Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          l+AOfME17uf2mBbxtOZHTZVHVroEAWb1B3tz3f0nOvw=
Subject key identifier:   37:B2:42:84:A0:B6:3E:7E:3D:E5:1C:47:60:09:C4:49:30:CE:57:BC
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019923A083D950160F4A0AAFCEF8707AB704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0F77
Signing time:             Sun 07 Sep 2025 10:02:25 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:25 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:25 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: +6Ilr9DNFLQcR7YWLGCSXwzMJkOHSI9eh30fvAsElHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:83:d9:50:16:0f:4a:0a:af:ce:f8:70:7a:b7:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Sep  7 10:02:25 2025 GMT
            Not After : Sep  8 10:02:25 2025 GMT
        Subject: CN=37b24284a0b63e7e3de51c476009c44930ce57bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b1:aa:bd:81:92:4f:e3:a2:93:25:49:8f:1f:
                    74:e4:53:1f:af:11:76:a7:b7:6f:6a:0a:d6:e0:01:
                    de:4b:33:45:bd:4b:e1:90:4f:d7:84:af:e0:18:25:
                    f4:7a:1a:33:f1:32:66:e5:4d:12:d2:84:66:62:02:
                    03:38:a9:7d:0a:59:50:0a:2e:c7:ec:ac:85:41:ec:
                    6e:5e:63:58:77:f9:9f:3b:2c:0a:41:43:53:f0:c3:
                    0e:7b:43:56:37:26:89:63:06:71:df:67:7e:2c:02:
                    74:84:36:e6:f6:10:ee:7f:1e:24:a0:29:dc:06:38:
                    0d:e6:73:e4:53:07:13:62:de:19:16:66:44:62:25:
                    ba:66:2d:63:d0:a8:30:ba:49:5a:05:aa:58:4c:84:
                    a3:3d:3b:27:83:0e:83:96:f6:84:f1:f1:57:77:e0:
                    9c:e0:55:21:79:e6:f8:48:6a:f1:80:ce:e9:3c:ed:
                    f9:80:3e:a2:a0:91:0a:c3:5d:eb:58:01:35:43:d4:
                    5b:65:69:e7:04:ed:94:f5:fd:5d:70:fa:a3:c8:a4:
                    f2:f0:3c:d7:37:ac:47:db:53:9c:85:2a:17:c6:44:
                    84:2b:0d:58:41:83:f0:c8:95:60:14:a4:eb:d2:65:
                    40:ca:da:49:52:3a:f8:e9:9b:4e:a7:63:fd:57:c8:
                    56:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:B2:42:84:A0:B6:3E:7E:3D:E5:1C:47:60:09:C4:49:30:CE:57:BC
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:0c:3f:84:56:ed:f2:ba:5a:24:b4:56:39:0c:26:3b:d1:c0:
         bc:70:0e:20:d2:54:42:40:b1:78:d7:cb:37:86:d7:b9:ae:2d:
         b1:9c:bb:d0:b9:dc:8c:2d:72:d4:ad:e5:ab:cd:99:cb:10:9b:
         4b:fd:98:d0:38:d3:64:c1:a3:c9:8f:92:2f:06:19:d3:e2:f7:
         73:d1:06:f0:1e:e3:f8:3f:8a:fa:4f:e1:3f:d3:ce:11:0a:d0:
         ab:f8:68:8a:4b:06:7f:cb:92:08:ff:6f:a6:00:6a:14:06:71:
         67:49:33:f5:97:13:f5:9d:9a:e7:fd:8e:ed:53:88:49:c7:02:
         5d:4f:91:3a:93:e5:9e:28:bc:24:f2:21:79:e9:ac:d0:94:5f:
         f4:ba:25:d2:55:c7:e7:fe:75:00:16:ab:49:5b:f5:c7:ae:ff:
         aa:b8:fa:aa:bf:f7:13:1d:a6:4b:ae:9e:d8:12:11:bb:b0:a1:
         00:d5:47:cc:f3:1e:6f:23:3f:57:dd:7d:40:26:81:b6:62:9a:
         d1:52:2c:ea:ed:a1:e2:08:b8:a4:b2:53:c6:dd:be:5f:e4:90:
         64:81:4c:dd:b2:43:61:82:06:3f:be:90:18:c5:2d:a7:26:72:
         91:76:34:35:91:4f:0d:46:34:9f:e9:5e:4e:9d:b2:dd:b8:0f:
         ff:ea:a0:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIPZUBYPSgqvzvhwercEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUwOTA3MTAwMjI1WhcNMjUwOTA4MTAwMjI1WjAzMTEwLwYDVQQD
EygzN2IyNDI4NGEwYjYzZTdlM2RlNTFjNDc2MDA5YzQ0OTMwY2U1N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprGqvYGST+OikyVJjx905FMfrxF2
p7dvagrW4AHeSzNFvUvhkE/XhK/gGCX0ehoz8TJm5U0S0oRmYgIDOKl9CllQCi7H
7KyFQexuXmNYd/mfOywKQUNT8MMOe0NWNyaJYwZx32d+LAJ0hDbm9hDufx4koCnc
BjgN5nPkUwcTYt4ZFmZEYiW6Zi1j0KgwuklaBapYTISjPTsngw6DlvaE8fFXd+Cc
4FUheeb4SGrxgM7pPO35gD6ioJEKw13rWAE1Q9RbZWnnBO2U9f1dcPqjyKTy8DzX
N6xH21OchSoXxkSEKw1YQYPwyJVgFKTr0mVAytpJUjr46ZtOp2P9V8hWsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDeyQoSgtj5+PeUcR2AJxEkwzle8MB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVww/hFbt
8rpaJLRWOQwmO9HAvHAOINJUQkCxeNfLN4bXua4tsZy70LncjC1y1K3lq82ZyxCb
S/2Y0DjTZMGjyY+SLwYZ0+L3c9EG8B7j+D+K+k/hP9POEQrQq/hoiksGf8uSCP9v
pgBqFAZxZ0kz9ZcT9Z2a5/2O7VOISccCXU+ROpPlnii8JPIheems0JRf9Lol0lXH
5/51ABarSVv1x67/qrj6qr/3Ex2mS66e2BIRu7ChANVHzPMebyM/V919QCaBtmKa
0VIs6u2h4gi4pLJTxt2+X+SQZIFM3bJDYYIGP76QGMUtpyZykXY0NZFPDUY0n+le
Tp2y3bgP/+qgTA==
-----END CERTIFICATE-----