Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
File:                     mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft (raw, json)
Hash identifier:          fWu34y7CJG6hITixW4o1I0ON2SDKuf2T/tAAjbeoDBc=
Subject key identifier:   15:F1:1B:D2:6A:96:88:E9:B9:94:9D:9B:38:A9:C3:E5:6E:3C:34:F8
Authority key identifier: 99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4
Certificate issuer:       /CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
Certificate serial:       0199239F3B6A1476DF117C32E2663F1F5C20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
Manifest number:          099D
Signing time:             Sun 07 Sep 2025 10:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:01 +0000
Files and hashes:         1: mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl (hash: MvSK5Ihaaso7CIk/Xn77Euk1IJXT3bGpjcOSlNvSqXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:3b:6a:14:76:df:11:7c:32:e2:66:3f:1f:5c:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
        Validity
            Not Before: Sep  7 10:01:01 2025 GMT
            Not After : Sep  8 10:01:01 2025 GMT
        Subject: CN=15f11bd26a9688e9b9949d9b38a9c3e56e3c34f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f6:f8:7d:00:b4:54:bd:08:f9:57:8b:17:c0:
                    bf:c5:a1:5b:26:13:c2:f2:8c:0c:ac:bd:e8:d5:ea:
                    a6:44:18:94:95:bd:19:41:c8:07:37:25:2e:8a:33:
                    f1:cf:aa:e3:fe:74:d6:d8:fa:72:aa:12:c9:ad:30:
                    98:29:27:f4:2a:bc:c9:1c:8f:4b:79:33:cd:ec:eb:
                    d5:2e:a9:77:67:90:2b:c7:0a:7c:a0:38:9a:e6:39:
                    d7:4d:c7:0b:f4:8e:03:49:26:5f:08:77:48:87:99:
                    41:12:6b:58:88:2c:71:26:03:16:ed:bb:9a:37:5c:
                    35:47:d3:4a:e3:37:50:88:30:a8:80:9d:39:2d:12:
                    64:2f:01:84:e6:97:0f:db:42:2c:d8:a2:27:23:be:
                    2f:58:69:93:59:4a:85:cd:d7:c7:87:ab:e5:9c:09:
                    7c:8b:40:c4:dd:be:1d:7a:17:8e:dd:58:26:a3:a3:
                    75:f1:76:ca:07:7a:6b:fa:4f:cf:b6:4b:a1:02:e8:
                    c9:21:04:a1:0e:d1:0e:44:04:68:fd:19:bd:56:78:
                    be:9c:79:cd:30:64:51:fb:19:9b:ec:c9:18:9d:ef:
                    88:93:35:ad:60:b6:58:78:b7:46:1c:88:38:05:3e:
                    2b:c5:d9:3a:c2:d9:a4:e3:88:f0:c3:c8:2c:e5:fe:
                    e2:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:F1:1B:D2:6A:96:88:E9:B9:94:9D:9B:38:A9:C3:E5:6E:3C:34:F8
            X509v3 Authority Key Identifier:
                keyid:99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:19:de:41:48:b7:02:d2:94:c6:9d:56:60:40:83:47:91:91:
         c0:8d:eb:f7:fc:de:29:aa:0b:85:34:da:02:20:25:0e:a3:1d:
         04:92:d3:63:cd:1b:b7:78:e9:6a:ce:b1:07:09:ec:5a:3e:f5:
         86:9f:68:ce:0a:3b:01:e8:65:c1:7a:aa:c8:00:f9:22:04:65:
         1f:fb:ff:c9:e0:b4:dd:0a:2f:85:80:bf:1f:ef:c1:b5:e8:5e:
         f7:dc:c4:42:44:a7:b9:94:0c:ee:71:2a:ed:3f:14:24:d2:ed:
         ae:de:67:70:3d:6f:16:77:96:60:da:8d:cd:72:7b:2c:82:56:
         28:f4:48:73:37:ab:ed:5a:a2:c0:71:4c:c1:48:6e:98:e9:58:
         ae:ad:e7:ed:d7:55:f8:53:a5:44:2f:bc:a4:bf:77:14:cc:6a:
         ad:d5:59:a4:72:31:ea:d7:4a:9d:00:e7:fe:6e:54:79:c0:bf:
         b8:a9:a3:5d:56:a7:6a:d9:64:e1:f1:76:69:10:7a:7f:93:a4:
         31:ce:67:04:1f:66:56:26:13:c2:c6:47:39:eb:24:4c:58:2b:
         4c:26:f7:95:52:c1:ef:8d:33:15:df:04:16:f1:a3:4e:23:27:
         78:41:5f:0e:27:bc:86:33:45:59:db:2d:07:98:96:6b:e3:b8:
         b0:4b:ac:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnztqFHbfEXwy4mY/H1wgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YzEzY2I1OGQyZmQzMWUxMmM1ZTE0NmNjNmI0ZjJjNzQ3
ODE2ZjQwHhcNMjUwOTA3MTAwMTAxWhcNMjUwOTA4MTAwMTAxWjAzMTEwLwYDVQQD
EygxNWYxMWJkMjZhOTY4OGU5Yjk5NDlkOWIzOGE5YzNlNTZlM2MzNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/b4fQC0VL0I+VeLF8C/xaFbJhPC
8owMrL3o1eqmRBiUlb0ZQcgHNyUuijPxz6rj/nTW2PpyqhLJrTCYKSf0KrzJHI9L
eTPN7OvVLql3Z5Arxwp8oDia5jnXTccL9I4DSSZfCHdIh5lBEmtYiCxxJgMW7bua
N1w1R9NK4zdQiDCogJ05LRJkLwGE5pcP20Is2KInI74vWGmTWUqFzdfHh6vlnAl8
i0DE3b4deheO3Vgmo6N18XbKB3pr+k/PtkuhAujJIQShDtEORARo/Rm9Vni+nHnN
MGRR+xmb7MkYne+IkzWtYLZYeLdGHIg4BT4rxdk6wtmk44jww8gs5f7ivwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXxG9JqlojpuZSdmzipw+VuPDT4MB8GA1UdIwQY
MBaAFJnBPLWNL9MeEsXhRsxrTyx0eBb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEt
NTY3ZGM5YTc5ZmRkLzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEtNTY3ZGM5YTc5ZmRk
LzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARxneQUi3
AtKUxp1WYECDR5GRwI3r9/zeKaoLhTTaAiAlDqMdBJLTY80bt3jpas6xBwnsWj71
hp9ozgo7AehlwXqqyAD5IgRlH/v/yeC03QovhYC/H+/Btehe99zEQkSnuZQM7nEq
7T8UJNLtrt5ncD1vFneWYNqNzXJ7LIJWKPRIczer7VqiwHFMwUhumOlYrq3n7ddV
+FOlRC+8pL93FMxqrdVZpHIx6tdKnQDn/m5UecC/uKmjXVanatlk4fF2aRB6f5Ok
Mc5nBB9mViYTwsZHOeskTFgrTCb3lVLB740zFd8EFvGjTiMneEFfDie8hjNFWdst
B5iWa+O4sEuszA==
-----END CERTIFICATE-----