Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File:                     I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier:          9XgruE1mhFlTw/qnqBWsHuRRzyEvUyPAJItQJ5xA0aQ=
Subject key identifier:   A8:07:9F:D8:34:67:51:DE:C3:8A:D6:C8:A3:AF:79:B0:16:18:76:30
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer:       /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial:       0199221E52D4623F28B5D811B02CDD12CEEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number:          BF
Signing time:             Sun 07 Sep 2025 03:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:36 +0000
Files and hashes:         1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: BcCUZB8rqxOsfbO5q5NfM3XLntG/j/BQkNnIp0kFJz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:52:d4:62:3f:28:b5:d8:11:b0:2c:dd:12:ce:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
        Validity
            Not Before: Sep  7 03:00:36 2025 GMT
            Not After : Sep  8 03:00:36 2025 GMT
        Subject: CN=a8079fd8346751dec38ad6c8a3af79b016187630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9f:f2:fb:69:55:39:82:00:f1:e9:30:81:ed:
                    8e:64:dd:54:7d:36:83:0c:77:7b:e0:78:c3:7f:85:
                    01:ae:57:35:70:7a:62:93:95:bf:d6:9e:9f:e0:04:
                    f1:7a:a1:ac:bf:fb:0e:54:bf:44:98:d3:d1:b9:53:
                    74:bf:2d:fb:7b:c9:96:22:c1:72:80:c1:73:02:8f:
                    57:c0:82:21:92:6d:29:19:ea:a3:e8:a9:7f:be:3d:
                    a4:6c:6d:fa:8c:80:db:61:ef:38:a8:19:d2:39:6a:
                    ef:31:41:24:3f:63:1d:a1:c4:81:2b:1c:26:7b:8f:
                    ef:25:d7:84:38:af:46:50:47:ad:18:01:a2:e1:c7:
                    ea:16:ad:df:92:34:15:75:69:a0:34:71:0c:f6:6c:
                    dd:57:76:6b:9d:be:7f:77:7d:1e:de:52:c8:4d:3f:
                    b8:7e:5f:d0:32:e5:21:3b:b2:1d:8e:14:fb:08:cb:
                    65:00:b7:59:7d:33:79:18:30:99:6b:32:e1:c7:ac:
                    19:bf:fd:29:40:63:ca:fd:74:fb:a6:0c:35:a9:d4:
                    98:8c:03:c1:95:52:54:13:ac:4d:19:e6:5b:6c:74:
                    af:0c:3e:91:a5:93:ac:0a:54:00:df:ad:83:e5:9f:
                    b2:21:1c:dc:8c:90:ee:cf:1d:47:40:e7:fd:b1:07:
                    fc:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:07:9F:D8:34:67:51:DE:C3:8A:D6:C8:A3:AF:79:B0:16:18:76:30
            X509v3 Authority Key Identifier:
                keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:cf:70:7b:f9:f5:1f:90:85:2a:56:f0:3b:ac:8d:05:f5:be:
         9c:31:46:4f:1b:a1:c0:e6:e5:da:c3:d8:74:fc:48:c7:f6:17:
         f2:5e:70:a6:05:10:c6:e5:3d:0a:3d:0c:48:87:b9:c8:af:de:
         94:9f:8f:a9:c0:6f:d5:a1:80:d9:a2:63:64:54:71:c5:e0:48:
         0f:a8:59:e6:5b:c5:5e:eb:ae:3f:d7:3d:f2:3b:93:93:d0:60:
         c0:b2:69:93:06:88:8d:90:eb:f5:9d:94:cc:a2:81:72:0c:b5:
         e8:92:4f:2e:bc:dd:58:dd:30:a3:e7:d1:67:b1:f3:05:4b:0e:
         a5:49:11:66:ed:eb:78:42:63:85:d6:d3:79:a1:36:bd:5d:b7:
         ba:be:91:0e:a5:5b:55:cc:c8:f7:42:af:07:74:40:3e:99:00:
         31:76:cb:9a:6e:af:76:b8:78:24:38:3a:50:7a:00:24:53:07:
         ad:aa:cb:51:4a:eb:97:2d:4a:96:56:ed:9b:01:cb:46:8c:12:
         32:09:36:b1:5a:68:06:bf:ff:ae:80:c8:05:4a:67:c7:7e:07:
         a3:f5:8f:ee:90:b4:2b:b8:3e:01:ce:36:e2:e7:ca:39:ff:0e:
         2e:e5:7b:1a:a6:fc:c8:e8:27:3a:79:22:a8:41:83:f5:7e:11:
         dd:35:a0:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHlLUYj8otdgRsCzdEs7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjUwOTA3MDMwMDM2WhcNMjUwOTA4MDMwMDM2WjAzMTEwLwYDVQQD
EyhhODA3OWZkODM0Njc1MWRlYzM4YWQ2YzhhM2FmNzliMDE2MTg3NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05/y+2lVOYIA8ekwge2OZN1UfTaD
DHd74HjDf4UBrlc1cHpik5W/1p6f4ATxeqGsv/sOVL9EmNPRuVN0vy37e8mWIsFy
gMFzAo9XwIIhkm0pGeqj6Kl/vj2kbG36jIDbYe84qBnSOWrvMUEkP2MdocSBKxwm
e4/vJdeEOK9GUEetGAGi4cfqFq3fkjQVdWmgNHEM9mzdV3Zrnb5/d30e3lLITT+4
fl/QMuUhO7IdjhT7CMtlALdZfTN5GDCZazLhx6wZv/0pQGPK/XT7pgw1qdSYjAPB
lVJUE6xNGeZbbHSvDD6RpZOsClQA362D5Z+yIRzcjJDuzx1HQOf9sQf8PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgHn9g0Z1Hew4rWyKOvebAWGHYwMB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ89we/n1
H5CFKlbwO6yNBfW+nDFGTxuhwObl2sPYdPxIx/YX8l5wpgUQxuU9Cj0MSIe5yK/e
lJ+PqcBv1aGA2aJjZFRxxeBID6hZ5lvFXuuuP9c98juTk9BgwLJpkwaIjZDr9Z2U
zKKBcgy16JJPLrzdWN0wo+fRZ7HzBUsOpUkRZu3reEJjhdbTeaE2vV23ur6RDqVb
VczI90KvB3RAPpkAMXbLmm6vdrh4JDg6UHoAJFMHrarLUUrrly1KllbtmwHLRowS
Mgk2sVpoBr//roDIBUpnx34Ho/WP7pC0K7g+Ac424ufKOf8OLuV7Gqb8yOgnOnki
qEGD9X4R3TWgcQ==
-----END CERTIFICATE-----