Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
File:                     pkLcUMWwgtCc5unHvqeug3EHPvI.mft (raw, json)
Hash identifier:          Hm93avz1rCgMrB51TY2R8OXgalW4BYDtZkzFKarooJY=
Subject key identifier:   68:4A:16:8B:2F:05:F0:F6:39:57:EF:C9:7B:B1:B6:ED:05:28:1F:F5
Authority key identifier: A6:42:DC:50:C5:B0:82:D0:9C:E6:E9:C7:BE:A7:AE:83:71:07:3E:F2
Certificate issuer:       /CN=a642dc50c5b082d09ce6e9c7bea7ae8371073ef2
Certificate serial:       0199239ECA93B7849FACFC2E0C8801694097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:32 +0000
Files and hashes:         1: pkLcUMWwgtCc5unHvqeug3EHPvI.crl (hash: q7Oxvethd7wFwd0TlCEhux0at4VvEEJvFRxTSGVBcSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:ca:93:b7:84:9f:ac:fc:2e:0c:88:01:69:40:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a642dc50c5b082d09ce6e9c7bea7ae8371073ef2
        Validity
            Not Before: Sep  7 10:00:32 2025 GMT
            Not After : Sep  8 10:00:32 2025 GMT
        Subject: CN=684a168b2f05f0f63957efc97bb1b6ed05281ff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8b:fb:d6:88:f0:79:fe:e1:0b:61:4c:28:a0:
                    24:4f:15:75:9f:9a:df:b1:70:77:3a:76:b0:1d:78:
                    0e:a1:2f:73:6c:a1:66:03:52:55:84:60:25:59:91:
                    3b:17:79:0a:0d:09:71:36:ea:51:67:da:5c:60:85:
                    77:cb:07:b5:e6:55:da:1d:09:e5:1a:2a:ed:51:84:
                    67:eb:51:45:59:ee:75:a5:12:4a:45:d4:a4:16:1a:
                    b6:a3:04:1c:be:de:bc:7e:53:51:90:41:4e:54:3a:
                    36:68:04:52:03:f3:cc:0f:a7:4a:51:e8:2a:16:05:
                    f8:fb:45:c7:08:30:a1:c5:c3:06:e7:ae:5d:e5:e6:
                    c8:c2:6a:32:ae:d4:ba:74:09:13:d0:4d:83:dd:6a:
                    22:51:65:2b:8f:1d:41:9f:0c:81:31:63:13:74:28:
                    9f:51:d0:d9:da:c3:81:c1:57:03:c6:af:7f:b4:9a:
                    51:f4:c4:52:81:92:6b:75:c2:72:d6:6d:27:f8:c2:
                    3a:06:79:b3:ac:8e:ae:69:fa:cf:2b:ec:2e:6c:cf:
                    42:09:bd:a2:2a:3a:f6:e6:61:b5:3a:7a:a4:4a:12:
                    4a:98:f3:67:c6:1d:35:0f:70:9c:8a:4a:c8:51:43:
                    26:c4:c1:c8:1d:67:f3:51:55:c5:e0:a5:58:4f:fb:
                    aa:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:4A:16:8B:2F:05:F0:F6:39:57:EF:C9:7B:B1:B6:ED:05:28:1F:F5
            X509v3 Authority Key Identifier:
                keyid:A6:42:DC:50:C5:B0:82:D0:9C:E6:E9:C7:BE:A7:AE:83:71:07:3E:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:3f:66:61:7f:4e:a9:c7:34:a6:93:38:63:bb:ad:ef:b0:59:
         b6:21:e1:fb:ab:51:7c:5f:fd:c1:0b:d6:08:98:40:a2:47:77:
         e1:69:11:35:4b:79:97:b8:d5:9b:69:4b:1f:10:ac:c1:0f:ae:
         e0:e6:ab:a7:21:96:e8:a4:37:4e:14:7a:ce:ce:70:99:7f:9e:
         7b:44:42:64:bd:a5:b9:62:1d:f7:bb:06:75:7d:b1:cb:e4:9f:
         cc:d3:74:38:2b:c5:64:d8:68:14:73:55:5d:6f:52:60:2c:60:
         f4:a7:11:49:64:22:18:7c:c5:b7:ec:52:52:5c:d0:aa:f2:c9:
         ce:af:b4:5c:d9:f1:4d:f1:37:55:40:3e:ac:1a:ae:e0:ac:69:
         5c:f6:ce:bb:03:4f:ec:ed:07:a7:89:4b:0b:01:be:b9:12:6e:
         74:85:a7:04:78:0c:da:df:76:1e:a5:08:6e:49:26:6f:3c:ac:
         07:64:21:66:bf:57:82:5f:2a:9d:9c:66:c3:37:20:cb:b7:26:
         c0:65:74:f8:75:b5:bc:8c:11:e9:2b:23:0d:3b:2c:85:5b:0b:
         eb:9d:c7:4d:dd:f9:18:1b:f5:7d:0d:cc:6a:bf:a1:e9:f7:83:
         71:e8:76:07:1f:fc:52:26:4e:17:b4:91:67:6c:75:cd:75:5b:
         11:0d:9a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnsqTt4SfrPwuDIgBaUCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDJkYzUwYzViMDgyZDA5Y2U2ZTljN2JlYTdhZTgzNzEw
NzNlZjIwHhcNMjUwOTA3MTAwMDMyWhcNMjUwOTA4MTAwMDMyWjAzMTEwLwYDVQQD
Eyg2ODRhMTY4YjJmMDVmMGY2Mzk1N2VmYzk3YmIxYjZlZDA1MjgxZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYv71ojwef7hC2FMKKAkTxV1n5rf
sXB3OnawHXgOoS9zbKFmA1JVhGAlWZE7F3kKDQlxNupRZ9pcYIV3ywe15lXaHQnl
GirtUYRn61FFWe51pRJKRdSkFhq2owQcvt68flNRkEFOVDo2aARSA/PMD6dKUegq
FgX4+0XHCDChxcMG565d5ebIwmoyrtS6dAkT0E2D3WoiUWUrjx1BnwyBMWMTdCif
UdDZ2sOBwVcDxq9/tJpR9MRSgZJrdcJy1m0n+MI6BnmzrI6uafrPK+wubM9CCb2i
Kjr25mG1OnqkShJKmPNnxh01D3CcikrIUUMmxMHIHWfzUVXF4KVYT/uq7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhKFosvBfD2OVfvyXuxtu0FKB/1MB8GA1UdIwQY
MBaAFKZC3FDFsILQnObpx76nroNxBz7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi82YjJkODYtN2Y3ZS00ODdiLTkxODAt
MmVkOGQyODU5OWRhLzEvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi82YjJkODYtN2Y3ZS00ODdiLTkxODAtMmVkOGQyODU5OWRh
LzEvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqT9mYX9O
qcc0ppM4Y7ut77BZtiHh+6tRfF/9wQvWCJhAokd34WkRNUt5l7jVm2lLHxCswQ+u
4OarpyGW6KQ3ThR6zs5wmX+ee0RCZL2luWId97sGdX2xy+SfzNN0OCvFZNhoFHNV
XW9SYCxg9KcRSWQiGHzFt+xSUlzQqvLJzq+0XNnxTfE3VUA+rBqu4KxpXPbOuwNP
7O0Hp4lLCwG+uRJudIWnBHgM2t92HqUIbkkmbzysB2QhZr9Xgl8qnZxmwzcgy7cm
wGV0+HW1vIwR6SsjDTsshVsL653HTd35GBv1fQ3Mar+h6feDceh2Bx/8UiZOF7SR
Z2x1zXVbEQ2anw==
-----END CERTIFICATE-----