Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          zMhUI09GAcYFqF3jiTy9w8U4gsD1G9z9tzez9+l6tHc=
Subject key identifier:   8B:7F:27:E3:C5:D1:82:C2:7C:3C:DA:A6:47:A5:71:EA:CE:E3:EA:73
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       0199239F29C35D58755705E7495E50A35B65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          1601
Signing time:             Sun 07 Sep 2025 10:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:57 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: O6oVkeXa6+KXoLrJRVsF6oXL/Rxz2lh28kSUCnC3byY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:29:c3:5d:58:75:57:05:e7:49:5e:50:a3:5b:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Sep  7 10:00:57 2025 GMT
            Not After : Sep  8 10:00:57 2025 GMT
        Subject: CN=8b7f27e3c5d182c27c3cdaa647a571eacee3ea73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b2:05:33:e9:8e:b8:f4:53:b7:24:26:39:6f:
                    27:32:4a:88:e7:d7:c9:1f:7e:5a:30:34:8d:68:c0:
                    43:5c:b3:24:0e:5c:d3:ba:40:fa:36:8d:23:d7:61:
                    30:5e:7a:4c:e3:c8:d5:bb:33:b7:57:d0:31:32:dc:
                    94:f0:6b:1c:11:16:c0:63:69:98:fb:6d:f5:54:15:
                    13:7b:d3:5a:c6:f4:db:c6:d0:2e:3b:1b:a4:a9:d1:
                    f8:4b:3f:12:5d:e7:a0:ea:1f:a7:95:44:de:90:17:
                    53:fe:3c:75:d2:c5:57:c8:3b:81:fb:d5:b8:a3:10:
                    6e:ea:b3:8e:5c:cc:21:a2:13:a9:ed:e0:4d:7d:5e:
                    3f:f1:1d:74:3f:4a:ed:a6:a4:32:df:11:17:2d:b3:
                    0c:95:4e:ed:a9:18:21:5f:6a:c3:98:a4:ba:e6:6e:
                    41:2b:f9:cb:90:df:03:20:be:55:bc:ed:4d:36:2d:
                    72:cb:d1:65:49:a7:77:1a:f9:0f:0d:8a:07:e3:a6:
                    d4:6e:83:b7:57:83:0f:b3:bf:77:ca:9d:7f:59:76:
                    79:9a:da:53:ff:4a:e0:99:fc:16:ba:c8:ed:c9:67:
                    18:60:49:1a:56:f5:fa:68:dc:7c:11:f4:e0:6a:82:
                    be:4f:9b:fb:84:71:75:e2:18:cd:24:d2:84:63:52:
                    d6:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7F:27:E3:C5:D1:82:C2:7C:3C:DA:A6:47:A5:71:EA:CE:E3:EA:73
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:1e:d7:29:b3:35:11:b7:26:74:12:74:34:5e:1f:0b:6a:40:
         71:f2:0c:19:4d:b5:b9:62:f0:74:a6:95:53:59:18:7c:a6:33:
         b0:90:bc:c0:2a:63:08:2d:99:20:23:db:e2:07:59:36:cc:a4:
         97:51:d3:09:03:32:bc:34:1c:3f:ec:37:11:e6:74:04:c9:60:
         7e:81:0b:b7:f9:06:a9:7e:0b:37:d7:85:51:92:c2:6f:25:1c:
         d3:ed:4b:ec:04:5d:f6:d9:d3:e7:2f:a8:b1:12:c0:32:70:7e:
         f5:d2:93:35:62:e7:90:64:d2:48:3b:1e:44:e3:4a:56:4e:85:
         a5:4b:2b:d9:96:b2:16:78:df:be:64:69:b6:05:a5:08:37:5f:
         62:f9:ee:3f:cb:78:3f:a6:04:15:82:53:4a:0c:cf:27:af:af:
         b8:d0:c3:49:4a:c1:76:d8:25:dd:7e:be:70:2b:8a:8e:4c:1e:
         2d:16:35:95:c6:54:85:22:5f:a8:89:d4:6c:30:bd:ed:8c:d1:
         22:89:0a:4c:f6:5b:a4:43:63:5e:d2:24:bb:80:73:96:1a:27:
         02:bf:b7:ff:01:21:37:b1:0c:2b:46:de:b5:76:cb:fe:8f:16:
         68:75:2c:2b:67:54:7e:c6:92:33:e5:1b:d9:a0:32:3f:d7:27:
         e1:82:4a:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnynDXVh1VwXnSV5Qo1tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwOTA3MTAwMDU3WhcNMjUwOTA4MTAwMDU3WjAzMTEwLwYDVQQD
Eyg4YjdmMjdlM2M1ZDE4MmMyN2MzY2RhYTY0N2E1NzFlYWNlZTNlYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7IFM+mOuPRTtyQmOW8nMkqI59fJ
H35aMDSNaMBDXLMkDlzTukD6No0j12EwXnpM48jVuzO3V9AxMtyU8GscERbAY2mY
+231VBUTe9NaxvTbxtAuOxukqdH4Sz8SXeeg6h+nlUTekBdT/jx10sVXyDuB+9W4
oxBu6rOOXMwhohOp7eBNfV4/8R10P0rtpqQy3xEXLbMMlU7tqRghX2rDmKS65m5B
K/nLkN8DIL5VvO1NNi1yy9FlSad3GvkPDYoH46bUboO3V4MPs793yp1/WXZ5mtpT
/0rgmfwWusjtyWcYYEkaVvX6aNx8EfTgaoK+T5v7hHF14hjNJNKEY1LWFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIt/J+PF0YLCfDzapkelcerO4+pzMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZB7XKbM1
EbcmdBJ0NF4fC2pAcfIMGU21uWLwdKaVU1kYfKYzsJC8wCpjCC2ZICPb4gdZNsyk
l1HTCQMyvDQcP+w3EeZ0BMlgfoELt/kGqX4LN9eFUZLCbyUc0+1L7ARd9tnT5y+o
sRLAMnB+9dKTNWLnkGTSSDseRONKVk6FpUsr2ZayFnjfvmRptgWlCDdfYvnuP8t4
P6YEFYJTSgzPJ6+vuNDDSUrBdtgl3X6+cCuKjkweLRY1lcZUhSJfqInUbDC97YzR
IokKTPZbpENjXtIku4BzlhonAr+3/wEhN7EMK0betXbL/o8WaHUsK2dUfsaSM+Ub
2aAyP9cn4YJKpA==
-----END CERTIFICATE-----