Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          t2hk2QJLs1HlNfmrt51XSaP64G+y+CTbNOJG4z9z4OI=
Subject key identifier:   AD:AE:97:49:11:13:FF:E2:15:B2:FF:1D:6B:C9:1E:64:00:B2:14:54
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019923A0F052F114A9E3E9E3F69083D85EF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          15C2
Signing time:             Sun 07 Sep 2025 10:02:53 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:53 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:53 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: UGy0FVVCuoEBZtwmUfplUIPXwwajQB7MvnSbT0fjRvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:f0:52:f1:14:a9:e3:e9:e3:f6:90:83:d8:5e:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Sep  7 10:02:53 2025 GMT
            Not After : Sep  8 10:02:53 2025 GMT
        Subject: CN=adae97491113ffe215b2ff1d6bc91e6400b21454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:87:c0:cb:4c:49:df:45:00:ea:d7:1a:8b:b4:
                    b8:0d:5b:67:47:5d:d3:9a:3e:d9:c6:3d:dd:81:23:
                    f6:bb:5e:d1:87:a6:a7:4c:49:8b:9d:14:1c:f0:35:
                    f9:8a:69:ca:ce:bc:7e:34:46:c2:19:dc:50:fb:13:
                    96:31:8f:8e:02:4c:7b:33:12:b5:fd:5a:d6:ce:a1:
                    81:be:a2:b9:83:30:b9:3a:3a:72:24:c3:25:62:e7:
                    83:4c:f5:19:fe:a5:b5:f0:07:8e:0b:03:4e:1c:f3:
                    86:5e:b6:0f:8c:80:43:c2:1e:1f:c9:c7:09:6e:5a:
                    f0:32:3e:07:b3:5d:23:4f:4e:07:60:08:ac:25:04:
                    3c:01:18:65:5c:f1:b9:9e:d9:ef:e3:81:2e:81:e8:
                    0b:a8:46:c6:be:06:fd:27:cd:12:34:e1:34:85:57:
                    6f:ab:3e:ee:ca:90:43:b4:0d:53:18:e4:ce:20:7d:
                    93:27:e3:ad:09:ef:a1:a2:89:10:ab:d0:11:ae:17:
                    75:a7:f1:45:97:0b:7a:64:87:18:94:4a:5c:45:e5:
                    88:3e:3d:d0:8f:bf:8a:20:f4:28:6f:af:d7:7f:98:
                    f4:f7:5b:68:87:8d:92:b2:18:2b:1d:78:f5:67:ed:
                    de:1c:91:17:0c:0a:cb:02:a6:05:d3:4d:5d:35:ac:
                    cc:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:AE:97:49:11:13:FF:E2:15:B2:FF:1D:6B:C9:1E:64:00:B2:14:54
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:2b:42:84:18:ab:1c:f2:bc:80:d7:c1:13:31:71:f2:c9:8b:
         ee:69:e6:36:2e:48:29:22:6a:1a:b4:3c:df:75:b1:fc:bc:d5:
         eb:9b:c7:d8:ef:b4:ed:eb:f0:fd:db:6e:99:8a:31:a4:27:fa:
         f9:7f:a2:41:ca:09:66:e2:21:fd:45:09:aa:41:01:48:39:2a:
         0c:f4:d3:f4:f1:2b:e6:13:34:be:0f:3b:33:3f:54:aa:99:51:
         4c:5f:bb:a8:25:b6:74:44:36:81:39:55:1b:73:cc:92:6c:bc:
         b4:8c:5d:4f:fd:e1:30:1e:34:1c:f6:1e:b7:21:3d:f3:23:33:
         f9:d7:8f:7b:45:48:fc:1b:c2:b9:eb:56:aa:72:80:ad:11:b3:
         c5:2f:5a:5f:ee:b7:48:88:82:f1:3d:e2:e8:0e:6a:d8:b4:8e:
         8c:e2:51:82:ae:32:ee:6d:28:05:8a:f9:df:89:c0:34:b2:4f:
         93:49:a0:29:c4:36:97:07:d7:2f:a8:90:71:73:e2:35:f3:e9:
         1b:36:29:57:57:a0:f9:79:93:8b:cb:65:e4:1e:fa:d0:fe:e2:
         54:74:ce:81:7f:a5:4a:67:66:27:97:48:59:33:e3:6d:ed:4b:
         3e:60:22:bf:23:cd:6f:b4:79:1f:67:5e:fd:b8:21:4a:b1:95:
         1d:0a:8c:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoPBS8RSp4+nj9pCD2F73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwOTA3MTAwMjUzWhcNMjUwOTA4MTAwMjUzWjAzMTEwLwYDVQQD
EyhhZGFlOTc0OTExMTNmZmUyMTViMmZmMWQ2YmM5MWU2NDAwYjIxNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnofAy0xJ30UA6tcai7S4DVtnR13T
mj7Zxj3dgSP2u17Rh6anTEmLnRQc8DX5imnKzrx+NEbCGdxQ+xOWMY+OAkx7MxK1
/VrWzqGBvqK5gzC5OjpyJMMlYueDTPUZ/qW18AeOCwNOHPOGXrYPjIBDwh4fyccJ
blrwMj4Hs10jT04HYAisJQQ8ARhlXPG5ntnv44EugegLqEbGvgb9J80SNOE0hVdv
qz7uypBDtA1TGOTOIH2TJ+OtCe+hookQq9ARrhd1p/FFlwt6ZIcYlEpcReWIPj3Q
j7+KIPQob6/Xf5j091toh42SshgrHXj1Z+3eHJEXDArLAqYF001dNazMIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2ul0kRE//iFbL/HWvJHmQAshRUMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjytChBir
HPK8gNfBEzFx8smL7mnmNi5IKSJqGrQ833Wx/LzV65vH2O+07evw/dtumYoxpCf6
+X+iQcoJZuIh/UUJqkEBSDkqDPTT9PEr5hM0vg87Mz9UqplRTF+7qCW2dEQ2gTlV
G3PMkmy8tIxdT/3hMB40HPYetyE98yMz+dePe0VI/BvCuetWqnKArRGzxS9aX+63
SIiC8T3i6A5q2LSOjOJRgq4y7m0oBYr534nANLJPk0mgKcQ2lwfXL6iQcXPiNfPp
GzYpV1eg+XmTi8tl5B760P7iVHTOgX+lSmdmJ5dIWTPjbe1LPmAivyPNb7R5H2de
/bghSrGVHQqMJw==
-----END CERTIFICATE-----