Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
File:                     ap2Z4esn7Hq76TViechBGkEw_co.mft (raw, json)
Hash identifier:          jNeMCERJRIcfS/Z1IXK/5mea0O8dP4a7YKHcnU36UEE=
Subject key identifier:   D6:7B:75:80:DF:BB:47:9C:55:7F:23:38:F8:DD:2B:BD:8F:32:45:AA
Authority key identifier: 6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA
Certificate issuer:       /CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
Certificate serial:       0199240D0C29DB6DF6AA2F4BF278C8A68E7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
Manifest number:          0CE8
Signing time:             Sun 07 Sep 2025 12:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 12:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 12:00:58 +0000
Files and hashes:         1: ap2Z4esn7Hq76TViechBGkEw_co.crl (hash: R23VIndqGN9nM9D4BLg0mnXwn2nDluHKeyJ+cx6i6nc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:0c:29:db:6d:f6:aa:2f:4b:f2:78:c8:a6:8e:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
        Validity
            Not Before: Sep  7 12:00:58 2025 GMT
            Not After : Sep  8 12:00:58 2025 GMT
        Subject: CN=d67b7580dfbb479c557f2338f8dd2bbd8f3245aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:67:a7:b2:4b:91:d5:66:d2:10:d3:eb:e8:c8:
                    e4:7e:9c:0e:c6:42:43:c8:3f:13:b3:1d:2b:53:d1:
                    40:b3:6a:d6:27:00:9f:ac:97:98:9b:b4:96:0c:f3:
                    1e:cd:84:9d:69:21:c2:85:5c:c5:c6:53:28:6f:d9:
                    30:cd:a9:96:5b:cc:a3:1c:95:06:67:fe:50:ef:b5:
                    1b:ae:4b:45:9a:dd:be:a3:fb:fc:38:06:16:6b:7d:
                    cd:69:ac:6d:7c:41:c8:87:00:0c:05:4d:e8:86:f2:
                    04:e5:54:b8:d1:c4:24:ab:b7:26:23:15:97:00:2e:
                    44:17:98:34:54:01:66:82:b8:ca:b9:21:23:c7:83:
                    d0:63:ac:b3:75:57:3d:9e:72:a7:c5:32:23:e0:ce:
                    68:36:ae:36:d7:f0:e5:74:92:4f:26:43:65:b7:08:
                    e0:f0:ca:29:3f:f2:46:8f:db:5e:7f:10:46:45:a2:
                    50:14:50:5f:04:76:85:60:dd:3f:fb:58:20:c0:51:
                    50:8c:97:35:3a:f4:22:96:1a:13:67:13:0d:85:78:
                    47:45:d8:86:56:18:c2:d9:a2:9f:b4:7a:bf:cc:c6:
                    b7:66:22:59:5d:04:43:8c:b2:5f:39:af:8d:a9:ee:
                    7f:64:20:c7:0c:b3:02:84:61:98:3a:5a:4a:85:66:
                    72:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7B:75:80:DF:BB:47:9C:55:7F:23:38:F8:DD:2B:BD:8F:32:45:AA
            X509v3 Authority Key Identifier:
                keyid:6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:9f:de:df:61:cf:3f:31:bb:54:a5:ee:04:0b:97:8c:27:1a:
         8a:2a:1e:bb:f3:7b:9b:1b:28:b5:c3:1b:cd:cd:55:b5:ef:5c:
         ae:7f:40:97:af:8a:4d:79:3f:3a:8f:fe:b0:74:79:fc:b9:5f:
         3c:f6:72:10:42:7f:4b:f2:2e:6a:90:24:8d:ed:3e:8b:fa:9c:
         80:26:65:60:71:26:9b:c3:2e:88:1b:7d:2c:f7:39:fe:39:2c:
         03:6c:b8:b6:ab:3f:2d:d0:5c:00:c8:7a:af:4c:28:a8:06:e3:
         3b:d0:73:de:da:14:17:30:be:74:76:03:af:2b:4a:14:fb:87:
         b2:4f:47:bb:47:64:fc:46:71:1e:c8:b8:9c:e8:e9:94:5f:3d:
         02:90:77:a3:8a:70:e5:e9:69:64:76:d7:dc:34:74:7d:4a:f7:
         f4:78:b4:aa:81:a3:01:9c:cd:33:13:40:a5:31:76:df:0a:d0:
         79:53:e7:5e:83:81:ee:93:36:aa:5f:57:17:df:0f:ad:0b:92:
         5f:a8:7b:eb:f5:3e:78:4a:b0:f3:7c:52:82:4c:62:32:75:5a:
         33:b8:34:a3:25:73:ce:e6:bd:c1:c5:5b:69:9e:62:d5:de:14:
         a7:76:1a:ff:28:6c:13:54:14:4b:d0:3a:02:26:fd:1a:75:6e:
         20:18:45:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDQwp2232qi9L8njIpo57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ5OWUxZWIyN2VjN2FiYmU5MzU2Mjc5Yzg0MTFhNDEz
MGZkY2EwHhcNMjUwOTA3MTIwMDU4WhcNMjUwOTA4MTIwMDU4WjAzMTEwLwYDVQQD
EyhkNjdiNzU4MGRmYmI0NzljNTU3ZjIzMzhmOGRkMmJiZDhmMzI0NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWenskuR1WbSENPr6MjkfpwOxkJD
yD8Tsx0rU9FAs2rWJwCfrJeYm7SWDPMezYSdaSHChVzFxlMob9kwzamWW8yjHJUG
Z/5Q77UbrktFmt2+o/v8OAYWa33NaaxtfEHIhwAMBU3ohvIE5VS40cQkq7cmIxWX
AC5EF5g0VAFmgrjKuSEjx4PQY6yzdVc9nnKnxTIj4M5oNq421/DldJJPJkNltwjg
8MopP/JGj9tefxBGRaJQFFBfBHaFYN0/+1ggwFFQjJc1OvQilhoTZxMNhXhHRdiG
VhjC2aKftHq/zMa3ZiJZXQRDjLJfOa+Nqe5/ZCDHDLMChGGYOlpKhWZyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZ7dYDfu0ecVX8jOPjdK72PMkWqMB8GA1UdIwQY
MBaAFGqdmeHrJ+x6u+k1YnnIQRpBMP3KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQt
YjdkYWYyZTYwZjZmLzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQtYjdkYWYyZTYwZjZm
LzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5/e32HP
PzG7VKXuBAuXjCcaiioeu/N7mxsotcMbzc1Vte9crn9Al6+KTXk/Oo/+sHR5/Llf
PPZyEEJ/S/IuapAkje0+i/qcgCZlYHEmm8MuiBt9LPc5/jksA2y4tqs/LdBcAMh6
r0woqAbjO9Bz3toUFzC+dHYDrytKFPuHsk9Hu0dk/EZxHsi4nOjplF89ApB3o4pw
5elpZHbX3DR0fUr39Hi0qoGjAZzNMxNApTF23wrQeVPnXoOB7pM2ql9XF98PrQuS
X6h76/U+eEqw83xSgkxiMnVaM7g0oyVzzua9wcVbaZ5i1d4Up3Ya/yhsE1QUS9A6
Aib9GnVuIBhFBg==
-----END CERTIFICATE-----