Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          JpGPluS5Rjp2Rvsnspypq54EURYDJdTJeQAl8L9RVdI=
Subject key identifier:   C2:72:6B:11:51:7C:B1:1B:D4:F2:D7:C5:FD:93:83:26:E4:84:54:62
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       0199239FF829A150CE7018BB706A4C0C6B15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          0314
Signing time:             Sun 07 Sep 2025 10:01:50 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:50 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:50 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: J4JGZVp4MNIDMaGpY56gY0TybhneJVCe0Q/dqDzdv1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:f8:29:a1:50:ce:70:18:bb:70:6a:4c:0c:6b:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: Sep  7 10:01:50 2025 GMT
            Not After : Sep  8 10:01:50 2025 GMT
        Subject: CN=c2726b11517cb11bd4f2d7c5fd938326e4845462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:56:00:f5:87:59:6e:3e:9c:72:b9:33:06:ce:
                    59:33:90:35:76:0a:35:09:52:49:97:28:6b:4b:53:
                    62:4b:a0:2b:ac:0f:0a:3f:be:47:ff:e2:84:7c:4a:
                    1c:29:e2:30:98:d8:ce:3b:ce:27:cf:7f:94:34:5a:
                    bc:0b:34:4d:54:df:6b:dd:77:59:e2:9f:a6:59:3b:
                    4f:c3:a4:cb:33:27:16:7f:c2:e4:cb:72:6f:92:0b:
                    51:fd:6b:4e:12:14:22:d6:e9:1b:9c:1d:90:23:f5:
                    4f:75:74:96:d8:1e:20:4e:b0:f6:44:2c:e6:c2:44:
                    7c:48:cf:c2:31:76:99:b9:55:cf:ea:cd:89:23:ec:
                    37:f7:5e:1b:27:5b:6e:39:dc:0e:73:02:3c:4a:74:
                    67:ef:83:76:e7:08:db:3a:13:a5:29:cc:be:cf:f0:
                    79:e1:c3:39:8a:85:4f:5a:54:e7:51:4f:61:53:9d:
                    51:d7:88:55:10:b1:78:b9:12:46:a4:ad:3c:85:46:
                    0a:0f:e9:a2:a6:05:7d:b6:a8:1e:93:d6:6f:0e:d6:
                    ae:a6:55:d8:57:ba:89:87:53:38:34:c7:2b:36:95:
                    d3:5f:7e:5f:ba:d5:35:9b:2d:2d:24:bd:31:38:07:
                    74:9f:ba:e4:b9:f9:66:5b:b8:9d:01:6f:3a:94:e7:
                    ff:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:72:6B:11:51:7C:B1:1B:D4:F2:D7:C5:FD:93:83:26:E4:84:54:62
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:4a:76:40:7d:38:1f:ff:fd:4c:36:c5:af:16:d1:66:5f:2e:
         18:9c:a1:4b:b4:41:08:61:06:2b:86:e3:f8:26:67:d8:c3:ce:
         5a:5b:19:a4:dc:b7:5b:ee:3b:dd:7a:20:54:e1:62:b7:ec:1e:
         7b:64:39:b7:70:69:34:c7:4d:37:01:79:ae:e0:39:fe:e6:33:
         bb:e0:b3:8c:09:de:8f:21:5a:db:a9:0c:5a:d8:01:8f:21:bb:
         e0:d2:1e:7b:d0:bd:6f:34:ff:22:ab:5f:7a:71:0b:ca:98:fa:
         f8:da:b7:a0:e2:b1:2c:1f:8b:4c:70:fe:ef:ec:b5:6e:e2:0e:
         0d:e4:e7:6d:fc:e2:68:c2:50:9f:2f:b7:32:19:9d:aa:17:d5:
         24:89:b7:00:f7:7a:d0:1d:9b:a2:03:07:fb:18:51:14:0b:ad:
         87:33:52:eb:44:03:f5:49:a2:d1:e8:83:0c:c1:ad:c8:5d:35:
         13:24:ee:b2:d6:73:21:51:cb:55:2e:30:18:01:0c:26:4f:d2:
         e5:7f:22:b5:d0:b9:76:f5:ee:f3:54:32:18:7a:a5:9c:e2:3d:
         86:43:11:81:2e:91:13:ee:6f:cc:58:52:f6:26:f6:72:b4:4c:
         e0:52:26:18:04:e5:35:5f:13:7e:76:32:74:bf:2a:bf:d9:84:
         b3:b7:a1:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn/gpoVDOcBi7cGpMDGsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjUwOTA3MTAwMTUwWhcNMjUwOTA4MTAwMTUwWjAzMTEwLwYDVQQD
EyhjMjcyNmIxMTUxN2NiMTFiZDRmMmQ3YzVmZDkzODMyNmU0ODQ1NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VYA9YdZbj6ccrkzBs5ZM5A1dgo1
CVJJlyhrS1NiS6ArrA8KP75H/+KEfEocKeIwmNjOO84nz3+UNFq8CzRNVN9r3XdZ
4p+mWTtPw6TLMycWf8Lky3JvkgtR/WtOEhQi1ukbnB2QI/VPdXSW2B4gTrD2RCzm
wkR8SM/CMXaZuVXP6s2JI+w3914bJ1tuOdwOcwI8SnRn74N25wjbOhOlKcy+z/B5
4cM5ioVPWlTnUU9hU51R14hVELF4uRJGpK08hUYKD+mipgV9tqgek9ZvDtauplXY
V7qJh1M4NMcrNpXTX35futU1my0tJL0xOAd0n7rkuflmW7idAW86lOf/9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJyaxFRfLEb1PLXxf2TgybkhFRiMB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG0p2QH04
H//9TDbFrxbRZl8uGJyhS7RBCGEGK4bj+CZn2MPOWlsZpNy3W+473XogVOFit+we
e2Q5t3BpNMdNNwF5ruA5/uYzu+CzjAnejyFa26kMWtgBjyG74NIee9C9bzT/Iqtf
enELypj6+Nq3oOKxLB+LTHD+7+y1buIODeTnbfziaMJQny+3MhmdqhfVJIm3APd6
0B2bogMH+xhRFAuthzNS60QD9Umi0eiDDMGtyF01EyTustZzIVHLVS4wGAEMJk/S
5X8itdC5dvXu81QyGHqlnOI9hkMRgS6RE+5vzFhS9ib2crRM4FImGATlNV8TfnYy
dL8qv9mEs7eh2A==
-----END CERTIFICATE-----