Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
File:                     9QtjTgs8aefagY27mc3jjqhJj3E.mft (raw, json)
Hash identifier:          j4Vs5zIlGGNqajh6tOHFM2ryEsUIHkuyotOxDBThiAQ=
Subject key identifier:   F4:7D:09:2C:71:E2:BF:0D:18:EB:61:A4:BB:3E:43:21:41:16:4D:7C
Authority key identifier: F5:0B:63:4E:0B:3C:69:E7:DA:81:8D:BB:99:CD:E3:8E:A8:49:8F:71
Certificate issuer:       /CN=f50b634e0b3c69e7da818dbb99cde38ea8498f71
Certificate serial:       01993312F285DE598121F6ACAF38AC7D950C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
Manifest number:          0B72
Signing time:             Wed 10 Sep 2025 10:01:43 +0000
Manifest this update:     Wed 10 Sep 2025 10:01:43 +0000
Manifest next update:     Thu 11 Sep 2025 10:01:43 +0000
Files and hashes:         1: 9QtjTgs8aefagY27mc3jjqhJj3E.crl (hash: rV3XNYxABLCP58gGDzhbnpTni6CmMB8yEEGpsGOL4tY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 11 Sep 2025 10:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:33:12:f2:85:de:59:81:21:f6:ac:af:38:ac:7d:95:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f50b634e0b3c69e7da818dbb99cde38ea8498f71
        Validity
            Not Before: Sep 10 10:01:43 2025 GMT
            Not After : Sep 11 10:01:43 2025 GMT
        Subject: CN=f47d092c71e2bf0d18eb61a4bb3e432141164d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cd:a7:cf:e3:ab:47:2d:4d:66:3e:79:89:20:
                    91:1b:7c:27:37:e3:8d:0e:86:45:53:ef:c5:08:26:
                    e1:e1:5f:59:79:dd:71:15:00:51:8e:df:42:22:01:
                    b5:6e:66:51:7e:46:a8:f0:21:4e:69:5e:48:1c:62:
                    ba:2b:f2:49:5b:80:df:55:9f:34:e7:83:d8:bf:c0:
                    a1:79:17:1d:43:42:fe:43:fc:1b:58:63:d9:46:96:
                    a6:b9:64:1b:4a:1a:5b:5d:b4:b4:67:37:b3:6f:52:
                    f5:62:7d:40:c6:f2:31:a1:51:fe:08:af:b0:c0:c8:
                    b8:4e:aa:0b:3c:51:b3:74:04:ce:a2:c7:fc:80:1f:
                    ac:3f:1e:c0:83:54:24:80:95:e5:7b:77:4c:a5:1f:
                    2e:1f:43:be:1d:17:0a:4a:93:48:00:e0:a2:bd:ce:
                    97:fb:2b:f4:89:75:28:eb:12:59:6d:c9:0a:9b:68:
                    aa:8e:08:2b:88:45:7c:f3:51:68:e6:17:b0:90:ae:
                    4b:da:a7:81:a4:ed:10:3f:7e:70:ab:81:ce:b7:5c:
                    a8:89:66:cc:47:88:0f:de:31:f1:28:95:00:f4:bc:
                    a2:15:2a:b0:89:0c:4f:ca:6d:11:a3:4b:10:0d:e4:
                    0f:f3:ac:39:e3:e4:92:7f:93:3c:70:b5:5e:dd:44:
                    c9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:7D:09:2C:71:E2:BF:0D:18:EB:61:A4:BB:3E:43:21:41:16:4D:7C
            X509v3 Authority Key Identifier:
                keyid:F5:0B:63:4E:0B:3C:69:E7:DA:81:8D:BB:99:CD:E3:8E:A8:49:8F:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:70:b7:d2:e0:8c:fc:18:b7:19:cd:b5:bb:d1:2b:6d:b5:64:
         86:14:87:81:a6:1d:28:4a:c1:bb:f3:33:a6:04:79:18:26:f3:
         63:0b:69:c0:c9:4c:a4:b3:95:97:65:72:b9:21:7f:57:eb:c7:
         71:f6:fc:de:da:5a:e9:07:cc:ac:7e:3c:bf:e0:d4:c1:6a:b7:
         b2:3b:d1:e7:53:1e:80:52:d4:72:df:cb:cc:80:66:93:33:32:
         96:00:c0:44:bf:35:de:16:fa:5c:b5:64:07:4b:52:3d:4b:c4:
         68:11:43:12:ab:70:76:31:cc:2f:da:b1:be:90:5d:27:b5:89:
         9d:38:84:6a:bb:ff:75:bf:a7:51:01:d2:00:76:f8:75:3a:82:
         9b:56:09:93:7d:c6:dd:7d:47:fa:8a:99:44:7b:29:86:d4:10:
         96:a9:f2:4f:d5:a0:da:db:e1:94:a0:57:1e:91:4c:a3:50:f3:
         cf:51:35:97:b7:c5:7b:07:0a:c2:77:34:85:c5:9c:c1:01:f7:
         e8:f5:f4:ce:65:8d:7c:bd:1a:3e:01:c2:dd:a0:8d:12:e7:16:
         f4:e1:5f:8b:42:0b:54:7d:b1:81:b4:05:26:ef:d1:42:65:c4:
         3e:ce:41:40:5f:ef:6c:0e:63:9c:53:ba:cb:5d:e2:5a:95:c9:
         20:5d:37:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzEvKF3lmBIfasrzisfZUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2MzRlMGIzYzY5ZTdkYTgxOGRiYjk5Y2RlMzhlYTg0
OThmNzEwHhcNMjUwOTEwMTAwMTQzWhcNMjUwOTExMTAwMTQzWjAzMTEwLwYDVQQD
EyhmNDdkMDkyYzcxZTJiZjBkMThlYjYxYTRiYjNlNDMyMTQxMTY0ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc2nz+OrRy1NZj55iSCRG3wnN+ON
DoZFU+/FCCbh4V9Zed1xFQBRjt9CIgG1bmZRfkao8CFOaV5IHGK6K/JJW4DfVZ80
54PYv8CheRcdQ0L+Q/wbWGPZRpamuWQbShpbXbS0Zzezb1L1Yn1AxvIxoVH+CK+w
wMi4TqoLPFGzdATOosf8gB+sPx7Ag1QkgJXle3dMpR8uH0O+HRcKSpNIAOCivc6X
+yv0iXUo6xJZbckKm2iqjggriEV881Fo5hewkK5L2qeBpO0QP35wq4HOt1yoiWbM
R4gP3jHxKJUA9LyiFSqwiQxPym0Ro0sQDeQP86w54+SSf5M8cLVe3UTJQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPR9CSxx4r8NGOthpLs+QyFBFk18MB8GA1UdIwQY
MBaAFPULY04LPGnn2oGNu5nN446oSY9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hMGJmZDktNWZhNy00NDhkLWE1MTQt
OGQxYmFjNjNlZmM2LzEvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hMGJmZDktNWZhNy00NDhkLWE1MTQtOGQxYmFjNjNlZmM2
LzEvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjXC30uCM
/Bi3Gc21u9ErbbVkhhSHgaYdKErBu/MzpgR5GCbzYwtpwMlMpLOVl2VyuSF/V+vH
cfb83tpa6QfMrH48v+DUwWq3sjvR51MegFLUct/LzIBmkzMylgDARL813hb6XLVk
B0tSPUvEaBFDEqtwdjHML9qxvpBdJ7WJnTiEarv/db+nUQHSAHb4dTqCm1YJk33G
3X1H+oqZRHsphtQQlqnyT9Wg2tvhlKBXHpFMo1Dzz1E1l7fFewcKwnc0hcWcwQH3
6PX0zmWNfL0aPgHC3aCNEucW9OFfi0ILVH2xgbQFJu/RQmXEPs5BQF/vbA5jnFO6
y13iWpXJIF03OA==
-----END CERTIFICATE-----