Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          YBO5gIbvMw+0XCd0I+V8JjwTQgZ3bsbOJKZCyRdkatE=
Subject key identifier:   27:F6:91:B0:51:D2:CD:4C:1B:CD:0B:33:15:47:B2:79:E2:2B:F4:7B
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       01992255409797D761E83933F5CE615832D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          0403
Signing time:             Sun 07 Sep 2025 04:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:36 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: zfm/EY+88XrHYGKFLc6WP7BqYQYAiY2Ruaodbz+nAaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:40:97:97:d7:61:e8:39:33:f5:ce:61:58:32:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Sep  7 04:00:36 2025 GMT
            Not After : Sep  8 04:00:36 2025 GMT
        Subject: CN=27f691b051d2cd4c1bcd0b331547b279e22bf47b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:35:9f:6f:f5:87:d4:95:ac:01:80:9c:04:a8:
                    19:99:e5:7a:43:23:03:e7:fd:07:a7:35:4e:92:32:
                    d2:d8:57:13:84:d6:28:fe:9b:db:f0:85:b8:52:ac:
                    03:09:6d:32:77:1b:b1:a7:26:01:9b:7d:bc:ff:cf:
                    24:e6:10:80:fa:f5:84:41:f7:44:cf:d4:72:3c:da:
                    9c:38:ce:ca:98:65:07:57:8f:a8:3e:c5:65:68:e8:
                    29:d6:50:52:26:dc:aa:bd:05:96:03:fc:30:00:f5:
                    41:87:c5:4f:83:af:ca:40:33:4f:71:98:88:bd:01:
                    82:a4:c9:44:7e:48:34:f4:eb:e9:af:b3:56:2d:ff:
                    3e:be:45:a4:03:42:09:42:97:bb:62:13:62:2a:1e:
                    5b:d1:ef:2d:99:aa:67:6e:04:54:79:7f:e2:3a:3f:
                    5b:ac:51:d5:3c:40:c9:6b:4a:35:6f:fc:ae:de:6f:
                    f8:17:e1:e8:c6:d4:af:94:35:44:2c:d7:eb:69:9f:
                    b9:5d:c7:4d:2b:38:a8:c0:f8:99:2c:6b:69:f2:23:
                    c6:4d:ac:2f:f4:70:83:b8:f8:49:88:9f:f2:3d:bf:
                    a0:f2:06:0d:07:63:86:4e:43:bd:12:da:2c:fa:e1:
                    a1:d8:c3:f7:a8:e4:37:1a:33:72:c2:66:2f:8a:c2:
                    40:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:F6:91:B0:51:D2:CD:4C:1B:CD:0B:33:15:47:B2:79:E2:2B:F4:7B
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:27:42:53:68:e4:62:62:c6:d8:ea:70:c9:c9:c0:16:e7:c1:
         29:53:51:da:ca:fe:ee:27:a4:20:4b:9c:e3:ca:48:d4:60:89:
         eb:48:80:d5:44:19:06:ff:9a:1c:a3:77:7d:50:a1:5a:05:29:
         2b:ac:e7:ac:f5:e1:81:b7:15:ce:d9:b7:64:79:2f:82:8e:76:
         05:b1:9c:01:3d:a8:bf:fb:cc:6d:87:f2:5f:5d:23:dd:a1:da:
         7e:b1:78:98:d7:79:06:d6:82:3d:55:98:2d:c3:35:54:a6:01:
         0c:b0:24:90:a9:07:92:df:98:ad:28:c7:98:b5:94:19:3b:11:
         7b:f8:27:0b:0c:1b:e6:5c:c7:ac:76:bf:da:62:c6:b2:c0:eb:
         1a:5c:42:da:28:d6:a1:bb:89:c9:60:b3:4c:f9:45:06:5a:35:
         99:12:bc:cb:5e:63:87:d2:25:3c:5a:36:23:9d:ea:eb:9f:6d:
         b9:1d:7f:19:fd:ec:45:f0:2e:77:2c:45:9c:2d:b2:8d:5f:f2:
         e8:37:51:28:27:cf:48:03:a4:b7:cc:58:4d:8f:62:90:e7:15:
         bd:e1:6f:84:03:04:96:86:45:db:7b:09:49:19:40:dd:53:11:
         6f:29:1b:4f:61:e0:dd:0e:65:ad:f1:02:6e:d0:8f:53:ba:d5:
         40:34:5e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVUCXl9dh6Dkz9c5hWDLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjUwOTA3MDQwMDM2WhcNMjUwOTA4MDQwMDM2WjAzMTEwLwYDVQQD
EygyN2Y2OTFiMDUxZDJjZDRjMWJjZDBiMzMxNTQ3YjI3OWUyMmJmNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TWfb/WH1JWsAYCcBKgZmeV6QyMD
5/0HpzVOkjLS2FcThNYo/pvb8IW4UqwDCW0ydxuxpyYBm328/88k5hCA+vWEQfdE
z9RyPNqcOM7KmGUHV4+oPsVlaOgp1lBSJtyqvQWWA/wwAPVBh8VPg6/KQDNPcZiI
vQGCpMlEfkg09Ovpr7NWLf8+vkWkA0IJQpe7YhNiKh5b0e8tmapnbgRUeX/iOj9b
rFHVPEDJa0o1b/yu3m/4F+HoxtSvlDVELNfraZ+5XcdNKziowPiZLGtp8iPGTawv
9HCDuPhJiJ/yPb+g8gYNB2OGTkO9Etos+uGh2MP3qOQ3GjNywmYvisJAtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf2kbBR0s1MG80LMxVHsnniK/R7MB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcSdCU2jk
YmLG2OpwycnAFufBKVNR2sr+7iekIEuc48pI1GCJ60iA1UQZBv+aHKN3fVChWgUp
K6znrPXhgbcVztm3ZHkvgo52BbGcAT2ov/vMbYfyX10j3aHafrF4mNd5BtaCPVWY
LcM1VKYBDLAkkKkHkt+YrSjHmLWUGTsRe/gnCwwb5lzHrHa/2mLGssDrGlxC2ijW
obuJyWCzTPlFBlo1mRK8y15jh9IlPFo2I53q659tuR1/Gf3sRfAudyxFnC2yjV/y
6DdRKCfPSAOkt8xYTY9ikOcVveFvhAMEloZF23sJSRlA3VMRbykbT2Hg3Q5lrfEC
btCPU7rVQDReKw==
-----END CERTIFICATE-----