CS54BxonCSLCt5r3rdvF3w
hTMd9CgP+WBXRlQnyijaKmJhpHYlouImOg/EE9yPAwwsSiEFXEkm5p6KZL/cNVZN
nlSyC2B9a/PtMA==
-----END CERTIFICATE-----