Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          bxIj1pV/eS5CKqWdcGGmShOdC4F7o7fWKc5qBl9hY5E=
Subject key identifier:   9D:C1:A1:E1:9E:09:B3:E4:A2:31:E0:9F:66:18:B9:BD:4F:65:13:CB
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       0199239FED8D9E91F49AD6BF5B8E668E89C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0D0A
Signing time:             Sun 07 Sep 2025 10:01:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:47 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: mz4A4Q0aI10x2yGpL2qoDrR8dOxo/f1aUNu2a4S1SL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ed:8d:9e:91:f4:9a:d6:bf:5b:8e:66:8e:89:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Sep  7 10:01:47 2025 GMT
            Not After : Sep  8 10:01:47 2025 GMT
        Subject: CN=9dc1a1e19e09b3e4a231e09f6618b9bd4f6513cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:af:ee:98:ec:67:5a:cb:93:fa:cd:d9:09:1c:
                    0c:08:fb:fb:e1:a0:58:e6:de:ab:0b:0d:a3:7e:4d:
                    09:36:88:ed:b7:80:2e:69:54:87:bc:f3:f0:ea:1e:
                    54:2a:21:8a:41:70:99:4a:19:73:fd:45:2f:50:26:
                    11:a6:89:06:76:30:4e:38:3d:a6:10:f7:d9:29:a4:
                    ff:fd:80:17:65:ee:ea:f5:1e:1e:fd:08:c3:63:8d:
                    e0:13:9e:9e:b2:4d:63:e8:22:57:c0:0e:37:b6:d1:
                    8b:b8:33:fa:d4:8a:61:b0:73:a2:ac:4b:e5:50:fc:
                    d5:b7:f2:95:82:3d:cb:74:39:85:54:c3:1d:be:bb:
                    1a:59:a7:08:2e:92:3c:13:2f:55:7d:c7:34:c9:97:
                    a4:1e:89:fb:8b:da:60:0d:e2:4d:a4:17:ca:a1:14:
                    18:c2:bf:e8:86:89:ca:ce:a3:40:54:eb:22:5b:ba:
                    43:26:18:3a:3f:77:7a:d0:fa:37:0f:be:72:23:00:
                    60:2e:46:5b:01:94:21:e9:b0:84:07:2c:5b:01:7a:
                    99:f7:44:e3:72:45:f2:09:6b:16:76:76:05:8d:a0:
                    e2:e1:27:52:96:d3:bb:d9:64:71:04:37:8e:cb:5e:
                    e5:f1:0e:66:13:b7:63:88:3d:3a:22:36:bb:f4:f4:
                    ea:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:C1:A1:E1:9E:09:B3:E4:A2:31:E0:9F:66:18:B9:BD:4F:65:13:CB
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:ed:71:86:30:59:23:41:75:d5:6b:9e:cd:66:df:c0:3e:68:
         a7:26:d7:ea:07:05:f2:85:e5:33:f6:e2:74:7c:7e:f3:a2:b8:
         1f:91:72:fd:19:31:36:1c:e7:fa:be:f3:e3:04:d5:7e:f5:19:
         a0:d6:59:99:93:66:7b:92:f3:41:0a:c7:c4:74:27:d5:db:4b:
         1b:4e:ec:f0:77:11:48:42:e8:df:12:0e:21:4f:46:38:8b:a9:
         d5:01:5d:9c:50:8b:a5:60:4d:78:3a:5f:8c:3e:9b:f7:dc:48:
         a7:30:ae:e1:ad:d9:da:e1:ae:e8:58:77:0b:3e:f4:1b:fd:4f:
         a5:5b:56:31:b8:d4:f5:4a:cd:0b:52:50:85:26:18:05:45:e2:
         20:42:40:53:8a:c1:48:74:39:6f:41:c3:f6:e6:02:66:28:ae:
         e0:ad:00:db:6f:7d:24:a2:f8:64:a3:9f:42:b2:a6:87:c5:49:
         06:aa:f4:6e:e2:67:5a:94:69:26:f8:c5:ae:6e:48:22:1d:ce:
         53:5d:a4:f4:91:9c:b5:0d:f2:29:eb:c1:f3:6b:fa:30:40:ba:
         e2:9c:2c:e9:20:f7:d4:d7:2d:89:24:af:bf:b0:56:a7:52:22:
         c4:c0:33:2e:46:5d:3a:e1:51:d7:88:89:c4:bc:f9:09:b6:31:
         0f:6a:32:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+2NnpH0mta/W45mjonFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjUwOTA3MTAwMTQ3WhcNMjUwOTA4MTAwMTQ3WjAzMTEwLwYDVQQD
Eyg5ZGMxYTFlMTllMDliM2U0YTIzMWUwOWY2NjE4YjliZDRmNjUxM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3a/umOxnWsuT+s3ZCRwMCPv74aBY
5t6rCw2jfk0JNojtt4AuaVSHvPPw6h5UKiGKQXCZShlz/UUvUCYRpokGdjBOOD2m
EPfZKaT//YAXZe7q9R4e/QjDY43gE56esk1j6CJXwA43ttGLuDP61IphsHOirEvl
UPzVt/KVgj3LdDmFVMMdvrsaWacILpI8Ey9Vfcc0yZekHon7i9pgDeJNpBfKoRQY
wr/ohonKzqNAVOsiW7pDJhg6P3d60Po3D75yIwBgLkZbAZQh6bCEByxbAXqZ90Tj
ckXyCWsWdnYFjaDi4SdSltO72WRxBDeOy17l8Q5mE7djiD06Ija79PTqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3BoeGeCbPkojHgn2YYub1PZRPLMB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM+1xhjBZ
I0F11WuezWbfwD5opybX6gcF8oXlM/bidHx+86K4H5Fy/RkxNhzn+r7z4wTVfvUZ
oNZZmZNme5LzQQrHxHQn1dtLG07s8HcRSELo3xIOIU9GOIup1QFdnFCLpWBNeDpf
jD6b99xIpzCu4a3Z2uGu6Fh3Cz70G/1PpVtWMbjU9UrNC1JQhSYYBUXiIEJAU4rB
SHQ5b0HD9uYCZiiu4K0A2299JKL4ZKOfQrKmh8VJBqr0buJnWpRpJvjFrm5IIh3O
U12k9JGctQ3yKevB82v6MEC64pws6SD31NctiSSvv7BWp1IixMAzLkZdOuFR14iJ
xLz5CbYxD2oy+w==
-----END CERTIFICATE-----