Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
File:                     Ad0iu63J75fJwaOGG21rTE3dhoc.mft (raw, json)
Hash identifier:          msxOZfAqBmV23wBdGPpXgEydwEUU/LoH60lEz15wvz4=
Subject key identifier:   85:43:50:F0:F6:AB:1E:79:E9:E7:50:A4:73:DC:59:4E:72:DF:DE:16
Authority key identifier: 01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87
Certificate issuer:       /CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
Certificate serial:       019921B193F552A868EFD0B2DA9D251E4117
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
Manifest number:          1062
Signing time:             Sun 07 Sep 2025 01:01:49 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:49 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:49 +0000
Files and hashes:         1: Ad0iu63J75fJwaOGG21rTE3dhoc.crl (hash: lrX4W9qfXlfVPsmynYr59E2CQJ/K3SpMiptIo6YA8io=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:93:f5:52:a8:68:ef:d0:b2:da:9d:25:1e:41:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
        Validity
            Not Before: Sep  7 01:01:49 2025 GMT
            Not After : Sep  8 01:01:49 2025 GMT
        Subject: CN=854350f0f6ab1e79e9e750a473dc594e72dfde16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:02:3f:ea:2c:c7:38:a8:3a:fb:26:1a:bd:96:
                    6f:1d:62:e4:8f:43:71:3d:0b:95:5b:51:40:2d:9f:
                    52:cb:24:57:79:82:4e:90:df:96:d6:80:98:b8:29:
                    b7:48:d6:cc:ef:e0:0d:1c:2d:83:09:2f:ff:d9:bb:
                    91:b0:2d:15:49:ff:7d:56:74:fd:d2:6e:47:2b:e0:
                    34:0b:5b:09:75:82:93:ce:d4:58:c2:ab:75:1f:c5:
                    46:9a:07:99:00:fa:8a:60:16:1a:7e:18:6d:37:79:
                    aa:21:36:07:94:63:a8:26:ff:4a:89:7d:cd:3b:90:
                    c8:f9:19:98:d7:2d:b9:d5:fa:8e:7f:46:24:56:16:
                    fa:a6:33:fa:a7:b2:92:a5:ba:75:09:89:35:74:63:
                    2d:81:f9:41:b5:18:0a:3f:d5:d9:e9:2e:80:b9:23:
                    88:a0:03:56:c9:6e:fe:83:24:a7:06:eb:60:2c:d8:
                    27:ec:2b:76:66:ab:30:7b:99:f4:03:fb:be:30:bd:
                    79:51:16:ec:44:0e:69:86:3f:26:a2:19:ef:55:02:
                    22:bf:44:61:11:64:bc:af:50:66:0c:79:13:39:12:
                    4a:db:78:2a:d7:18:e9:67:15:95:40:aa:78:c1:39:
                    72:62:16:46:dd:56:73:fb:e5:51:07:e3:93:75:ff:
                    cc:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:43:50:F0:F6:AB:1E:79:E9:E7:50:A4:73:DC:59:4E:72:DF:DE:16
            X509v3 Authority Key Identifier:
                keyid:01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:48:d8:1c:26:d6:d3:42:e2:2d:04:d9:12:70:60:cb:ef:05:
         e9:91:d5:ca:4b:81:80:ae:c7:b9:95:1a:1b:ac:fe:55:7d:96:
         6d:67:a1:d6:f1:dd:f4:56:a4:5e:79:ae:05:16:ba:af:fe:47:
         3f:59:89:c8:cf:c0:ea:cb:4b:e7:34:d6:d9:f9:58:8d:6c:74:
         20:d1:53:4e:e9:57:f5:fe:a9:4e:23:ef:36:1e:1c:7b:a4:ae:
         e0:d3:10:88:9b:e2:d3:7a:d9:db:1a:55:63:f5:ba:56:ad:25:
         2f:89:54:29:e3:c3:7e:55:bc:2f:d9:b6:38:24:d4:67:8b:2f:
         38:85:9d:f2:80:a4:79:ec:0b:ac:13:63:10:24:28:c6:31:30:
         57:1b:75:eb:6d:6d:03:af:08:0f:19:68:1e:e5:6d:5c:cd:80:
         82:5d:2d:8b:4d:5f:a2:47:75:ac:c8:95:79:63:7a:e6:2d:75:
         5e:80:0d:f5:7f:f8:84:47:8c:7c:4f:ed:30:62:51:90:78:0d:
         89:fd:57:43:f4:4f:74:2b:af:32:80:22:c3:5a:b3:ac:63:1e:
         d5:72:b7:15:30:c5:e4:bb:56:a1:c0:b3:95:f3:a2:95:4f:73:
         c6:41:4b:d8:71:38:fa:5a:f6:f8:57:7d:74:7a:ae:25:29:e8:
         01:27:96:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsZP1Uqho79Cy2p0lHkEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZGQyMmJiYWRjOWVmOTdjOWMxYTM4NjFiNmQ2YjRjNGRk
ZDg2ODcwHhcNMjUwOTA3MDEwMTQ5WhcNMjUwOTA4MDEwMTQ5WjAzMTEwLwYDVQQD
Eyg4NTQzNTBmMGY2YWIxZTc5ZTllNzUwYTQ3M2RjNTk0ZTcyZGZkZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAI/6izHOKg6+yYavZZvHWLkj0Nx
PQuVW1FALZ9SyyRXeYJOkN+W1oCYuCm3SNbM7+ANHC2DCS//2buRsC0VSf99VnT9
0m5HK+A0C1sJdYKTztRYwqt1H8VGmgeZAPqKYBYafhhtN3mqITYHlGOoJv9KiX3N
O5DI+RmY1y251fqOf0YkVhb6pjP6p7KSpbp1CYk1dGMtgflBtRgKP9XZ6S6AuSOI
oANWyW7+gySnButgLNgn7Ct2Zqswe5n0A/u+ML15URbsRA5phj8mohnvVQIiv0Rh
EWS8r1BmDHkTORJK23gq1xjpZxWVQKp4wTlyYhZG3VZz++VRB+OTdf/M+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVDUPD2qx556edQpHPcWU5y394WMB8GA1UdIwQY
MBaAFAHdIrutye+XycGjhhtta0xN3YaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYt
NzA3ZGIyNTI0ZTZiLzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYtNzA3ZGIyNTI0ZTZi
LzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJEjYHCbW
00LiLQTZEnBgy+8F6ZHVykuBgK7HuZUaG6z+VX2WbWeh1vHd9FakXnmuBRa6r/5H
P1mJyM/A6stL5zTW2flYjWx0INFTTulX9f6pTiPvNh4ce6Su4NMQiJvi03rZ2xpV
Y/W6Vq0lL4lUKePDflW8L9m2OCTUZ4svOIWd8oCkeewLrBNjECQoxjEwVxt1621t
A68IDxloHuVtXM2Agl0ti01fokd1rMiVeWN65i11XoAN9X/4hEeMfE/tMGJRkHgN
if1XQ/RPdCuvMoAiw1qzrGMe1XK3FTDF5LtWocCzlfOilU9zxkFL2HE4+lr2+Fd9
dHquJSnoASeWCg==
-----END CERTIFICATE-----