Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          gDV9lKB7BZux8aAqQm38t1LEf1aE+xojXbx+ob2EeH0=
Subject key identifier:   9E:C1:52:54:1A:C7:F4:A3:F8:C0:B9:C8:9F:A6:8B:2F:B4:D8:17:38
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       019923D597F7B73203AC51B5E27C53D0A86A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          044F
Signing time:             Sun 07 Sep 2025 11:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:24 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: k7g6pOMIolywQ+tAOefrujvRbRJ8Z+JFafKFl5ElItA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d5:97:f7:b7:32:03:ac:51:b5:e2:7c:53:d0:a8:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Sep  7 11:00:24 2025 GMT
            Not After : Sep  8 11:00:24 2025 GMT
        Subject: CN=9ec152541ac7f4a3f8c0b9c89fa68b2fb4d81738
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:01:d4:1d:7f:a4:68:49:a7:e9:bd:78:00:19:
                    90:82:fc:bd:2e:fb:4d:f8:40:0f:f0:06:84:cf:c9:
                    18:f2:d1:79:5b:86:88:ce:93:99:92:7c:3d:03:7c:
                    36:65:fd:d9:f3:08:31:de:4e:93:3a:b2:43:35:38:
                    7f:0a:bb:f7:16:8c:7c:84:69:40:32:1e:f4:f8:aa:
                    c0:86:62:c0:07:9e:5a:49:0c:98:8e:37:9d:db:16:
                    51:3f:4c:20:bd:d0:a9:1f:43:65:f1:19:cf:7b:59:
                    aa:3b:4c:30:0a:cd:2a:44:a1:00:44:41:e9:fe:71:
                    f7:61:d9:16:fa:8e:e9:5b:56:7a:8e:8e:51:dc:28:
                    b3:58:a7:3e:72:7a:f2:71:c4:5d:1f:2a:b4:39:65:
                    55:ee:95:c3:1c:ff:ae:25:89:fd:26:e8:d9:54:6f:
                    79:62:66:4d:51:17:2a:66:93:60:f1:85:76:4c:82:
                    45:f0:58:16:bb:36:7d:49:ae:a6:1a:1b:e4:61:37:
                    de:4d:b2:16:fd:37:12:27:3c:18:05:3f:d9:6d:9b:
                    de:97:40:3b:14:f0:f3:7a:00:52:90:2e:50:e9:c9:
                    98:49:8b:fe:dc:46:e1:48:cd:fb:27:0f:0f:08:8e:
                    c3:58:26:39:d4:8b:a2:b8:79:e5:34:24:fa:24:55:
                    ae:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:C1:52:54:1A:C7:F4:A3:F8:C0:B9:C8:9F:A6:8B:2F:B4:D8:17:38
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:35:42:f9:8f:1c:89:5b:4f:58:84:56:14:6d:10:ba:3f:48:
         99:7a:30:48:35:f7:31:9f:a0:b9:15:88:ef:e0:30:a6:9a:4a:
         58:ab:4c:bf:da:c5:3b:2c:7b:1e:4c:e1:8f:a6:60:b1:5a:2f:
         ad:a0:2e:9a:6a:9d:0d:fa:24:ea:17:02:5e:70:73:be:67:98:
         36:fd:8b:2b:9c:52:57:27:7e:d4:86:e7:bf:71:9f:85:06:bc:
         91:72:37:96:c2:cf:16:34:19:6b:8f:13:05:f7:2a:ca:4a:39:
         c7:7c:48:79:60:eb:d8:25:c7:b1:58:41:ce:6e:f6:8b:d5:69:
         6b:24:25:76:8a:17:1e:64:c2:c5:bc:2d:93:a5:b8:58:cd:51:
         ba:8c:d7:9b:6f:50:1c:44:e6:c5:a1:a5:40:07:ad:a7:9b:c5:
         fd:28:06:0c:58:2d:ac:36:6b:24:f1:de:56:28:fa:32:52:60:
         b2:b4:74:95:ee:7b:c6:b0:67:df:84:af:5e:62:79:ec:f6:5a:
         12:1d:74:b2:68:f0:84:2e:4f:9c:68:03:63:87:ae:56:8f:41:
         ac:fb:54:4b:c1:d2:45:89:32:d3:47:a8:17:65:66:02:24:82:
         f4:83:7e:af:e2:cb:91:cd:ab:13:a9:d1:73:3d:5f:75:d9:5c:
         f5:2f:6b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1Zf3tzIDrFG14nxT0KhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjUwOTA3MTEwMDI0WhcNMjUwOTA4MTEwMDI0WjAzMTEwLwYDVQQD
Eyg5ZWMxNTI1NDFhYzdmNGEzZjhjMGI5Yzg5ZmE2OGIyZmI0ZDgxNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwHUHX+kaEmn6b14ABmQgvy9LvtN
+EAP8AaEz8kY8tF5W4aIzpOZknw9A3w2Zf3Z8wgx3k6TOrJDNTh/Crv3Fox8hGlA
Mh70+KrAhmLAB55aSQyYjjed2xZRP0wgvdCpH0Nl8RnPe1mqO0wwCs0qRKEAREHp
/nH3YdkW+o7pW1Z6jo5R3CizWKc+cnryccRdHyq0OWVV7pXDHP+uJYn9JujZVG95
YmZNURcqZpNg8YV2TIJF8FgWuzZ9Sa6mGhvkYTfeTbIW/TcSJzwYBT/ZbZvel0A7
FPDzegBSkC5Q6cmYSYv+3EbhSM37Jw8PCI7DWCY51IuiuHnlNCT6JFWuHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7BUlQax/Sj+MC5yJ+miy+02Bc4MB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDVC+Y8c
iVtPWIRWFG0Quj9ImXowSDX3MZ+guRWI7+AwpppKWKtMv9rFOyx7Hkzhj6ZgsVov
raAummqdDfok6hcCXnBzvmeYNv2LK5xSVyd+1Ibnv3GfhQa8kXI3lsLPFjQZa48T
Bfcqyko5x3xIeWDr2CXHsVhBzm72i9VpayQldooXHmTCxbwtk6W4WM1RuozXm29Q
HETmxaGlQAetp5vF/SgGDFgtrDZrJPHeVij6MlJgsrR0le57xrBn34SvXmJ57PZa
Eh10smjwhC5PnGgDY4euVo9BrPtUS8HSRYky00eoF2VmAiSC9IN+r+LLkc2rE6nR
cz1fddlc9S9rNg==
-----END CERTIFICATE-----