Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          iIJXIFGgzK0evL4FAb/4DZZMdnTxp2Rh838Q3WmDJu4=
Subject key identifier:   7B:6C:50:EF:E6:72:F5:2B:53:E0:72:57:6F:81:3F:78:FF:1C:7B:02
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019922FA64264CDD59DFE5D775AD4517B9FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          0826
Signing time:             Sun 07 Sep 2025 07:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:58 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: bh1QWtw7hlFhc6fZtRUdwv9Z7CVOBeAdSdZnc0k1nQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:64:26:4c:dd:59:df:e5:d7:75:ad:45:17:b9:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Sep  7 07:00:58 2025 GMT
            Not After : Sep  8 07:00:58 2025 GMT
        Subject: CN=7b6c50efe672f52b53e072576f813f78ff1c7b02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:14:27:47:06:6d:4d:bf:23:57:91:d5:7e:0d:
                    03:26:ee:87:20:de:f9:7c:7f:94:55:c8:85:24:c6:
                    06:33:b1:2c:92:39:db:ad:3d:d3:99:b2:fe:32:b0:
                    ee:98:c0:eb:a5:9d:b2:cc:62:6a:9a:f5:dc:ad:08:
                    aa:44:db:06:5a:80:ee:4b:4f:7b:d7:bd:6d:55:dc:
                    65:00:76:e7:2d:4a:04:f2:9b:4f:e3:fa:f4:8d:cb:
                    e0:ff:e5:7d:47:20:bc:f5:8f:92:6a:06:87:cc:fc:
                    54:45:44:b2:41:c3:f3:0a:b6:90:e7:86:f4:7f:6c:
                    87:e4:8e:e1:9e:2b:e5:7d:14:bb:a2:c8:76:f6:b1:
                    5f:fd:51:88:bf:72:ed:4a:c7:4b:a4:b1:88:61:40:
                    c4:3e:08:e0:fd:66:44:4a:c4:2d:1a:cb:ae:a7:f4:
                    59:b2:b0:55:36:4e:18:39:1e:95:93:aa:de:f2:39:
                    68:b0:88:8a:d4:8e:0a:a8:bd:a7:ab:39:e4:0f:2f:
                    9b:83:8b:33:ef:0a:b4:1f:ec:e5:2a:2d:cd:5d:f1:
                    d7:82:9a:09:c6:d5:d2:ee:19:37:27:a1:f5:ce:43:
                    29:96:0d:d4:c9:74:ad:b7:0c:bf:cd:b0:c9:2a:32:
                    d2:56:81:b7:68:ea:08:1a:11:5f:c7:f7:0a:71:98:
                    a1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:6C:50:EF:E6:72:F5:2B:53:E0:72:57:6F:81:3F:78:FF:1C:7B:02
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:bb:70:0d:59:35:e9:cf:7b:c7:b5:86:89:13:7b:d4:03:5b:
         84:03:54:d6:14:34:b3:73:14:ad:68:f0:d2:53:44:83:5b:04:
         0f:eb:32:ea:eb:10:ca:14:29:59:5a:81:d8:c4:a0:0d:9f:07:
         48:2e:97:0e:71:d2:fd:2a:db:b7:7b:d4:3e:83:e0:4e:50:9b:
         5e:13:f2:b2:52:15:d7:94:6e:4d:d2:75:48:d4:d3:b7:3c:b5:
         52:e8:8e:9c:23:3d:20:32:73:a7:31:b0:55:e4:2f:35:3e:ed:
         bf:b7:91:ef:e2:70:39:dc:73:9f:c3:c9:2b:b6:d7:21:63:ed:
         1e:e9:c0:21:77:55:81:25:0f:8b:5c:48:ae:58:d0:7e:f8:6d:
         23:e1:c9:1a:5f:9d:da:85:99:46:8e:db:49:77:4c:22:83:02:
         2c:6f:8a:e6:94:d2:8d:fa:dd:00:f4:1f:4b:f0:89:97:2f:2d:
         12:13:70:40:3d:c6:b0:e0:1e:0a:a2:6f:2c:c8:a1:d0:6b:ab:
         64:ba:50:3c:44:c9:73:f9:53:94:b9:6c:f5:64:b7:a6:e7:4d:
         f7:bc:61:9d:c9:3f:57:17:dd:e8:c9:c6:13:ff:27:84:35:b6:
         1a:1e:d8:5a:ef:73:03:3d:0f:bf:a5:3a:b8:60:80:2b:b7:a3:
         ed:be:0f:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+mQmTN1Z3+XXda1FF7n6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUwOTA3MDcwMDU4WhcNMjUwOTA4MDcwMDU4WjAzMTEwLwYDVQQD
Eyg3YjZjNTBlZmU2NzJmNTJiNTNlMDcyNTc2ZjgxM2Y3OGZmMWM3YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BQnRwZtTb8jV5HVfg0DJu6HIN75
fH+UVciFJMYGM7EskjnbrT3TmbL+MrDumMDrpZ2yzGJqmvXcrQiqRNsGWoDuS097
171tVdxlAHbnLUoE8ptP4/r0jcvg/+V9RyC89Y+SagaHzPxURUSyQcPzCraQ54b0
f2yH5I7hnivlfRS7osh29rFf/VGIv3LtSsdLpLGIYUDEPgjg/WZESsQtGsuup/RZ
srBVNk4YOR6Vk6re8jlosIiK1I4KqL2nqznkDy+bg4sz7wq0H+zlKi3NXfHXgpoJ
xtXS7hk3J6H1zkMplg3UyXSttwy/zbDJKjLSVoG3aOoIGhFfx/cKcZihxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtsUO/mcvUrU+ByV2+BP3j/HHsCMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLtwDVk1
6c97x7WGiRN71ANbhANU1hQ0s3MUrWjw0lNEg1sED+sy6usQyhQpWVqB2MSgDZ8H
SC6XDnHS/Srbt3vUPoPgTlCbXhPyslIV15RuTdJ1SNTTtzy1UuiOnCM9IDJzpzGw
VeQvNT7tv7eR7+JwOdxzn8PJK7bXIWPtHunAIXdVgSUPi1xIrljQfvhtI+HJGl+d
2oWZRo7bSXdMIoMCLG+K5pTSjfrdAPQfS/CJly8tEhNwQD3GsOAeCqJvLMih0Gur
ZLpQPETJc/lTlLls9WS3pudN97xhnck/Vxfd6MnGE/8nhDW2Gh7YWu9zAz0Pv6U6
uGCAK7ej7b4Pdw==
-----END CERTIFICATE-----