Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          fF3AemQBLYJG3HfD1WQDfR51dxbvgwOUO8zUv6sb/Y0=
Subject key identifier:   C9:CE:FD:9B:D9:D1:8E:36:5F:BE:15:C5:87:17:40:70:A0:9C:5C:63
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       0197D587A3A06F9FFD6D0B9FE7849AEC6F06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          15C0
Signing time:             Fri 04 Jul 2025 13:02:05 +0000
Manifest this update:     Fri 04 Jul 2025 13:02:05 +0000
Manifest next update:     Sat 05 Jul 2025 13:02:05 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: Km9p3vpRaGRCPSbUsBOxjI/anfQ/sV3mKPSR6+sX9hg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 13:02:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d5:87:a3:a0:6f:9f:fd:6d:0b:9f:e7:84:9a:ec:6f:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Jul  4 13:02:05 2025 GMT
            Not After : Jul  5 13:02:05 2025 GMT
        Subject: CN=c9cefd9bd9d18e365fbe15c587174070a09c5c63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bd:3b:fb:87:86:ad:74:53:8e:79:32:b2:00:
                    5b:87:71:98:07:82:21:f0:9b:98:3b:37:ca:38:26:
                    27:d8:8f:b4:8a:10:6f:9f:f8:f7:f7:f0:b5:ed:cd:
                    3c:b0:cd:ee:9f:3a:ce:12:33:f2:da:a6:5c:99:e2:
                    a0:e0:6a:d2:79:64:fb:23:e5:52:c2:07:e5:19:16:
                    fe:0a:94:86:6f:92:46:84:91:ef:8f:5c:f4:3c:0e:
                    08:63:e7:80:b0:7f:34:5a:d9:03:ff:91:91:3d:19:
                    26:be:a8:5f:9c:27:0e:46:16:0a:62:fc:29:e7:a5:
                    48:15:ef:0f:6b:93:ab:af:2e:4d:87:07:3e:a7:da:
                    35:10:b0:9e:ab:dc:b4:0d:51:3f:56:67:2c:90:e9:
                    7f:1e:27:20:0e:33:74:7d:c2:53:a6:7d:1f:22:9f:
                    0a:3d:98:b5:61:51:ed:77:c4:f5:1c:33:66:17:0b:
                    5c:0a:6f:4b:a4:a7:bb:30:2f:87:41:96:f7:48:b1:
                    24:77:f4:65:86:69:f0:7a:4e:a8:84:7b:51:8a:d2:
                    09:62:70:ad:ba:42:d2:b2:ab:dd:8b:9b:ee:f4:87:
                    c8:bd:43:32:1f:bd:7d:a9:e7:0f:4f:84:cd:20:09:
                    cd:42:34:4c:09:b4:00:f8:79:72:b5:4d:dc:58:82:
                    6a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:CE:FD:9B:D9:D1:8E:36:5F:BE:15:C5:87:17:40:70:A0:9C:5C:63
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:52:b2:2f:25:6b:d4:19:09:85:20:b0:93:bc:b2:2f:44:d5:
         bf:91:08:06:a4:70:95:32:0a:de:ef:b8:04:0a:29:10:d6:d4:
         c8:79:2c:07:2f:69:e8:ee:0a:3e:5b:7b:37:e6:aa:b5:0c:be:
         ee:12:04:d9:28:c1:d7:0e:d3:ea:8e:8e:e9:bc:43:6a:68:ea:
         92:ac:0c:77:8a:15:ec:cd:a1:e2:93:77:b4:54:fd:25:f8:7f:
         f4:c4:c1:e8:9e:6f:a2:ac:05:7b:49:f3:86:7c:b3:56:5f:af:
         0f:9b:0e:93:f4:ea:00:c0:92:db:e0:5e:0d:43:6e:fd:e6:85:
         04:64:99:77:b4:14:e4:1f:e1:26:09:9c:c4:24:7f:01:50:9a:
         a0:1c:fc:f6:e1:28:cb:76:e1:2c:9c:20:52:0b:ec:0e:4f:f5:
         d5:1f:12:38:df:e7:be:03:ec:7e:a1:60:5f:0c:31:76:ea:db:
         16:28:e7:d0:50:89:df:2c:11:79:e9:4f:32:89:95:9a:80:90:
         16:06:ed:da:d9:b5:27:e3:6c:c0:fc:ee:cd:e7:d9:3a:73:db:
         ab:09:68:9b:e3:e8:66:30:fd:61:5a:2f:6c:8c:a5:b9:fb:20:
         09:b7:8d:73:9d:25:8d:24:ef:9a:dd:e2:bb:92:51:f7:52:67:
         a9:10:7d:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfVh6Ogb5/9bQuf54Sa7G8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUwNzA0MTMwMjA1WhcNMjUwNzA1MTMwMjA1WjAzMTEwLwYDVQQD
EyhjOWNlZmQ5YmQ5ZDE4ZTM2NWZiZTE1YzU4NzE3NDA3MGEwOWM1YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL07+4eGrXRTjnkysgBbh3GYB4Ih
8JuYOzfKOCYn2I+0ihBvn/j39/C17c08sM3unzrOEjPy2qZcmeKg4GrSeWT7I+VS
wgflGRb+CpSGb5JGhJHvj1z0PA4IY+eAsH80WtkD/5GRPRkmvqhfnCcORhYKYvwp
56VIFe8Pa5Orry5Nhwc+p9o1ELCeq9y0DVE/VmcskOl/HicgDjN0fcJTpn0fIp8K
PZi1YVHtd8T1HDNmFwtcCm9LpKe7MC+HQZb3SLEkd/Rlhmnwek6ohHtRitIJYnCt
ukLSsqvdi5vu9IfIvUMyH719qecPT4TNIAnNQjRMCbQA+HlytU3cWIJqeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnO/ZvZ0Y42X74VxYcXQHCgnFxjMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFKyLyVr
1BkJhSCwk7yyL0TVv5EIBqRwlTIK3u+4BAopENbUyHksBy9p6O4KPlt7N+aqtQy+
7hIE2SjB1w7T6o6O6bxDamjqkqwMd4oV7M2h4pN3tFT9Jfh/9MTB6J5voqwFe0nz
hnyzVl+vD5sOk/TqAMCS2+BeDUNu/eaFBGSZd7QU5B/hJgmcxCR/AVCaoBz89uEo
y3bhLJwgUgvsDk/11R8SON/nvgPsfqFgXwwxdurbFijn0FCJ3ywReelPMomVmoCQ
Fgbt2tm1J+NswPzuzefZOnPbqwlom+PoZjD9YVovbIylufsgCbeNc50ljSTvmt3i
u5JR91JnqRB95Q==
-----END CERTIFICATE-----