Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          51kllltyiNTXmUwBk/jOszibZIzEUrDuKi8UOHkLrno=
Subject key identifier:   7B:C9:A0:12:84:20:F1:84:A9:46:5B:0F:16:53:33:36:93:31:F2:2C
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       0199239F1113E4FD9D8E7D675899750558AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          0867
Signing time:             Sun 07 Sep 2025 10:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:51 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: Wj/serl+98lA/Q86Srx4t4r/fKUhqvaJqMBCHlAd1i0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:11:13:e4:fd:9d:8e:7d:67:58:99:75:05:58:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Sep  7 10:00:51 2025 GMT
            Not After : Sep  8 10:00:51 2025 GMT
        Subject: CN=7bc9a0128420f184a9465b0f165333369331f22c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:23:47:ef:1a:42:d0:ff:91:32:b6:04:16:7f:
                    43:1d:c6:63:1b:6c:47:c1:6a:cf:5d:11:9f:c5:85:
                    85:3a:ed:f0:52:16:20:51:4e:20:48:2d:25:8e:8a:
                    8f:09:85:50:de:e0:b2:7f:e8:0b:fa:e1:20:fc:c7:
                    16:b9:a7:3f:dc:e3:f3:00:e3:42:35:46:d3:02:6b:
                    ff:bf:f3:c3:9b:1a:18:01:7c:ed:44:5f:d7:ad:3b:
                    7b:90:37:a0:87:51:21:a0:2b:2a:a4:84:83:a6:1e:
                    f1:c5:aa:55:c9:c3:7e:0f:13:47:78:21:ca:36:c8:
                    3c:20:e7:88:9e:80:b1:f7:18:36:4c:86:4b:ff:56:
                    d7:df:83:0d:5f:8d:55:26:55:da:b7:26:e4:68:f4:
                    22:02:0e:38:4e:51:4d:96:46:c1:a9:9b:24:0e:e7:
                    43:2f:33:f5:25:28:1c:0e:28:b4:4c:e7:d0:9c:3d:
                    8d:1b:6b:fb:0e:2b:23:0f:c3:c4:ae:83:c0:9f:06:
                    26:e1:a2:29:ae:0c:9c:7f:cd:86:fe:45:74:98:b0:
                    f7:6e:1e:99:30:27:63:f4:b5:7b:7f:cc:27:fc:13:
                    25:70:cb:c0:05:14:c4:bb:85:81:d9:a7:d4:89:7c:
                    13:97:60:18:2c:14:f6:8f:47:95:29:37:37:e9:52:
                    6b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:C9:A0:12:84:20:F1:84:A9:46:5B:0F:16:53:33:36:93:31:F2:2C
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:4a:63:17:e5:25:9a:ad:2d:c3:f9:8b:c2:5a:2e:d7:ec:41:
         e0:d5:fd:6f:d5:44:4c:0d:e2:3d:d8:5f:97:8d:70:22:2d:d6:
         92:5f:fa:a6:69:3c:57:f6:89:0a:c8:a0:e3:58:d7:2d:66:b8:
         57:c2:d2:a8:8b:87:b2:81:e3:c2:53:89:7c:a8:d3:14:06:e1:
         1b:03:dc:3a:89:74:0b:cf:7d:74:71:be:49:4d:56:9c:02:22:
         e3:8b:bd:4e:27:48:9d:12:82:a9:75:89:41:65:5b:ab:12:c0:
         d4:7d:7d:db:4b:3f:71:1e:6a:69:d8:7c:57:87:32:70:2f:43:
         c0:e3:2f:a8:8b:fa:af:f2:9d:95:b1:8b:e1:9c:ea:c4:84:f3:
         17:92:24:15:fe:19:3a:f1:6b:5d:84:9b:49:17:89:a6:b4:d0:
         d8:5a:20:3e:d8:d3:c5:ab:c5:68:b4:6c:cd:88:57:98:d8:44:
         7b:d2:43:92:46:f9:58:c2:1f:ff:fc:49:4c:ea:5a:29:8c:a8:
         39:58:69:59:30:be:fc:bf:aa:89:34:12:42:16:cf:3b:b5:1b:
         12:49:1b:72:ba:86:b8:dc:fd:11:b7:02:11:32:d8:67:08:24:
         a7:73:80:33:04:d0:2e:f8:3c:27:89:6d:93:43:59:42:d0:46:
         07:d9:f9:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnxET5P2djn1nWJl1BVitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUwOTA3MTAwMDUxWhcNMjUwOTA4MTAwMDUxWjAzMTEwLwYDVQQD
Eyg3YmM5YTAxMjg0MjBmMTg0YTk0NjViMGYxNjUzMzMzNjkzMzFmMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiNH7xpC0P+RMrYEFn9DHcZjG2xH
wWrPXRGfxYWFOu3wUhYgUU4gSC0ljoqPCYVQ3uCyf+gL+uEg/McWuac/3OPzAONC
NUbTAmv/v/PDmxoYAXztRF/XrTt7kDegh1EhoCsqpISDph7xxapVycN+DxNHeCHK
Nsg8IOeInoCx9xg2TIZL/1bX34MNX41VJlXatybkaPQiAg44TlFNlkbBqZskDudD
LzP1JSgcDii0TOfQnD2NG2v7DisjD8PEroPAnwYm4aIprgycf82G/kV0mLD3bh6Z
MCdj9LV7f8wn/BMlcMvABRTEu4WB2afUiXwTl2AYLBT2j0eVKTc36VJrwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvJoBKEIPGEqUZbDxZTMzaTMfIsMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq0pjF+Ul
mq0tw/mLwlou1+xB4NX9b9VETA3iPdhfl41wIi3Wkl/6pmk8V/aJCsig41jXLWa4
V8LSqIuHsoHjwlOJfKjTFAbhGwPcOol0C899dHG+SU1WnAIi44u9TidInRKCqXWJ
QWVbqxLA1H1920s/cR5qadh8V4cycC9DwOMvqIv6r/KdlbGL4ZzqxITzF5IkFf4Z
OvFrXYSbSReJprTQ2FogPtjTxavFaLRszYhXmNhEe9JDkkb5WMIf//xJTOpaKYyo
OVhpWTC+/L+qiTQSQhbPO7UbEkkbcrqGuNz9EbcCETLYZwgkp3OAMwTQLvg8J4lt
k0NZQtBGB9n5WA==
-----END CERTIFICATE-----