Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
File:                     p2H8O2oE10MHa9KG3oIURfBlTvc.mft (raw, json)
Hash identifier:          3euiny8sSzDZlfSjVfadqVw6H4Co1h8RlHTx7OeiX70=
Subject key identifier:   DE:5C:DB:49:58:7D:BC:07:92:46:78:85:7B:6C:3D:88:E2:67:4B:FB
Authority key identifier: A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7
Certificate issuer:       /CN=a761fc3b6a04d743076bd286de821445f0654ef7
Certificate serial:       01992255916403B4498B5100EBF79C25569F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
Manifest number:          1600
Signing time:             Sun 07 Sep 2025 04:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:56 +0000
Files and hashes:         1: p2H8O2oE10MHa9KG3oIURfBlTvc.crl (hash: 14nFkuGzC5ad9576Y1tfTuLkMHc1GTij6Pjsv9aP+zw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:91:64:03:b4:49:8b:51:00:eb:f7:9c:25:56:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a761fc3b6a04d743076bd286de821445f0654ef7
        Validity
            Not Before: Sep  7 04:00:56 2025 GMT
            Not After : Sep  8 04:00:56 2025 GMT
        Subject: CN=de5cdb49587dbc07924678857b6c3d88e2674bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:74:57:03:9b:57:7a:3c:cd:6e:85:05:98:7c:
                    b7:1a:c3:58:ee:3c:0e:45:ac:50:af:bb:e4:63:7b:
                    80:5f:1a:b2:87:23:a1:cd:e5:a9:a7:49:83:a2:0f:
                    6f:b7:d0:95:16:ee:a8:74:b6:92:ed:60:58:41:4d:
                    0d:d6:ec:05:39:16:66:67:3b:37:e2:27:1c:68:1d:
                    92:29:c1:9e:96:1e:dc:3f:4d:0d:9a:b6:06:c5:54:
                    16:86:58:25:8f:56:27:6d:76:17:67:77:b8:45:73:
                    b9:d8:70:f6:75:ce:69:2d:78:15:82:82:37:82:69:
                    b9:68:a6:07:e9:a5:83:75:f3:54:ef:2d:a3:ac:57:
                    30:d5:bf:6e:98:40:a8:86:a1:eb:a1:ae:52:7e:6a:
                    cf:ee:dd:f1:20:4d:ee:f3:ee:cf:3d:16:ad:5d:0b:
                    6d:2a:4f:21:b6:48:fb:62:83:4b:36:50:3f:60:71:
                    3a:80:56:4a:4a:35:1b:1f:3d:f3:89:5f:72:01:c2:
                    4a:c0:d3:58:0b:7a:01:67:93:19:d5:cb:95:77:c7:
                    2e:8f:18:81:52:33:b1:a5:77:db:e7:b9:9e:43:69:
                    92:37:76:71:86:1f:49:2a:68:aa:65:8a:6f:4c:07:
                    fa:ed:76:c1:98:42:d4:80:ad:7b:77:ac:35:d8:ad:
                    9e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5C:DB:49:58:7D:BC:07:92:46:78:85:7B:6C:3D:88:E2:67:4B:FB
            X509v3 Authority Key Identifier:
                keyid:A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:7f:6e:2b:2c:df:cf:a1:ea:59:7b:ed:50:d1:7f:a6:c3:29:
         ff:85:4c:cc:d1:e9:4d:c4:11:44:45:5a:af:fa:6b:38:ab:4f:
         67:2b:13:ee:f2:97:bb:69:2e:ed:87:cb:ac:0b:df:b7:f8:4f:
         3f:c7:ff:fb:1d:66:56:fd:12:1a:68:10:22:37:41:8d:d0:07:
         6f:40:39:bc:dd:47:97:54:fe:2c:6b:ab:d5:41:94:82:93:4d:
         2f:8f:8c:fc:93:69:8c:91:f4:81:76:9f:53:35:cc:5d:53:72:
         5c:99:8f:d0:23:ab:49:80:6b:24:5e:32:6f:0b:95:bc:8d:de:
         10:42:83:dc:ec:7c:c1:a9:9a:5b:db:c3:eb:de:02:81:cc:58:
         2f:02:87:e9:3f:3e:04:2c:a2:84:a7:1d:18:ed:ef:36:7a:a1:
         d7:8c:33:35:7a:93:a8:0a:37:ac:73:6a:e9:94:96:06:58:05:
         75:a7:5d:b6:a5:59:20:ae:40:3b:1c:a5:74:ca:3c:00:05:56:
         45:34:64:bf:89:43:cb:e8:66:a9:55:71:90:72:88:f2:1c:4e:
         90:7d:38:1e:e7:02:5f:66:49:7b:81:b9:2f:cf:29:b3:aa:c6:
         55:fe:fb:19:07:e0:c4:a8:b7:b2:07:4e:17:20:b8:93:14:86:
         7c:82:7b:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVZFkA7RJi1EA6/ecJVafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjFmYzNiNmEwNGQ3NDMwNzZiZDI4NmRlODIxNDQ1ZjA2
NTRlZjcwHhcNMjUwOTA3MDQwMDU2WhcNMjUwOTA4MDQwMDU2WjAzMTEwLwYDVQQD
EyhkZTVjZGI0OTU4N2RiYzA3OTI0Njc4ODU3YjZjM2Q4OGUyNjc0YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHRXA5tXejzNboUFmHy3GsNY7jwO
RaxQr7vkY3uAXxqyhyOhzeWpp0mDog9vt9CVFu6odLaS7WBYQU0N1uwFORZmZzs3
4iccaB2SKcGelh7cP00NmrYGxVQWhlglj1YnbXYXZ3e4RXO52HD2dc5pLXgVgoI3
gmm5aKYH6aWDdfNU7y2jrFcw1b9umECohqHroa5SfmrP7t3xIE3u8+7PPRatXQtt
Kk8htkj7YoNLNlA/YHE6gFZKSjUbHz3ziV9yAcJKwNNYC3oBZ5MZ1cuVd8cujxiB
UjOxpXfb57meQ2mSN3Zxhh9JKmiqZYpvTAf67XbBmELUgK17d6w12K2eMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5c20lYfbwHkkZ4hXtsPYjiZ0v7MB8GA1UdIwQY
MBaAFKdh/DtqBNdDB2vSht6CFEXwZU73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYt
YTBjZGU3YmE4YmJlLzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYtYTBjZGU3YmE4YmJl
LzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIH9uKyzf
z6HqWXvtUNF/psMp/4VMzNHpTcQRREVar/prOKtPZysT7vKXu2ku7YfLrAvft/hP
P8f/+x1mVv0SGmgQIjdBjdAHb0A5vN1Hl1T+LGur1UGUgpNNL4+M/JNpjJH0gXaf
UzXMXVNyXJmP0COrSYBrJF4ybwuVvI3eEEKD3Ox8wamaW9vD694CgcxYLwKH6T8+
BCyihKcdGO3vNnqh14wzNXqTqAo3rHNq6ZSWBlgFdaddtqVZIK5AOxyldMo8AAVW
RTRkv4lDy+hmqVVxkHKI8hxOkH04HucCX2ZJe4G5L88ps6rGVf77GQfgxKi3sgdO
FyC4kxSGfIJ73w==
-----END CERTIFICATE-----