Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          XjI44T5JZE5JWZVHWVhiLpwho/8Mh8OpULipiNw+Dro=
Subject key identifier:   9C:92:F6:42:9A:E4:F5:3D:A2:2E:44:FE:B1:A1:9F:E3:31:52:66:74
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       0199184008A0DA1848F5B7A6D6E38C11BD2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0EEC
Signing time:             Fri 05 Sep 2025 05:01:13 +0000
Manifest this update:     Fri 05 Sep 2025 05:01:13 +0000
Manifest next update:     Sat 06 Sep 2025 05:01:13 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: gLe09UkkRkf4SpWz/eqFWVhvZZmpvvyi1qX1r9xcxes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:40:08:a0:da:18:48:f5:b7:a6:d6:e3:8c:11:bd:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Sep  5 05:01:13 2025 GMT
            Not After : Sep  6 05:01:13 2025 GMT
        Subject: CN=9c92f6429ae4f53da22e44feb1a19fe331526674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:35:97:2c:74:6f:a8:09:79:34:44:4a:64:60:
                    b0:77:70:0b:4a:cd:f4:80:b2:e9:af:03:37:38:15:
                    d0:59:ef:65:58:0e:59:0c:d2:cc:02:5a:f2:5b:6f:
                    fe:d7:fa:58:ea:10:37:12:00:1a:52:9f:69:88:3c:
                    a5:b5:83:d8:36:d8:6f:8f:8d:bf:51:d0:3b:4c:3b:
                    19:35:e7:56:5a:64:68:13:8e:2f:0a:5c:45:43:9b:
                    54:96:44:6b:a2:15:82:e3:f0:a5:9e:e5:cb:c9:e6:
                    b6:8a:24:31:7f:f0:c6:f5:ea:71:81:87:2a:93:c8:
                    3f:70:fd:11:52:5e:80:0d:2f:f7:cc:65:c3:8a:0b:
                    40:77:4c:8b:d2:56:d8:f8:e1:49:c0:2f:bc:5c:c1:
                    cf:64:11:7d:2b:e6:6f:c3:d0:80:d0:52:a4:82:3c:
                    42:ef:3e:f9:8a:3b:57:40:0f:8b:1f:65:29:c5:b8:
                    01:95:99:07:5c:9b:9c:8d:06:43:3f:5f:0b:7b:31:
                    51:8f:69:55:39:77:a1:b3:57:6e:5a:50:ff:f1:e7:
                    28:c2:89:81:61:c1:a7:cf:f3:0c:d5:02:19:a0:e1:
                    ad:eb:09:6e:68:ed:0b:0d:1c:0d:5e:ed:6e:31:2d:
                    d3:e6:00:0f:20:9e:c8:8d:0f:79:23:bd:ab:bd:6c:
                    97:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:92:F6:42:9A:E4:F5:3D:A2:2E:44:FE:B1:A1:9F:E3:31:52:66:74
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:fd:34:92:c4:04:82:61:f8:80:43:6b:ee:e0:36:a4:db:23:
         1a:14:18:d4:90:11:0c:61:e4:46:ab:15:ba:2a:87:01:31:20:
         08:18:9d:cc:49:22:cf:da:30:82:4c:4b:42:8b:66:58:1b:28:
         cd:eb:2d:f1:4c:a5:30:e0:b5:1f:fc:82:65:c6:c1:ba:a6:f1:
         68:ac:aa:be:53:ae:67:e0:dc:c3:c5:ba:9b:63:00:72:e8:63:
         1b:64:e7:b6:99:df:3e:e9:e7:7a:a7:f1:3b:45:e1:6b:ad:73:
         77:95:66:74:30:a8:f5:85:cc:ad:01:1d:07:6f:93:54:c3:7c:
         58:f4:de:1c:2f:b5:71:0d:9d:8d:54:42:2a:5d:7c:60:6f:c6:
         a2:36:7b:4a:aa:84:4c:61:07:df:36:80:49:b0:a2:1a:dd:83:
         6c:44:d7:02:32:14:35:dc:c1:d0:c1:33:e3:74:72:49:d0:e7:
         61:90:80:22:56:2d:e8:2e:03:e8:17:96:51:f3:c6:b3:a1:23:
         e3:fd:1b:52:ed:6f:ea:17:14:c3:44:ce:bd:0a:03:2d:34:c7:
         42:ce:44:e5:22:05:ae:17:0d:ea:7e:88:7f:fb:8e:0e:04:b0:
         8c:f0:7d:10:b8:82:51:01:b6:8e:90:1d:0d:b5:e2:ca:0e:6c:
         e6:bb:04:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYQAig2hhI9bem1uOMEb0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwOTA1MDUwMTEzWhcNMjUwOTA2MDUwMTEzWjAzMTEwLwYDVQQD
Eyg5YzkyZjY0MjlhZTRmNTNkYTIyZTQ0ZmViMWExOWZlMzMxNTI2Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTWXLHRvqAl5NERKZGCwd3ALSs30
gLLprwM3OBXQWe9lWA5ZDNLMAlryW2/+1/pY6hA3EgAaUp9piDyltYPYNthvj42/
UdA7TDsZNedWWmRoE44vClxFQ5tUlkRrohWC4/ClnuXLyea2iiQxf/DG9epxgYcq
k8g/cP0RUl6ADS/3zGXDigtAd0yL0lbY+OFJwC+8XMHPZBF9K+Zvw9CA0FKkgjxC
7z75ijtXQA+LH2UpxbgBlZkHXJucjQZDP18LezFRj2lVOXehs1duWlD/8ecowomB
YcGnz/MM1QIZoOGt6wluaO0LDRwNXu1uMS3T5gAPIJ7IjQ95I72rvWyXMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyS9kKa5PU9oi5E/rGhn+MxUmZ0MB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABv00ksQE
gmH4gENr7uA2pNsjGhQY1JARDGHkRqsVuiqHATEgCBidzEkiz9owgkxLQotmWBso
zest8UylMOC1H/yCZcbBuqbxaKyqvlOuZ+Dcw8W6m2MAcuhjG2TntpnfPunneqfx
O0Xha61zd5VmdDCo9YXMrQEdB2+TVMN8WPTeHC+1cQ2djVRCKl18YG/GojZ7SqqE
TGEH3zaASbCiGt2DbETXAjIUNdzB0MEz43RySdDnYZCAIlYt6C4D6BeWUfPGs6Ej
4/0bUu1v6hcUw0TOvQoDLTTHQs5E5SIFrhcN6n6If/uODgSwjPB9ELiCUQG2jpAd
DbXiyg5s5rsEbQ==
-----END CERTIFICATE-----