Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          MRcgD7ZKU7uQYyTfmCj67BICrUVu/Wxw4dBP3/Pm45U=
Subject key identifier:   31:AB:7C:05:62:87:9B:58:E6:4A:07:23:18:3B:DA:50:44:B7:A1:06
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       0199239F73EBC03B232310FD0B71837196E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          1678
Signing time:             Sun 07 Sep 2025 10:01:16 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:16 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:16 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: VfxzKi0ujZXhkW5xtoAzOz/9lxiPz1hiEPG0uX+YC2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:73:eb:c0:3b:23:23:10:fd:0b:71:83:71:96:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Sep  7 10:01:16 2025 GMT
            Not After : Sep  8 10:01:16 2025 GMT
        Subject: CN=31ab7c0562879b58e64a0723183bda5044b7a106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5d:35:22:4e:75:63:e9:d0:ef:91:a3:89:51:
                    5f:c9:35:97:1a:4b:77:93:0a:c7:6c:c9:c9:f8:31:
                    35:69:09:2c:e9:a5:82:4d:a1:08:49:aa:a8:b9:fe:
                    8a:d8:52:61:c6:e5:69:d0:5b:74:fc:5f:cd:f7:fb:
                    42:03:4a:4f:f8:97:a3:a4:67:b5:a9:2a:45:73:49:
                    c2:61:02:8c:97:7e:b2:94:fb:c2:cd:5c:6a:32:b6:
                    d5:2d:55:8e:1f:54:38:df:7d:08:9a:b2:89:45:12:
                    b3:b2:bf:26:bd:f5:30:53:18:c2:cc:43:b9:f6:49:
                    ba:e9:21:07:83:23:4c:8d:32:b2:da:4a:54:9b:e2:
                    bc:ab:af:0f:bd:b9:7d:ec:84:10:be:a1:b9:31:d3:
                    d9:01:a3:ac:6f:63:95:f7:ee:aa:b8:d6:b1:1f:a0:
                    6e:41:92:bf:0c:eb:0d:61:30:c4:81:6f:dd:c2:03:
                    3d:ae:33:c4:0a:71:fd:7f:36:a7:e5:89:65:63:81:
                    78:9c:20:81:61:ca:fa:b7:6e:ac:3f:03:82:08:4f:
                    ea:21:35:1a:98:95:f4:33:75:23:22:0b:dc:df:44:
                    62:81:13:49:70:95:1d:d9:37:45:72:28:3f:65:ae:
                    bc:ad:ec:9d:2a:5b:e6:f2:fa:17:e2:41:53:9f:c2:
                    1f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:AB:7C:05:62:87:9B:58:E6:4A:07:23:18:3B:DA:50:44:B7:A1:06
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:8f:fc:de:43:15:56:04:10:91:bd:1d:48:0b:ca:26:80:a2:
         69:4a:62:f1:8c:19:d9:51:1c:a6:a4:cb:84:f1:6d:1e:61:df:
         2c:4f:20:ca:55:77:55:7b:a1:7f:d2:31:d0:34:40:d5:94:e8:
         0c:f8:2e:dd:2f:89:a5:e8:e8:54:d1:58:36:72:fc:4c:2c:f6:
         fc:8b:a0:dc:9c:4b:5c:a7:b8:37:cd:b1:89:1a:69:e3:bf:30:
         0a:5a:90:72:d8:58:2c:f7:30:7f:31:f7:eb:43:0b:25:72:ec:
         36:9d:e8:0a:50:e1:27:29:ff:d6:2c:18:95:d2:c2:f6:d9:0a:
         dd:8c:58:50:fa:3b:bd:ac:07:07:40:9c:26:31:ab:74:e2:d0:
         51:39:e6:58:ac:37:e1:6a:f9:ba:eb:9a:fc:1b:80:e3:d2:08:
         f1:13:c0:b1:15:df:5f:a7:f9:c9:73:58:6b:92:26:89:42:69:
         6f:62:e4:53:15:88:3f:ef:c6:69:15:13:d5:ec:ab:98:3e:3d:
         e5:cd:09:2e:a0:47:9e:ac:df:5c:35:81:6f:34:62:46:04:bf:
         32:e4:66:9b:26:71:87:ec:aa:01:97:14:ad:9a:e5:42:9d:cd:
         c1:79:ef:58:e5:e7:08:43:98:b0:b5:9e:60:3b:0c:51:56:12:
         1c:d8:8e:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn3PrwDsjIxD9C3GDcZbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUwOTA3MTAwMTE2WhcNMjUwOTA4MTAwMTE2WjAzMTEwLwYDVQQD
EygzMWFiN2MwNTYyODc5YjU4ZTY0YTA3MjMxODNiZGE1MDQ0YjdhMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5101Ik51Y+nQ75GjiVFfyTWXGkt3
kwrHbMnJ+DE1aQks6aWCTaEISaqouf6K2FJhxuVp0Ft0/F/N9/tCA0pP+JejpGe1
qSpFc0nCYQKMl36ylPvCzVxqMrbVLVWOH1Q4330ImrKJRRKzsr8mvfUwUxjCzEO5
9km66SEHgyNMjTKy2kpUm+K8q68Pvbl97IQQvqG5MdPZAaOsb2OV9+6quNaxH6Bu
QZK/DOsNYTDEgW/dwgM9rjPECnH9fzan5YllY4F4nCCBYcr6t26sPwOCCE/qITUa
mJX0M3UjIgvc30RigRNJcJUd2TdFcig/Za68reydKlvm8voX4kFTn8IfSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGrfAVih5tY5koHIxg72lBEt6EGMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoI/83kMV
VgQQkb0dSAvKJoCiaUpi8YwZ2VEcpqTLhPFtHmHfLE8gylV3VXuhf9Ix0DRA1ZTo
DPgu3S+JpejoVNFYNnL8TCz2/Iug3JxLXKe4N82xiRpp478wClqQcthYLPcwfzH3
60MLJXLsNp3oClDhJyn/1iwYldLC9tkK3YxYUPo7vawHB0CcJjGrdOLQUTnmWKw3
4Wr5uuua/BuA49II8RPAsRXfX6f5yXNYa5ImiUJpb2LkUxWIP+/GaRUT1eyrmD49
5c0JLqBHnqzfXDWBbzRiRgS/MuRmmyZxh+yqAZcUrZrlQp3NwXnvWOXnCEOYsLWe
YDsMUVYSHNiOZg==
-----END CERTIFICATE-----