Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
File:                     mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json)
Hash identifier:          aA+Y1LMTHyxlC5oAWyS3U2Hc36lCBMHG5IJb5FmlnaY=
Subject key identifier:   FA:BC:3F:45:DF:6C:9E:61:39:90:F2:EC:37:AF:15:F5:F9:4C:B7:60
Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF
Certificate issuer:       /CN=99715406e7217bfc13812a4704c62ae099e7c8ff
Certificate serial:       019922FAC3F001EB9A64AF21126FE1227F8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
Manifest number:          038F
Signing time:             Sun 07 Sep 2025 07:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:23 +0000
Files and hashes:         1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: I2pmiIlQwU0cLzdXeuKs2MQkSZ5Jp8lEVoYdertk45I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:c3:f0:01:eb:9a:64:af:21:12:6f:e1:22:7f:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff
        Validity
            Not Before: Sep  7 07:01:23 2025 GMT
            Not After : Sep  8 07:01:23 2025 GMT
        Subject: CN=fabc3f45df6c9e613990f2ec37af15f5f94cb760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:39:78:d5:21:31:f0:5b:f1:ec:32:db:3b:a2:
                    11:a1:ba:ba:f2:98:2f:8c:5b:f0:83:c2:97:e9:99:
                    3d:f0:1b:51:8b:f8:bc:e7:9b:f9:87:05:89:84:1c:
                    85:b0:88:17:43:8c:fb:21:6f:f5:47:f2:95:aa:36:
                    55:9a:10:b4:7d:c0:35:6b:c0:2f:2b:28:13:21:b5:
                    6f:d4:bb:25:8c:4f:b6:99:6c:e2:c9:45:96:75:52:
                    7e:e7:6b:e9:68:6f:28:b3:e5:83:b2:42:b6:11:17:
                    df:20:70:64:1a:18:b9:a5:59:09:4b:ab:45:19:1e:
                    68:13:6f:16:80:39:1a:e6:71:de:11:3b:10:3b:1e:
                    74:d2:93:b0:c9:8a:73:28:07:09:29:15:c7:62:dc:
                    d3:77:7a:20:cb:be:7c:ff:7a:ad:42:75:00:41:ea:
                    b7:8e:fb:79:72:26:f4:a0:48:20:42:09:84:60:cf:
                    49:18:92:b1:75:8d:88:78:e6:c3:da:ed:0d:04:e1:
                    8c:f5:14:b3:42:b5:ec:a8:81:48:91:9e:b7:03:c6:
                    40:f3:5b:d4:40:ce:61:ec:49:67:6d:72:80:48:84:
                    9d:11:49:86:97:0e:b4:f3:2a:9e:75:46:76:16:98:
                    1b:f2:fb:28:21:63:35:b1:05:8d:53:62:8a:6e:7e:
                    f2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:BC:3F:45:DF:6C:9E:61:39:90:F2:EC:37:AF:15:F5:F9:4C:B7:60
            X509v3 Authority Key Identifier:
                keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:5c:e8:e4:8e:f4:64:b8:6d:bc:5b:27:7b:19:2a:5b:e4:fd:
         4c:37:23:69:ef:b9:02:1b:ac:8f:13:cb:96:83:3d:a3:45:de:
         e2:99:0d:47:7c:64:b6:37:51:30:9f:a8:bd:ed:fd:e8:81:13:
         2b:b1:ee:13:90:db:02:89:b5:27:be:39:6d:ae:e3:19:70:bb:
         5b:27:a5:24:64:14:82:fc:39:37:39:91:5a:14:85:4a:ba:e3:
         5a:88:45:33:43:0d:34:ce:d7:54:8c:4e:67:fa:45:43:07:01:
         2e:d2:9c:1e:17:93:7b:7b:35:d3:90:c7:59:04:c4:a9:8e:58:
         3e:8a:72:c9:af:88:e5:d0:b5:99:f3:9f:b3:c6:b1:fc:77:38:
         cf:7e:47:69:21:84:21:f9:17:57:d6:7a:98:93:0d:fd:4e:d5:
         5c:b8:3d:28:02:05:b9:51:dd:05:3e:33:bd:d8:ce:ae:b4:82:
         53:58:45:41:ca:b6:58:7d:14:b5:27:fd:7a:40:77:b4:97:74:
         d1:ce:27:db:ae:91:41:19:77:bc:fb:8d:68:1c:be:cf:63:a8:
         28:43:1a:6f:44:33:60:cd:43:21:b9:53:e9:b4:bf:34:f5:e8:
         23:6b:4c:18:3b:aa:32:93:9c:67:bd:58:c1:39:e6:89:2c:94:
         a7:2e:e9:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+sPwAeuaZK8hEm/hIn+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll
N2M4ZmYwHhcNMjUwOTA3MDcwMTIzWhcNMjUwOTA4MDcwMTIzWjAzMTEwLwYDVQQD
EyhmYWJjM2Y0NWRmNmM5ZTYxMzk5MGYyZWMzN2FmMTVmNWY5NGNiNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjl41SEx8Fvx7DLbO6IRobq68pgv
jFvwg8KX6Zk98BtRi/i855v5hwWJhByFsIgXQ4z7IW/1R/KVqjZVmhC0fcA1a8Av
KygTIbVv1LsljE+2mWziyUWWdVJ+52vpaG8os+WDskK2ERffIHBkGhi5pVkJS6tF
GR5oE28WgDka5nHeETsQOx500pOwyYpzKAcJKRXHYtzTd3ogy758/3qtQnUAQeq3
jvt5cib0oEggQgmEYM9JGJKxdY2IeObD2u0NBOGM9RSzQrXsqIFIkZ63A8ZA81vU
QM5h7ElnbXKASISdEUmGlw608yqedUZ2Fpgb8vsoIWM1sQWNU2KKbn7yyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPq8P0XfbJ5hOZDy7DevFfX5TLdgMB8GA1UdIwQY
MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt
MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk
LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMVzo5I70
ZLhtvFsnexkqW+T9TDcjae+5AhusjxPLloM9o0Xe4pkNR3xktjdRMJ+ove396IET
K7HuE5DbAom1J745ba7jGXC7WyelJGQUgvw5NzmRWhSFSrrjWohFM0MNNM7XVIxO
Z/pFQwcBLtKcHheTe3s105DHWQTEqY5YPopyya+I5dC1mfOfs8ax/Hc4z35HaSGE
IfkXV9Z6mJMN/U7VXLg9KAIFuVHdBT4zvdjOrrSCU1hFQcq2WH0UtSf9ekB3tJd0
0c4n266RQRl3vPuNaBy+z2OoKEMab0QzYM1DIblT6bS/NPXoI2tMGDuqMpOcZ71Y
wTnmiSyUpy7pyg==
-----END CERTIFICATE-----