Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
File:                     JTncEcLyIukQROG-eygeV23u5Fs.mft (raw, json)
Hash identifier:          T7FDAgcnZCd2U/UuxbGX6RahmB+ESg0Cd/I+76xHre8=
Subject key identifier:   D6:9D:B4:E1:E0:15:A4:D6:AA:7E:FE:C0:27:94:5D:75:19:A1:46:2E
Authority key identifier: 25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B
Certificate issuer:       /CN=2539dc11c2f222e91044e1be7b281e576deee45b
Certificate serial:       019921E7D9B2039321AF2392205BF3E0D6E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
Manifest number:          0147
Signing time:             Sun 07 Sep 2025 02:01:06 +0000
Manifest this update:     Sun 07 Sep 2025 02:01:06 +0000
Manifest next update:     Mon 08 Sep 2025 02:01:06 +0000
Files and hashes:         1: JTncEcLyIukQROG-eygeV23u5Fs.crl (hash: IOho1kh3DbsuRL23raMWooSuML2SIzXG6GHvk7wwfwI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:d9:b2:03:93:21:af:23:92:20:5b:f3:e0:d6:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2539dc11c2f222e91044e1be7b281e576deee45b
        Validity
            Not Before: Sep  7 02:01:06 2025 GMT
            Not After : Sep  8 02:01:06 2025 GMT
        Subject: CN=d69db4e1e015a4d6aa7efec027945d7519a1462e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f1:f6:73:11:11:c9:24:ea:ec:4d:c0:1a:28:
                    43:a8:15:9b:32:49:21:f3:9c:06:48:03:ac:15:ea:
                    76:71:31:d9:b9:2f:44:00:e0:2a:48:f3:5e:e8:c5:
                    99:5d:cc:a3:cc:0d:b6:2e:93:5a:81:90:79:7c:5e:
                    bd:c2:f2:fa:c0:3c:33:17:c0:a5:df:6a:39:ce:66:
                    c9:23:56:5b:a8:5c:95:68:1c:36:7b:5d:60:65:dc:
                    da:b4:23:01:30:74:10:2a:da:3c:19:7a:b5:70:10:
                    73:9a:1c:e0:ee:d3:77:fa:9b:0b:dc:6e:55:aa:d9:
                    5e:3b:4b:be:5b:f5:34:6d:38:7c:b3:13:79:51:9a:
                    d6:c3:22:e5:ba:e3:c7:33:e2:98:b0:c5:20:ec:86:
                    41:61:f4:26:36:b7:ef:dc:26:0a:53:31:2b:46:cb:
                    5b:09:e2:c1:ba:79:77:fb:3b:b8:06:f5:ce:ee:d4:
                    ba:ca:0f:8b:07:7a:e6:9e:ea:86:95:20:a3:73:eb:
                    1b:42:08:6a:07:92:17:51:b2:28:e3:56:48:9b:a2:
                    b4:78:62:07:f5:32:2a:99:da:84:48:26:b7:a5:2f:
                    6e:39:85:25:b0:d4:44:c1:df:db:22:58:5d:42:f4:
                    09:ec:47:b0:00:fc:19:75:83:6d:41:d1:34:fd:ce:
                    10:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:9D:B4:E1:E0:15:A4:D6:AA:7E:FE:C0:27:94:5D:75:19:A1:46:2E
            X509v3 Authority Key Identifier:
                keyid:25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:a2:69:07:6d:74:e4:b2:79:80:20:20:be:ca:81:db:41:d5:
         ce:c2:bb:87:e8:86:c1:f7:26:bd:13:2f:cb:ae:9f:09:25:2f:
         91:27:8b:24:16:ac:3e:19:26:9e:97:f2:01:58:d3:8a:a2:76:
         5d:46:59:99:2f:09:9f:e1:84:02:a3:62:23:e9:b7:45:ed:56:
         73:c4:bb:15:4b:fc:94:e5:77:ba:4a:c2:51:40:d9:b0:ee:e2:
         78:26:46:3f:e8:8f:17:63:04:a5:1c:91:37:fb:bb:76:b0:03:
         5c:dd:45:8e:17:3f:5e:cf:24:ec:db:2a:b9:31:a7:82:0b:81:
         7c:b0:bb:25:5b:62:f7:b8:03:3c:ab:81:8d:ff:75:b7:66:29:
         1d:0f:db:49:ee:3d:e5:76:4f:1b:92:03:39:78:47:8a:d0:7d:
         1e:21:88:bc:97:8d:12:2f:37:a8:bc:71:15:28:25:f4:8a:be:
         98:1f:f9:f7:52:7d:e4:75:c6:ac:12:10:ea:2a:53:91:59:d6:
         c0:60:7a:90:e4:17:b1:a5:85:fa:c3:7b:e4:d5:66:ef:f9:9c:
         e5:1b:70:70:91:c4:76:91:9d:73:15:82:0e:d5:a5:ab:88:8d:
         b6:60:ec:e9:da:e7:37:cf:4d:62:0b:b4:16:6b:9f:1a:e0:64:
         7f:99:f9:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh59myA5MhryOSIFvz4NbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzlkYzExYzJmMjIyZTkxMDQ0ZTFiZTdiMjgxZTU3NmRl
ZWU0NWIwHhcNMjUwOTA3MDIwMTA2WhcNMjUwOTA4MDIwMTA2WjAzMTEwLwYDVQQD
EyhkNjlkYjRlMWUwMTVhNGQ2YWE3ZWZlYzAyNzk0NWQ3NTE5YTE0NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvH2cxERySTq7E3AGihDqBWbMkkh
85wGSAOsFep2cTHZuS9EAOAqSPNe6MWZXcyjzA22LpNagZB5fF69wvL6wDwzF8Cl
32o5zmbJI1ZbqFyVaBw2e11gZdzatCMBMHQQKto8GXq1cBBzmhzg7tN3+psL3G5V
qtleO0u+W/U0bTh8sxN5UZrWwyLluuPHM+KYsMUg7IZBYfQmNrfv3CYKUzErRstb
CeLBunl3+zu4BvXO7tS6yg+LB3rmnuqGlSCjc+sbQghqB5IXUbIo41ZIm6K0eGIH
9TIqmdqESCa3pS9uOYUlsNREwd/bIlhdQvQJ7EewAPwZdYNtQdE0/c4QcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNadtOHgFaTWqn7+wCeUXXUZoUYuMB8GA1UdIwQY
MBaAFCU53BHC8iLpEEThvnsoHldt7uRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUt
MGZjOGRhMDUwM2M5LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUtMGZjOGRhMDUwM2M5
LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhaJpB210
5LJ5gCAgvsqB20HVzsK7h+iGwfcmvRMvy66fCSUvkSeLJBasPhkmnpfyAVjTiqJ2
XUZZmS8Jn+GEAqNiI+m3Re1Wc8S7FUv8lOV3ukrCUUDZsO7ieCZGP+iPF2MEpRyR
N/u7drADXN1Fjhc/Xs8k7NsquTGngguBfLC7JVti97gDPKuBjf91t2YpHQ/bSe49
5XZPG5IDOXhHitB9HiGIvJeNEi83qLxxFSgl9Iq+mB/591J95HXGrBIQ6ipTkVnW
wGB6kOQXsaWF+sN75NVm7/mc5RtwcJHEdpGdcxWCDtWlq4iNtmDs6drnN89NYgu0
FmufGuBkf5n5uw==
-----END CERTIFICATE-----