Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File:                     2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier:          MnsE2ILu4lGedSbSRFe7QwVI1KpjFezZ3L5wjEg0twI=
Subject key identifier:   63:4D:FF:F3:5C:A0:EE:51:7F:3B:82:24:C9:2A:C8:66:EF:55:E6:23
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       019922558E148CF05D34FF43F6A654B4984F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number:          1689
Signing time:             Sun 07 Sep 2025 04:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:56 +0000
Files and hashes:         1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: IMoasMqV/oKNwBOaQTCWtu1QT/vocUmrxlPhvW0uOX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:8e:14:8c:f0:5d:34:ff:43:f6:a6:54:b4:98:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Sep  7 04:00:56 2025 GMT
            Not After : Sep  8 04:00:56 2025 GMT
        Subject: CN=634dfff35ca0ee517f3b8224c92ac866ef55e623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:8e:67:d1:b8:6d:07:ff:b2:65:82:e2:ca:a0:
                    21:61:88:3a:9e:b3:8a:d7:df:6c:ff:34:80:ad:dc:
                    f6:6c:52:7f:ba:32:3d:0c:86:fb:5c:e4:9f:0e:ee:
                    2d:16:53:d3:99:49:19:28:12:5b:5d:ab:3e:0d:0f:
                    43:8e:8c:6f:48:46:21:2a:98:63:57:9f:17:e8:48:
                    bb:30:a2:5e:03:af:70:37:b7:6e:f2:ff:b9:fd:14:
                    9c:9a:8e:b6:e1:b7:30:d5:98:b5:24:bc:d4:80:57:
                    ae:3e:a7:64:11:bf:e8:fa:18:49:be:b7:02:69:34:
                    40:da:24:79:74:9e:77:d1:b3:31:49:d9:5a:85:05:
                    a2:69:8c:06:7b:d3:c8:c2:2d:a5:d4:43:93:9c:4d:
                    57:26:13:7a:5b:a5:c7:db:a4:92:96:86:83:5c:0a:
                    cf:3c:7e:6b:92:2f:7f:fa:9f:01:58:af:46:71:2b:
                    d5:f0:7a:81:d7:80:69:b8:8c:47:24:44:f8:d6:63:
                    4b:9a:95:f6:fa:99:0b:ac:34:45:87:8d:3b:a1:b9:
                    5e:70:da:d0:68:bc:66:84:0e:84:ce:de:ae:0c:bb:
                    bd:b9:6d:55:35:3a:e8:72:87:77:e3:26:a6:80:0c:
                    a3:6b:b9:cc:9f:14:7a:f1:3e:56:7d:c8:37:14:f1:
                    42:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:4D:FF:F3:5C:A0:EE:51:7F:3B:82:24:C9:2A:C8:66:EF:55:E6:23
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:4f:77:61:1a:5c:de:6b:ef:7e:e5:bc:1a:5f:6e:20:48:c8:
         44:b7:c4:d6:f1:b7:13:8d:e7:e1:8b:2c:6c:d0:c9:65:b2:66:
         45:02:ab:a2:d8:91:95:61:a8:9d:23:35:49:0f:4f:86:77:da:
         ac:81:f0:23:66:5e:a9:1f:0f:48:86:e5:28:de:a2:e1:0c:42:
         49:6b:55:37:b9:b3:61:fc:0e:1a:12:bb:ec:6a:4d:79:f1:11:
         79:45:74:9f:a7:9b:f7:01:e7:12:1f:3c:73:19:2c:f5:38:30:
         04:d4:20:55:8c:66:44:d2:96:21:28:6b:ac:e1:d0:db:48:a3:
         82:bc:88:bb:6f:e8:51:ad:d2:b2:7d:cf:6d:9e:5a:e2:f4:9c:
         d0:f0:0f:3b:38:10:20:bc:11:05:f1:ae:69:32:08:0b:8d:12:
         24:09:e3:d4:cf:70:53:ec:e7:d6:32:9f:29:54:d2:9a:2f:83:
         3e:9c:c6:f1:d5:db:37:5f:04:c5:3c:9e:c6:a4:a5:93:91:3e:
         89:cf:e7:f6:eb:52:2c:87:f9:69:a5:08:23:26:02:62:a2:0b:
         08:49:51:d9:65:91:c5:b6:3e:da:09:7c:02:9f:0b:18:89:9a:
         39:bb:67:db:78:d3:9a:7e:11:99:9a:3d:f0:d2:7f:d3:19:6b:
         9d:78:5f:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVY4UjPBdNP9D9qZUtJhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwOTA3MDQwMDU2WhcNMjUwOTA4MDQwMDU2WjAzMTEwLwYDVQQD
Eyg2MzRkZmZmMzVjYTBlZTUxN2YzYjgyMjRjOTJhYzg2NmVmNTVlNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA945n0bhtB/+yZYLiyqAhYYg6nrOK
199s/zSArdz2bFJ/ujI9DIb7XOSfDu4tFlPTmUkZKBJbXas+DQ9DjoxvSEYhKphj
V58X6Ei7MKJeA69wN7du8v+5/RScmo624bcw1Zi1JLzUgFeuPqdkEb/o+hhJvrcC
aTRA2iR5dJ530bMxSdlahQWiaYwGe9PIwi2l1EOTnE1XJhN6W6XH26SSloaDXArP
PH5rki9/+p8BWK9GcSvV8HqB14BpuIxHJET41mNLmpX2+pkLrDRFh407oblecNrQ
aLxmhA6Ezt6uDLu9uW1VNTrocod34yamgAyja7nMnxR68T5Wfcg3FPFCGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNN//NcoO5RfzuCJMkqyGbvVeYjMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVU93YRpc
3mvvfuW8Gl9uIEjIRLfE1vG3E43n4YssbNDJZbJmRQKrotiRlWGonSM1SQ9Phnfa
rIHwI2ZeqR8PSIblKN6i4QxCSWtVN7mzYfwOGhK77GpNefEReUV0n6eb9wHnEh88
cxks9TgwBNQgVYxmRNKWIShrrOHQ20ijgryIu2/oUa3Ssn3PbZ5a4vSc0PAPOzgQ
ILwRBfGuaTIIC40SJAnj1M9wU+zn1jKfKVTSmi+DPpzG8dXbN18ExTyexqSlk5E+
ic/n9utSLIf5aaUIIyYCYqILCElR2WWRxbY+2gl8Ap8LGImaObtn23jTmn4RmZo9
8NJ/0xlrnXhfZg==
-----END CERTIFICATE-----