Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          wPN6QDkzJpdEU5SZl6fImcCkynvLE1RBJjMqn+ujRzg=
Subject key identifier:   A8:3B:72:89:15:65:F9:D6:FD:DE:AE:A8:7D:0A:E8:CB:42:41:8E:31
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       0199228D2CA235D28645BF30DB6BE11BB61E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          070C
Signing time:             Sun 07 Sep 2025 05:01:41 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:41 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:41 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: Fg3oFr9YUkZCx+FNE1nRDastMHIHiBW/TvgOaZRL0EU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:2c:a2:35:d2:86:45:bf:30:db:6b:e1:1b:b6:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Sep  7 05:01:41 2025 GMT
            Not After : Sep  8 05:01:41 2025 GMT
        Subject: CN=a83b72891565f9d6fddeaea87d0ae8cb42418e31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f7:f3:bc:95:c6:eb:f2:1b:97:cf:8d:95:28:
                    d3:fc:9d:ce:02:de:87:ea:a2:9d:12:32:4b:c7:3f:
                    1d:23:3d:04:e2:ec:55:2c:b2:4b:34:c7:75:84:09:
                    0c:85:f7:87:54:dd:52:e4:cc:1d:68:c8:f9:62:c3:
                    f9:c0:b6:fb:6e:c5:4b:94:96:c6:e1:8b:72:57:5a:
                    26:72:36:40:d6:a9:fe:73:2c:01:8f:b1:98:ab:5c:
                    2c:13:48:01:14:03:6c:fb:36:4c:9e:b0:c8:68:77:
                    9a:a4:5b:10:12:d5:09:4b:e9:57:d2:1f:39:74:f8:
                    71:5c:78:fa:b0:95:c8:5e:27:40:a4:72:03:3b:83:
                    2c:2b:51:94:9c:76:f2:48:84:ac:b0:10:21:96:ef:
                    19:99:8d:7f:44:7d:62:72:22:cb:c2:11:4c:b4:8f:
                    6a:0b:b6:45:d6:4e:c4:ad:ba:41:60:70:73:fc:75:
                    f4:4f:9b:8f:7d:96:a0:62:8f:5f:d4:43:2f:e3:d7:
                    ca:72:0f:20:a7:8d:50:fa:63:ac:12:1a:8d:3b:13:
                    dc:bc:14:be:2a:8d:be:3d:26:a9:43:fa:55:fd:81:
                    ce:38:47:ca:89:9d:9d:85:01:52:1e:a8:5b:c3:8b:
                    c2:c4:5e:c6:c1:21:f2:d9:2d:93:3c:b0:4a:22:d8:
                    2b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:3B:72:89:15:65:F9:D6:FD:DE:AE:A8:7D:0A:E8:CB:42:41:8E:31
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:a8:f2:f5:1d:f7:97:79:d7:b6:f2:b5:af:12:fb:3a:06:54:
         c7:e1:5f:f8:52:1c:21:11:04:4a:cd:a5:b5:9e:cf:21:9f:a0:
         7f:54:83:4e:8d:60:7f:09:bb:d7:c5:90:4f:a0:9a:88:59:37:
         32:81:90:39:d8:dc:34:95:94:cd:77:bf:1b:5b:0c:74:2a:32:
         56:ba:4e:a2:ae:d7:2b:29:2a:29:01:d4:c4:cc:72:48:a6:aa:
         b2:4b:7e:2e:93:87:77:61:04:ab:62:5f:d7:10:90:1a:57:c4:
         d6:38:84:1e:8a:a0:01:1f:56:31:0e:2c:a3:1b:ce:51:7f:34:
         0c:70:e8:53:95:dc:b6:3b:f2:fc:b3:8c:89:7e:ee:c2:21:bf:
         c0:a4:a2:a5:1d:bc:42:86:7c:d8:6a:d6:e8:72:b2:03:71:4e:
         4d:e2:48:68:7b:38:ca:77:68:a1:ec:0e:37:9a:c8:d7:b9:31:
         97:ba:a3:0d:a4:00:20:dd:fc:f7:c2:98:5a:4f:7a:89:c8:82:
         c6:6f:58:5f:39:4b:e7:18:8e:7f:e9:c8:d3:7c:e0:3c:4d:b5:
         8b:f1:26:e7:f7:f5:be:d3:02:af:77:31:cd:5d:0c:27:e6:d2:
         6a:80:5b:aa:47:84:27:be:d3:76:c7:9d:62:d2:a2:46:03:8e:
         c7:4d:79:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijSyiNdKGRb8w22vhG7YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwOTA3MDUwMTQxWhcNMjUwOTA4MDUwMTQxWjAzMTEwLwYDVQQD
EyhhODNiNzI4OTE1NjVmOWQ2ZmRkZWFlYTg3ZDBhZThjYjQyNDE4ZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvfzvJXG6/Ibl8+NlSjT/J3OAt6H
6qKdEjJLxz8dIz0E4uxVLLJLNMd1hAkMhfeHVN1S5MwdaMj5YsP5wLb7bsVLlJbG
4YtyV1omcjZA1qn+cywBj7GYq1wsE0gBFANs+zZMnrDIaHeapFsQEtUJS+lX0h85
dPhxXHj6sJXIXidApHIDO4MsK1GUnHbySISssBAhlu8ZmY1/RH1iciLLwhFMtI9q
C7ZF1k7ErbpBYHBz/HX0T5uPfZagYo9f1EMv49fKcg8gp41Q+mOsEhqNOxPcvBS+
Ko2+PSapQ/pV/YHOOEfKiZ2dhQFSHqhbw4vCxF7GwSHy2S2TPLBKItgrYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKg7cokVZfnW/d6uqH0K6MtCQY4xMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV6jy9R33
l3nXtvK1rxL7OgZUx+Ff+FIcIREESs2ltZ7PIZ+gf1SDTo1gfwm718WQT6CaiFk3
MoGQOdjcNJWUzXe/G1sMdCoyVrpOoq7XKykqKQHUxMxySKaqskt+LpOHd2EEq2Jf
1xCQGlfE1jiEHoqgAR9WMQ4soxvOUX80DHDoU5Xctjvy/LOMiX7uwiG/wKSipR28
QoZ82GrW6HKyA3FOTeJIaHs4yndooewON5rI17kxl7qjDaQAIN3898KYWk96iciC
xm9YXzlL5xiOf+nI03zgPE21i/Em5/f1vtMCr3cxzV0MJ+bSaoBbqkeEJ77Tdsed
YtKiRgOOx015dA==
-----END CERTIFICATE-----