Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          i1+j54u5YhEmNi7ueyxnsHZadx6Ed962hnDICYme8zE=
Subject key identifier:   FE:B4:0E:C3:B6:55:E3:24:86:73:3A:9C:AD:C6:11:4C:C2:E9:83:14
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       0199221E5369B3B9E58564C69A7EB93AB0E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0D8C
Signing time:             Sun 07 Sep 2025 03:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:36 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: vEYrSISQNd01mMqGQ0l/V0GNC+b/MIDdk4jMG0jHf2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:53:69:b3:b9:e5:85:64:c6:9a:7e:b9:3a:b0:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Sep  7 03:00:36 2025 GMT
            Not After : Sep  8 03:00:36 2025 GMT
        Subject: CN=feb40ec3b655e32486733a9cadc6114cc2e98314
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a0:09:78:fa:f2:0f:97:bd:08:1c:7a:03:48:
                    a3:41:a2:53:49:d4:37:9a:3e:79:19:4b:5b:7e:03:
                    81:dc:84:1d:0b:e1:96:3d:7b:f2:ed:a1:55:6d:88:
                    da:82:9e:42:db:d1:f5:cf:78:a7:77:a8:e4:bb:7a:
                    dc:1a:bf:37:0e:fa:b0:b7:a1:36:57:1e:91:05:b9:
                    92:44:8c:bc:f2:b5:25:df:93:38:1b:31:79:77:56:
                    cf:67:21:b6:31:34:da:70:d3:c6:88:b7:46:40:26:
                    38:2c:f2:1b:05:fb:2e:3d:6c:8b:75:9b:d9:d7:3b:
                    18:3e:ef:83:9e:bd:1d:3b:65:96:00:c7:0f:4c:8a:
                    8a:7f:de:6a:0e:d4:36:23:9e:6e:38:b9:45:53:b4:
                    b1:bd:db:2d:b5:f4:42:55:32:6c:67:37:39:c9:90:
                    79:b5:b6:1a:bb:a6:17:6f:09:1b:26:95:16:3e:d1:
                    b9:61:62:08:20:e4:cc:4d:fd:d2:db:de:70:71:ca:
                    44:f2:9b:05:2b:b0:0e:74:af:16:63:4e:95:41:24:
                    f0:a9:5a:cb:23:a9:37:44:ce:63:a0:0f:fe:52:eb:
                    ad:68:ea:01:bb:20:12:51:f2:e5:b0:2f:d0:d5:0d:
                    ed:a2:87:c4:cc:aa:88:b5:66:65:91:1a:7e:94:3a:
                    97:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:B4:0E:C3:B6:55:E3:24:86:73:3A:9C:AD:C6:11:4C:C2:E9:83:14
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:ab:2b:37:b3:87:4b:73:d7:29:cd:c9:7b:a6:df:45:b1:9e:
         42:18:04:0e:69:fb:5b:bd:0a:5a:b0:25:77:68:2d:f2:8a:a9:
         45:ea:36:78:79:41:e6:2f:6c:e8:0a:79:06:5c:18:f4:21:16:
         37:14:f8:ce:06:b0:c9:b9:4f:e2:bd:16:62:62:52:8c:50:50:
         3f:97:3e:67:dc:5c:e1:4a:a6:c7:59:14:ed:bd:90:63:f8:1f:
         5d:27:39:92:cd:26:b1:59:58:75:29:b1:4a:de:46:af:6a:60:
         01:c6:49:95:89:14:e7:c4:81:e4:a7:a5:04:13:2a:c5:3c:bd:
         27:90:e8:8d:db:09:ad:4e:31:f6:e2:1b:46:75:ed:28:f3:73:
         ac:9c:8e:cb:5b:83:8c:92:f8:81:59:4a:01:21:8d:8d:ab:c4:
         97:3c:05:37:f6:3a:ee:6b:a1:37:30:a9:dd:3e:04:1b:4c:1c:
         b8:00:11:f3:c7:1e:d7:e6:a5:1d:75:ac:7b:e5:a3:79:23:e3:
         77:7e:db:b1:08:07:f6:2f:e5:0f:22:12:ff:66:6e:72:39:af:
         7b:92:7f:e3:34:d8:68:be:46:93:43:0f:04:39:9e:61:05:3d:
         41:34:a0:1a:bf:69:8f:a2:9d:08:a3:d4:47:22:83:d1:5c:30:
         dc:7e:b5:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHlNps7nlhWTGmn65OrDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUwOTA3MDMwMDM2WhcNMjUwOTA4MDMwMDM2WjAzMTEwLwYDVQQD
EyhmZWI0MGVjM2I2NTVlMzI0ODY3MzNhOWNhZGM2MTE0Y2MyZTk4MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaAJePryD5e9CBx6A0ijQaJTSdQ3
mj55GUtbfgOB3IQdC+GWPXvy7aFVbYjagp5C29H1z3ind6jku3rcGr83Dvqwt6E2
Vx6RBbmSRIy88rUl35M4GzF5d1bPZyG2MTTacNPGiLdGQCY4LPIbBfsuPWyLdZvZ
1zsYPu+Dnr0dO2WWAMcPTIqKf95qDtQ2I55uOLlFU7SxvdsttfRCVTJsZzc5yZB5
tbYau6YXbwkbJpUWPtG5YWIIIOTMTf3S295wccpE8psFK7AOdK8WY06VQSTwqVrL
I6k3RM5joA/+UuutaOoBuyASUfLlsC/Q1Q3toofEzKqItWZlkRp+lDqX9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP60DsO2VeMkhnM6nK3GEUzC6YMUMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqsrN7OH
S3PXKc3Je6bfRbGeQhgEDmn7W70KWrAld2gt8oqpReo2eHlB5i9s6Ap5BlwY9CEW
NxT4zgawyblP4r0WYmJSjFBQP5c+Z9xc4Uqmx1kU7b2QY/gfXSc5ks0msVlYdSmx
St5Gr2pgAcZJlYkU58SB5KelBBMqxTy9J5DojdsJrU4x9uIbRnXtKPNzrJyOy1uD
jJL4gVlKASGNjavElzwFN/Y67muhNzCp3T4EG0wcuAAR88ce1+alHXWse+WjeSPj
d37bsQgH9i/lDyIS/2Zucjmve5J/4zTYaL5Gk0MPBDmeYQU9QTSgGr9pj6KdCKPU
RyKD0Vww3H61zw==
-----END CERTIFICATE-----