Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          OVb4DHABnURJBm78JpEvAGwQ5cJP/I6Jn958it56Ho8=
Subject key identifier:   76:21:80:60:3A:6B:2E:4B:C6:3D:B8:75:28:00:38:B6:B0:15:09:62
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       019922C3B134AC1803B3A3545476F7A7BDBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          0100
Signing time:             Sun 07 Sep 2025 06:01:14 +0000
Manifest this update:     Sun 07 Sep 2025 06:01:14 +0000
Manifest next update:     Mon 08 Sep 2025 06:01:14 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: JD82yAKNfDNA/DRfYuBINrM8WMq1T9VY1+zScVXJIEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:b1:34:ac:18:03:b3:a3:54:54:76:f7:a7:bd:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Sep  7 06:01:14 2025 GMT
            Not After : Sep  8 06:01:14 2025 GMT
        Subject: CN=762180603a6b2e4bc63db875280038b6b0150962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0c:28:31:0d:da:52:e1:5f:70:ae:9a:79:97:
                    5b:24:f4:62:6d:38:98:ab:ef:b6:f7:dd:65:f6:cc:
                    f3:f2:c8:eb:29:c3:fe:6c:79:1a:86:e3:90:bb:48:
                    0e:ac:cd:79:56:37:90:b0:a5:d6:e7:fc:8c:3c:b5:
                    a7:f2:1e:4a:fb:c3:4c:11:b4:81:30:d7:b0:9b:e2:
                    d4:dc:d7:d7:3a:83:ff:3c:ad:b1:ba:c1:65:1b:2a:
                    1b:82:2f:3b:3c:58:c4:a9:38:49:f2:6b:e0:a7:5e:
                    f6:a1:e0:8e:d8:15:13:e0:29:16:28:f5:28:71:4a:
                    ed:95:aa:df:cf:4b:6e:02:df:72:61:a2:99:9c:e2:
                    b4:8f:57:76:94:d6:05:29:36:d4:c5:86:f2:56:f9:
                    ac:1e:b7:57:ec:ac:8b:ed:f0:32:ef:c0:20:72:a6:
                    3b:5a:4e:d1:25:91:a7:d8:92:ee:85:2f:3e:25:23:
                    8e:e7:dd:ae:63:4a:19:6e:e6:fe:96:fe:4d:f0:ab:
                    e5:aa:58:d6:e5:5c:f1:d7:c1:5c:25:7a:22:3d:2e:
                    12:de:09:b1:da:8a:74:8b:37:2f:86:d9:2a:ce:a3:
                    9f:55:f4:30:5b:25:97:e3:2d:63:4e:99:a1:39:35:
                    63:47:1c:c3:9b:30:de:a0:76:30:90:57:2c:46:f5:
                    fa:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:21:80:60:3A:6B:2E:4B:C6:3D:B8:75:28:00:38:B6:B0:15:09:62
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:10:9b:7f:d3:a9:0b:ec:44:a1:59:0a:36:00:93:c0:35:83:
         44:80:39:df:e9:9e:75:4b:ab:08:ec:3f:2e:08:7e:65:bf:b4:
         66:3b:42:0a:72:aa:a4:f5:8c:75:d7:76:de:0a:40:98:01:78:
         10:6e:1f:11:a2:7c:12:80:8c:b9:84:03:c0:88:82:e0:b7:7c:
         2b:3c:2d:c9:93:c7:14:a3:8b:17:14:e7:98:09:b8:7a:72:ae:
         90:b1:81:4b:66:f3:87:a7:46:15:98:57:65:9d:7a:22:16:e4:
         9d:b7:77:de:74:7b:9b:76:a1:24:ec:e1:a6:36:3c:a1:f7:f9:
         cb:86:09:65:4b:3b:79:cd:0f:70:04:d9:51:dd:68:22:d8:4e:
         2d:53:5c:30:61:be:80:97:f7:f8:8e:49:3c:62:53:f5:16:5c:
         6b:d7:30:63:36:aa:1c:f7:e2:48:3f:1c:c8:78:a7:e7:f3:ce:
         a7:e0:41:f7:49:4a:a6:4c:e0:45:0a:ec:a3:d5:52:47:01:f3:
         58:f5:c7:ca:28:42:9f:c9:c2:42:1f:68:d5:71:3f:f9:9d:2e:
         44:86:66:1b:5b:72:c0:a6:49:33:9a:ad:b0:b6:ec:e2:af:24:
         c7:f4:2d:d0:23:7f:50:b8:99:d1:d1:31:3b:fe:6e:de:48:fa:
         08:33:00:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw7E0rBgDs6NUVHb3p72+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwOTA3MDYwMTE0WhcNMjUwOTA4MDYwMTE0WjAzMTEwLwYDVQQD
Eyg3NjIxODA2MDNhNmIyZTRiYzYzZGI4NzUyODAwMzhiNmIwMTUwOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgwoMQ3aUuFfcK6aeZdbJPRibTiY
q++2991l9szz8sjrKcP+bHkahuOQu0gOrM15VjeQsKXW5/yMPLWn8h5K+8NMEbSB
MNewm+LU3NfXOoP/PK2xusFlGyobgi87PFjEqThJ8mvgp172oeCO2BUT4CkWKPUo
cUrtlarfz0tuAt9yYaKZnOK0j1d2lNYFKTbUxYbyVvmsHrdX7KyL7fAy78AgcqY7
Wk7RJZGn2JLuhS8+JSOO592uY0oZbub+lv5N8KvlqljW5Vzx18FcJXoiPS4S3gmx
2op0izcvhtkqzqOfVfQwWyWX4y1jTpmhOTVjRxzDmzDeoHYwkFcsRvX6wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYhgGA6ay5Lxj24dSgAOLawFQliMB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIxCbf9Op
C+xEoVkKNgCTwDWDRIA53+medUurCOw/Lgh+Zb+0ZjtCCnKqpPWMddd23gpAmAF4
EG4fEaJ8EoCMuYQDwIiC4Ld8KzwtyZPHFKOLFxTnmAm4enKukLGBS2bzh6dGFZhX
ZZ16Ihbknbd33nR7m3ahJOzhpjY8off5y4YJZUs7ec0PcATZUd1oIthOLVNcMGG+
gJf3+I5JPGJT9RZca9cwYzaqHPfiSD8cyHin5/POp+BB90lKpkzgRQrso9VSRwHz
WPXHyihCn8nCQh9o1XE/+Z0uRIZmG1tywKZJM5qtsLbs4q8kx/Qt0CN/ULiZ0dEx
O/5u3kj6CDMAPA==
-----END CERTIFICATE-----