Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          QMves2aq66VSYZTAzdBjicXWVEVq9uq26+omR1tjDN8=
Subject key identifier:   B2:1A:E7:90:5B:3F:1D:E2:10:C5:8B:44:95:0A:76:1D:70:CE:DD:8B
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       01991809152A3DA2014F8803A10D6561FB7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          015E
Signing time:             Fri 05 Sep 2025 04:01:12 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:12 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:12 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: TpgxnRdR9d2K/W7xfUROuxGUF5FobZfYGuGfYoR2C8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:15:2a:3d:a2:01:4f:88:03:a1:0d:65:61:fb:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Sep  5 04:01:12 2025 GMT
            Not After : Sep  6 04:01:12 2025 GMT
        Subject: CN=b21ae7905b3f1de210c58b44950a761d70cedd8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a8:64:93:cb:c3:a6:ce:ce:34:6b:52:8b:d0:
                    ff:7e:b7:c8:9a:16:e0:df:b9:22:79:99:c7:da:62:
                    ad:9f:e3:bc:4f:ff:6f:47:13:84:79:20:5f:72:8e:
                    10:c8:b9:60:c3:b4:0c:25:22:b2:53:88:67:b4:60:
                    19:89:3b:f4:2e:0f:c6:ef:d9:30:86:10:71:c0:15:
                    fb:d1:4c:6a:8e:2c:03:09:bf:4c:2d:46:81:05:d8:
                    70:1f:4e:ca:cf:b8:21:d4:e2:ff:6c:9e:3f:cf:03:
                    09:ab:57:f6:97:40:b2:15:6f:12:9b:a7:17:97:9a:
                    93:b1:b9:f4:85:81:c1:11:ae:e9:0b:55:b2:8b:c0:
                    f9:a9:5c:c9:f6:48:17:53:49:fc:5f:33:5d:1f:4b:
                    34:88:55:0a:1a:3a:46:75:55:cd:67:d6:a4:5c:f2:
                    b7:41:65:2e:03:1f:dc:f1:82:29:3f:0f:e2:21:b4:
                    20:c4:ac:fc:c5:4c:d5:bb:c1:50:7e:33:23:a9:98:
                    80:d1:2f:be:18:b3:de:80:a5:d1:f7:b9:7c:a1:1a:
                    53:c6:55:a5:10:45:a0:54:b4:0d:1f:dd:d7:0a:5a:
                    cc:37:c3:6d:b1:42:d5:25:95:4a:dd:04:d2:7c:59:
                    29:fe:f3:1d:d6:ea:af:7c:d8:50:7f:f7:d6:f8:41:
                    3f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:1A:E7:90:5B:3F:1D:E2:10:C5:8B:44:95:0A:76:1D:70:CE:DD:8B
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:c5:72:6d:6a:b5:66:3e:27:84:8b:d3:a0:4c:26:b1:8e:36:
         23:44:78:e0:91:38:09:9a:5f:0b:ae:b2:dc:bb:ba:2c:42:ca:
         8d:b2:7e:f8:0a:73:77:8a:da:45:49:ea:8b:be:c4:6d:c4:0c:
         8f:7e:fc:72:5c:76:7c:e1:d9:3e:ba:76:14:48:be:14:7b:8b:
         ed:51:b9:e7:dd:8a:cb:28:25:3c:fc:7e:63:44:0c:0c:58:bf:
         6f:53:3a:78:5f:9e:89:a5:97:f3:b9:bf:c6:44:05:ce:30:10:
         89:98:96:17:aa:19:bc:02:2c:31:9b:d3:a5:30:d2:21:78:2d:
         2c:d1:91:c1:bd:a6:10:55:a7:ab:6a:99:a1:35:3c:0f:2f:9b:
         7b:86:42:59:a6:f9:42:de:a0:50:93:00:c5:38:26:f1:5a:88:
         d7:b6:a1:85:d4:9a:fc:96:4d:6d:5d:f1:b6:6b:e4:dc:ab:7e:
         0d:33:d5:ef:47:cf:c0:ce:50:9c:c8:ec:b7:84:b4:30:54:a4:
         55:46:8a:d4:60:75:f0:2b:19:be:b6:a8:23:02:9c:95:c3:76:
         b5:0f:8e:30:e0:c2:d1:3f:26:9e:32:7e:0c:a1:60:4b:9b:d3:
         4e:a0:7d:30:4d:09:79:bf:98:3a:20:05:ad:98:6d:28:85:bc:
         db:f3:e2:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCRUqPaIBT4gDoQ1lYft9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwOTA1MDQwMTEyWhcNMjUwOTA2MDQwMTEyWjAzMTEwLwYDVQQD
EyhiMjFhZTc5MDViM2YxZGUyMTBjNThiNDQ5NTBhNzYxZDcwY2VkZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqhkk8vDps7ONGtSi9D/frfImhbg
37kieZnH2mKtn+O8T/9vRxOEeSBfco4QyLlgw7QMJSKyU4hntGAZiTv0Lg/G79kw
hhBxwBX70UxqjiwDCb9MLUaBBdhwH07Kz7gh1OL/bJ4/zwMJq1f2l0CyFW8Sm6cX
l5qTsbn0hYHBEa7pC1Wyi8D5qVzJ9kgXU0n8XzNdH0s0iFUKGjpGdVXNZ9akXPK3
QWUuAx/c8YIpPw/iIbQgxKz8xUzVu8FQfjMjqZiA0S++GLPegKXR97l8oRpTxlWl
EEWgVLQNH93XClrMN8NtsULVJZVK3QTSfFkp/vMd1uqvfNhQf/fW+EE/PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIa55BbPx3iEMWLRJUKdh1wzt2LMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsVybWq1
Zj4nhIvToEwmsY42I0R44JE4CZpfC66y3Lu6LELKjbJ++Apzd4raRUnqi77EbcQM
j378clx2fOHZPrp2FEi+FHuL7VG5592KyyglPPx+Y0QMDFi/b1M6eF+eiaWX87m/
xkQFzjAQiZiWF6oZvAIsMZvTpTDSIXgtLNGRwb2mEFWnq2qZoTU8Dy+be4ZCWab5
Qt6gUJMAxTgm8VqI17ahhdSa/JZNbV3xtmvk3Kt+DTPV70fPwM5QnMjst4S0MFSk
VUaK1GB18CsZvraoIwKclcN2tQ+OMODC0T8mnjJ+DKFgS5vTTqB9ME0Jeb+YOiAF
rZhtKIW82/PiNw==
-----END CERTIFICATE-----