Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          2opJa4TY4Wg/3Y9dCDbaH+Ux8Pkoi1Ey4C3mJAtRn/E=
Subject key identifier:   DB:7F:B0:20:86:D6:09:C9:93:E6:71:65:36:35:85:2A:EF:72:54:73
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       0199239F62B173DA076A3DE7F42F4B49465E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          0B16
Signing time:             Sun 07 Sep 2025 10:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:11 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: qZYk7yShAm49yoc+dqKNhfJX8zzdc4PbOKe93jfhL3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:62:b1:73:da:07:6a:3d:e7:f4:2f:4b:49:46:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Sep  7 10:01:11 2025 GMT
            Not After : Sep  8 10:01:11 2025 GMT
        Subject: CN=db7fb02086d609c993e671653635852aef725473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9c:49:67:e9:a7:79:81:b9:7f:f5:b6:65:f4:
                    eb:cb:a2:5e:ac:5a:91:81:0c:41:84:ac:95:64:28:
                    69:bc:c7:37:17:c6:0c:31:7b:de:93:ec:43:60:02:
                    9b:c7:8f:46:27:6c:30:e4:d9:1c:4a:67:36:d3:f2:
                    7e:ab:6b:2f:06:c6:94:1d:6f:20:db:0e:eb:d3:12:
                    5a:97:ea:2c:5c:48:6a:5c:8c:01:21:84:85:70:d7:
                    93:e3:e4:af:e3:64:b4:6a:32:b0:db:e6:ec:6a:12:
                    90:09:a2:20:ca:4f:26:d4:40:08:be:57:97:28:34:
                    72:75:32:b7:84:93:b2:87:0a:af:29:f5:09:1c:ef:
                    e6:9e:8a:d4:08:25:17:cf:68:e4:f7:e8:fc:08:ff:
                    46:d9:65:b7:62:13:a2:ba:6a:9b:16:70:4d:f6:71:
                    31:0c:b8:cc:9a:43:23:59:9e:78:50:57:25:0b:04:
                    e6:34:7b:5e:56:cb:c9:d7:0c:c7:cb:93:78:aa:91:
                    de:37:df:9e:89:40:51:f9:56:96:03:43:45:4b:bc:
                    92:d9:67:66:7d:ba:07:c2:ff:58:37:92:b1:e5:7a:
                    b3:7a:c9:a3:8b:39:79:c7:dc:66:73:cd:fe:84:ee:
                    64:91:97:a9:69:98:5b:64:63:c5:a2:88:d2:1b:82:
                    0a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:7F:B0:20:86:D6:09:C9:93:E6:71:65:36:35:85:2A:EF:72:54:73
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:1b:c4:55:4e:80:4b:58:6d:0a:45:fb:11:25:77:09:ad:7c:
         21:62:0d:9f:73:d3:85:78:6e:2b:d3:e1:b2:e5:71:9a:5e:46:
         e4:f9:15:54:80:57:66:b9:a9:d5:0c:6f:cc:dc:42:20:ec:d0:
         70:12:17:95:f3:c9:a5:8a:e8:76:13:c0:e0:c3:67:9d:88:e7:
         a3:a2:ed:c7:78:29:c3:e7:2c:de:fd:e3:5f:36:a9:c9:f9:e2:
         3a:76:b9:01:78:ee:5d:e8:3e:b8:88:45:4e:29:2b:a5:01:27:
         7f:50:3e:10:b6:7d:72:81:5d:ad:5d:a6:9d:c3:d2:ef:5b:11:
         6f:49:4e:ca:6a:15:e3:3e:7f:a0:91:89:91:13:2d:cd:20:00:
         91:bd:b0:5e:7e:65:04:2c:2a:e2:f1:b1:43:37:af:e1:23:1e:
         59:44:d6:1c:2c:7e:80:16:b2:40:7f:c8:9c:55:36:e3:bf:b4:
         3d:1c:92:9e:f9:95:f0:80:f3:88:73:b5:8a:e2:47:a4:fa:f0:
         46:58:71:2a:07:01:27:38:79:db:27:42:8d:73:1d:1f:c0:d8:
         14:16:44:07:30:d5:4d:7b:c3:56:ec:4e:38:6f:0c:ff:4a:6f:
         b8:7c:59:dc:b5:ab:d1:78:d0:6c:6b:2a:87:86:ca:82:ee:86:
         e1:0f:e7:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn2Kxc9oHaj3n9C9LSUZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjUwOTA3MTAwMTExWhcNMjUwOTA4MTAwMTExWjAzMTEwLwYDVQQD
EyhkYjdmYjAyMDg2ZDYwOWM5OTNlNjcxNjUzNjM1ODUyYWVmNzI1NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5xJZ+mneYG5f/W2ZfTry6JerFqR
gQxBhKyVZChpvMc3F8YMMXvek+xDYAKbx49GJ2ww5NkcSmc20/J+q2svBsaUHW8g
2w7r0xJal+osXEhqXIwBIYSFcNeT4+Sv42S0ajKw2+bsahKQCaIgyk8m1EAIvleX
KDRydTK3hJOyhwqvKfUJHO/mnorUCCUXz2jk9+j8CP9G2WW3YhOiumqbFnBN9nEx
DLjMmkMjWZ54UFclCwTmNHteVsvJ1wzHy5N4qpHeN9+eiUBR+VaWA0NFS7yS2Wdm
fboHwv9YN5Kx5Xqzesmjizl5x9xmc83+hO5kkZepaZhbZGPFoojSG4IK/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNt/sCCG1gnJk+ZxZTY1hSrvclRzMB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdRvEVU6A
S1htCkX7ESV3Ca18IWINn3PThXhuK9PhsuVxml5G5PkVVIBXZrmp1QxvzNxCIOzQ
cBIXlfPJpYrodhPA4MNnnYjno6Ltx3gpw+cs3v3jXzapyfniOna5AXjuXeg+uIhF
TikrpQEnf1A+ELZ9coFdrV2mncPS71sRb0lOymoV4z5/oJGJkRMtzSAAkb2wXn5l
BCwq4vGxQzev4SMeWUTWHCx+gBayQH/InFU247+0PRySnvmV8IDziHO1iuJHpPrw
RlhxKgcBJzh52ydCjXMdH8DYFBZEBzDVTXvDVuxOOG8M/0pvuHxZ3LWr0XjQbGsq
h4bKgu6G4Q/ndQ==
-----END CERTIFICATE-----