Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          vVfJ/NZYJfeS1XVHCsAmXZpknE5b1Ezu1zx9E6sg8/c=
Subject key identifier:   0E:B1:C8:27:95:DF:E9:92:35:35:87:0D:19:C1:0D:AB:D3:EC:1B:94
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       019922FAF68E3B5518FA808B04AF2273C754
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 07:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:36 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: ZZEnS2sH9/OMXhZTReQay23rYmBHfima0+U1vbKNgzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:f6:8e:3b:55:18:fa:80:8b:04:af:22:73:c7:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Sep  7 07:01:36 2025 GMT
            Not After : Sep  8 07:01:36 2025 GMT
        Subject: CN=0eb1c82795dfe9923535870d19c10dabd3ec1b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a2:5c:13:6a:99:8b:b5:ee:94:64:ea:2e:8f:
                    8b:f2:5f:33:8b:32:47:ae:63:2c:e9:1a:8c:39:c3:
                    ef:d3:1c:6b:c5:d4:f7:4e:ba:9c:d7:fc:50:c4:da:
                    2a:4d:86:34:42:bf:f7:74:2f:e2:3e:76:60:81:81:
                    24:b5:fb:3f:b6:00:13:54:f5:61:9d:20:e8:93:f0:
                    ed:83:9d:be:ed:3c:54:4e:e5:71:c9:21:af:c3:37:
                    67:f2:e2:dc:db:19:36:b0:a2:89:3d:d5:ab:14:86:
                    40:eb:df:7e:be:ef:13:59:19:c4:2b:bf:40:95:e6:
                    de:b9:b5:b5:43:15:57:a1:20:4e:37:eb:6a:9c:ab:
                    17:56:11:d9:09:1c:aa:7e:96:b9:c5:c9:bd:45:97:
                    66:01:c6:63:a4:a6:93:38:f1:0c:5b:0a:9f:3f:dc:
                    47:48:90:5e:73:9b:47:db:15:6f:32:21:62:31:47:
                    ea:ad:f2:86:14:42:dd:a1:20:e1:77:f8:58:fe:56:
                    6d:c6:9e:84:ef:9b:df:ba:18:44:88:4d:9a:b7:b1:
                    35:a5:09:ff:c2:11:61:3c:07:c4:f5:9c:91:27:53:
                    b8:51:ce:6f:76:5b:a8:48:7e:23:6f:1e:10:6c:65:
                    fe:45:a3:24:55:36:ac:3f:5a:f8:a7:44:d4:3d:83:
                    73:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B1:C8:27:95:DF:E9:92:35:35:87:0D:19:C1:0D:AB:D3:EC:1B:94
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:52:83:72:53:aa:35:e9:f1:3b:3a:2b:e0:83:7e:da:42:e1:
         28:d8:0f:24:8a:e5:b8:50:ae:99:26:27:07:1b:db:95:8a:03:
         2b:e9:c1:77:25:ef:ae:7b:da:aa:f5:9d:ab:5e:57:71:9a:6f:
         14:46:b9:73:b6:1e:bf:0c:8c:fc:b3:d8:eb:9b:9b:b8:93:74:
         e0:0d:cb:c0:bf:f4:31:8b:89:7e:1a:6b:fe:da:e5:95:21:90:
         91:0e:fa:ad:2f:5e:4f:88:f7:0b:85:d8:28:40:11:7c:b8:fb:
         bc:90:cd:f8:55:70:15:61:fa:fb:b2:f8:2b:c2:3f:7e:b4:72:
         2c:26:c3:da:26:5f:33:0b:bc:64:cc:32:57:28:30:b2:c8:f8:
         db:05:21:da:41:d5:48:0d:b9:0f:4f:3c:2c:ae:a1:97:3d:34:
         88:55:fd:0f:70:07:99:f7:49:fd:d3:dc:c9:d3:d7:09:56:32:
         bf:d5:eb:91:a7:dc:3a:7e:09:27:2b:9e:8a:da:ce:31:d5:fc:
         bd:5b:ad:9d:e8:86:70:02:61:d0:8a:6b:a3:2b:a7:51:3b:80:
         01:f3:a9:76:f1:fc:be:a6:01:34:3a:32:fc:a4:8c:4a:fe:98:
         ad:9c:a8:f7:b6:bc:fe:ea:1b:9e:cc:c8:9c:9a:7e:0e:8c:9b:
         fa:2d:ae:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+vaOO1UY+oCLBK8ic8dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjUwOTA3MDcwMTM2WhcNMjUwOTA4MDcwMTM2WjAzMTEwLwYDVQQD
EygwZWIxYzgyNzk1ZGZlOTkyMzUzNTg3MGQxOWMxMGRhYmQzZWMxYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26JcE2qZi7XulGTqLo+L8l8zizJH
rmMs6RqMOcPv0xxrxdT3Trqc1/xQxNoqTYY0Qr/3dC/iPnZggYEktfs/tgATVPVh
nSDok/Dtg52+7TxUTuVxySGvwzdn8uLc2xk2sKKJPdWrFIZA699+vu8TWRnEK79A
lebeubW1QxVXoSBON+tqnKsXVhHZCRyqfpa5xcm9RZdmAcZjpKaTOPEMWwqfP9xH
SJBec5tH2xVvMiFiMUfqrfKGFELdoSDhd/hY/lZtxp6E75vfuhhEiE2at7E1pQn/
whFhPAfE9ZyRJ1O4Uc5vdluoSH4jbx4QbGX+RaMkVTasP1r4p0TUPYNzIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6xyCeV3+mSNTWHDRnBDavT7BuUMB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVKDclOq
NenxOzor4IN+2kLhKNgPJIrluFCumSYnBxvblYoDK+nBdyXvrnvaqvWdq15XcZpv
FEa5c7YevwyM/LPY65ubuJN04A3LwL/0MYuJfhpr/trllSGQkQ76rS9eT4j3C4XY
KEARfLj7vJDN+FVwFWH6+7L4K8I/frRyLCbD2iZfMwu8ZMwyVygwssj42wUh2kHV
SA25D088LK6hlz00iFX9D3AHmfdJ/dPcydPXCVYyv9XrkafcOn4JJyueitrOMdX8
vVutneiGcAJh0IproyunUTuAAfOpdvH8vqYBNDoy/KSMSv6YrZyo97a8/uobnszI
nJp+Doyb+i2uyQ==
-----END CERTIFICATE-----