Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          1ADnmaYG8DNIvEimjn3Mf7dxNOqluHbgPbZDxlcxqno=
Subject key identifier:   73:F0:3C:51:48:76:83:40:86:0C:58:D3:70:C1:E6:65:11:32:F7:97
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       0199221EB3D6F9E53FEC7349E5FEEF326113
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          021B
Signing time:             Sun 07 Sep 2025 03:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:01 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: yoQyJFJEtAtSFSxYbs2TZTvZRcSKv49ZlYVunUAqZTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:b3:d6:f9:e5:3f:ec:73:49:e5:fe:ef:32:61:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Sep  7 03:01:01 2025 GMT
            Not After : Sep  8 03:01:01 2025 GMT
        Subject: CN=73f03c5148768340860c58d370c1e6651132f797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4d:6f:41:6e:5b:3f:91:55:1d:02:be:85:4a:
                    e8:e5:38:1e:62:27:ea:9d:d5:4d:b6:47:96:a2:3c:
                    ff:85:07:b0:b0:44:8b:71:42:56:95:bf:32:2b:76:
                    55:b2:0c:67:4a:83:2d:3e:27:cb:71:95:6f:9a:05:
                    95:15:ea:f4:dc:b4:bf:1f:63:12:fe:b5:31:a3:ea:
                    c2:69:85:cc:a5:32:1e:a4:ca:8e:fa:77:45:51:b0:
                    9a:57:61:96:c0:85:7c:f8:49:c6:c3:ab:4a:2f:28:
                    e9:c9:64:af:31:8b:bf:d6:38:cc:36:49:a7:a3:06:
                    45:4e:c7:75:c2:1e:4f:27:12:ce:01:ae:e1:a6:27:
                    86:e6:d4:a4:62:4e:29:8a:9e:fd:c6:a6:e4:c1:2d:
                    e0:e8:31:d7:f4:6e:97:40:5b:53:0c:30:24:a2:c1:
                    90:45:e6:09:29:e1:bb:15:ce:11:ec:61:35:96:3b:
                    0a:9e:2e:40:d0:07:4e:d3:5e:df:45:03:fa:59:bb:
                    f4:b1:fe:2c:a1:09:db:32:da:ad:9b:81:09:fa:34:
                    72:53:3a:95:f9:c0:c2:c3:66:b6:88:5b:c1:03:d8:
                    73:de:4f:64:c8:d1:75:95:40:2c:1c:b6:32:1a:ab:
                    8b:0a:c4:d5:a2:c4:9f:8b:40:89:48:a8:32:ad:b2:
                    6c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:F0:3C:51:48:76:83:40:86:0C:58:D3:70:C1:E6:65:11:32:F7:97
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:f1:9f:1d:18:95:f8:5e:7c:a4:ac:98:ec:30:1c:c0:66:1d:
         b0:78:05:87:3e:4c:f1:85:00:c5:e4:c4:ee:50:12:ae:2e:0b:
         e9:09:c8:ff:b7:a3:66:5a:f6:57:07:83:db:ef:13:f2:db:c0:
         f6:a1:c6:b5:ce:a4:01:b1:91:2c:c4:d8:3d:d1:f0:07:33:b7:
         52:04:a2:a9:44:29:3a:c2:1c:31:dd:98:9a:0d:d0:12:23:2e:
         dc:5b:06:09:94:ba:ff:1d:e2:75:c6:22:15:14:bc:fc:47:59:
         7b:dc:bb:f2:9b:07:f9:32:5d:ed:83:85:34:8b:3b:51:93:87:
         17:46:b6:e2:98:82:e2:5e:6d:b0:45:0e:0b:78:e8:6c:9b:fb:
         0d:40:95:cf:62:7e:77:3b:85:de:d1:98:58:8e:40:5d:c1:74:
         3f:43:8e:9d:42:c6:61:e4:8c:69:a3:0c:a7:aa:36:ae:6f:d3:
         14:a6:c4:2e:37:dd:84:c2:50:d2:5d:56:a3:c6:41:fd:c5:14:
         7d:02:3b:fc:8a:44:43:a4:02:cd:65:5f:fd:c1:07:04:60:06:
         34:54:24:15:4a:2c:b7:05:e4:e8:e1:16:15:a9:bb:d9:ae:bd:
         90:b5:52:b2:15:71:d6:6f:66:31:25:2c:6f:01:6a:2f:c7:d7:
         5b:56:57:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHrPW+eU/7HNJ5f7vMmETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwOTA3MDMwMTAxWhcNMjUwOTA4MDMwMTAxWjAzMTEwLwYDVQQD
Eyg3M2YwM2M1MTQ4NzY4MzQwODYwYzU4ZDM3MGMxZTY2NTExMzJmNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk1vQW5bP5FVHQK+hUro5TgeYifq
ndVNtkeWojz/hQewsESLcUJWlb8yK3ZVsgxnSoMtPifLcZVvmgWVFer03LS/H2MS
/rUxo+rCaYXMpTIepMqO+ndFUbCaV2GWwIV8+EnGw6tKLyjpyWSvMYu/1jjMNkmn
owZFTsd1wh5PJxLOAa7hpieG5tSkYk4pip79xqbkwS3g6DHX9G6XQFtTDDAkosGQ
ReYJKeG7Fc4R7GE1ljsKni5A0AdO017fRQP6Wbv0sf4soQnbMtqtm4EJ+jRyUzqV
+cDCw2a2iFvBA9hz3k9kyNF1lUAsHLYyGquLCsTVosSfi0CJSKgyrbJsSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPwPFFIdoNAhgxY03DB5mURMveXMB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPGfHRiV
+F58pKyY7DAcwGYdsHgFhz5M8YUAxeTE7lASri4L6QnI/7ejZlr2VweD2+8T8tvA
9qHGtc6kAbGRLMTYPdHwBzO3UgSiqUQpOsIcMd2Ymg3QEiMu3FsGCZS6/x3idcYi
FRS8/EdZe9y78psH+TJd7YOFNIs7UZOHF0a24piC4l5tsEUOC3jobJv7DUCVz2J+
dzuF3tGYWI5AXcF0P0OOnULGYeSMaaMMp6o2rm/TFKbELjfdhMJQ0l1Wo8ZB/cUU
fQI7/IpEQ6QCzWVf/cEHBGAGNFQkFUostwXk6OEWFam72a69kLVSshVx1m9mMSUs
bwFqL8fXW1ZXZw==
-----END CERTIFICATE-----