Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
File:                     09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json)
Hash identifier:          RmfI+rzseZXKW83kPhWHI1qlmITZpqItu4iOxbT0gQc=
Subject key identifier:   A1:13:38:5F:62:C5:2E:FD:23:BF:A2:95:DF:8B:95:17:A0:13:1D:3F
Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31
Certificate issuer:       /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
Certificate serial:       0199239FBD9B48B6539D4CC815D7B8B7CA67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
Manifest number:          019F
Signing time:             Sun 07 Sep 2025 10:01:35 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:35 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:35 +0000
Files and hashes:         1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: uky5D9IQWYIGT99soU/X3mtlW5fKXDY4viBUJLXkim4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:bd:9b:48:b6:53:9d:4c:c8:15:d7:b8:b7:ca:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
        Validity
            Not Before: Sep  7 10:01:35 2025 GMT
            Not After : Sep  8 10:01:35 2025 GMT
        Subject: CN=a113385f62c52efd23bfa295df8b9517a0131d3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8c:3e:50:c7:7a:70:f1:b3:4a:a1:f1:e2:71:
                    6d:81:1a:c9:fd:6d:6f:91:80:31:ca:f1:e8:cc:8a:
                    f0:b2:c8:7b:c8:f3:27:25:12:90:b1:29:ef:d2:5b:
                    f2:6a:8c:81:38:38:c0:d2:49:3e:b5:6d:e0:59:d0:
                    20:ab:0f:30:d1:10:9c:a5:1c:29:a0:17:7c:8f:dd:
                    d6:27:56:bf:3a:ae:58:d5:91:fc:03:1f:1a:8e:b6:
                    67:22:19:c4:2f:b8:72:b3:9c:fa:65:92:0e:9b:79:
                    10:84:91:bb:c3:1c:61:81:ed:61:1a:de:6f:4b:dc:
                    7e:72:9b:2a:95:7c:82:86:1c:90:b6:4c:79:75:0e:
                    67:6d:05:4a:91:93:49:7d:fc:dc:53:02:b2:7a:00:
                    29:32:7b:8d:84:5d:ef:85:02:c1:f7:18:29:a1:3e:
                    5e:df:7b:ec:84:36:f4:d5:85:82:86:0d:b0:46:19:
                    61:af:51:a3:7d:f5:34:fc:de:78:14:e2:39:1b:6d:
                    6e:f6:f0:4b:10:da:1b:38:a3:08:4b:d4:f1:d3:47:
                    ee:8b:99:b0:da:d3:1a:43:5c:e3:95:3e:de:28:91:
                    82:5e:57:b9:d1:e3:e0:1b:63:63:cc:30:e7:c1:57:
                    ed:fc:02:fe:7b:5e:31:d7:73:6a:12:d8:b1:74:f7:
                    3d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:13:38:5F:62:C5:2E:FD:23:BF:A2:95:DF:8B:95:17:A0:13:1D:3F
            X509v3 Authority Key Identifier:
                keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:c4:f9:f8:68:2f:62:ca:97:d4:b1:95:36:8c:da:2d:4a:0d:
         b2:67:61:f6:f7:12:d1:80:6f:b8:51:30:8e:36:af:27:d3:a6:
         25:85:6f:5c:28:3a:85:11:d6:6c:68:48:79:d2:51:6a:a1:60:
         0b:e2:d8:d3:65:f1:2a:d2:10:cd:04:00:f4:27:64:77:7d:0b:
         ec:5a:49:8a:8a:a2:31:ca:ce:6b:9d:e0:49:ba:20:f8:33:d0:
         f0:d1:98:f7:76:63:ea:29:8f:b5:14:f0:4f:cf:7c:65:1c:59:
         7d:03:c8:2d:71:f9:6c:f0:63:c2:ff:f5:bd:88:2c:01:93:91:
         62:f6:8e:74:d1:50:5d:cc:1d:a4:22:fc:3d:ea:f8:56:6f:27:
         7f:21:b5:45:4c:cc:47:74:8b:6f:28:bc:63:d8:6d:0e:4b:d2:
         90:1d:c0:d7:43:55:e2:d2:2c:0c:f7:3e:8c:b5:32:7a:95:cf:
         1c:a7:ab:e2:4c:37:ef:3f:85:58:7f:db:14:c0:d0:6e:50:01:
         7c:ea:08:98:03:36:ff:7b:5f:61:39:dd:74:be:40:66:9c:30:
         db:59:61:28:02:48:59:1c:aa:6d:e6:12:f5:6c:7d:ca:d0:23:
         dd:18:22:e1:86:2d:f7:99:31:40:10:89:08:a0:63:fa:bc:a6:
         7f:bf:a0:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn72bSLZTnUzIFde4t8pnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3
ZDk0MzEwHhcNMjUwOTA3MTAwMTM1WhcNMjUwOTA4MTAwMTM1WjAzMTEwLwYDVQQD
EyhhMTEzMzg1ZjYyYzUyZWZkMjNiZmEyOTVkZjhiOTUxN2EwMTMxZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIw+UMd6cPGzSqHx4nFtgRrJ/W1v
kYAxyvHozIrwssh7yPMnJRKQsSnv0lvyaoyBODjA0kk+tW3gWdAgqw8w0RCcpRwp
oBd8j93WJ1a/Oq5Y1ZH8Ax8ajrZnIhnEL7hys5z6ZZIOm3kQhJG7wxxhge1hGt5v
S9x+cpsqlXyChhyQtkx5dQ5nbQVKkZNJffzcUwKyegApMnuNhF3vhQLB9xgpoT5e
33vshDb01YWChg2wRhlhr1GjffU0/N54FOI5G21u9vBLENobOKMIS9Tx00fui5mw
2tMaQ1zjlT7eKJGCXle50ePgG2NjzDDnwVft/AL+e14x13NqEtixdPc9swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKETOF9ixS79I7+ild+LlRegEx0/MB8GA1UdIwQY
MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt
NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz
LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfsT5+Ggv
YsqX1LGVNozaLUoNsmdh9vcS0YBvuFEwjjavJ9OmJYVvXCg6hRHWbGhIedJRaqFg
C+LY02XxKtIQzQQA9Cdkd30L7FpJioqiMcrOa53gSbog+DPQ8NGY93Zj6imPtRTw
T898ZRxZfQPILXH5bPBjwv/1vYgsAZORYvaOdNFQXcwdpCL8Per4Vm8nfyG1RUzM
R3SLbyi8Y9htDkvSkB3A10NV4tIsDPc+jLUyepXPHKer4kw37z+FWH/bFMDQblAB
fOoImAM2/3tfYTnddL5AZpww21lhKAJIWRyqbeYS9Wx9ytAj3Rgi4YYt95kxQBCJ
CKBj+rymf7+g/w==
-----END CERTIFICATE-----