Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          Imk2FdTTz8q7U7ELLNekyJenlciSfWPghYPtlMgUf0g=
Subject key identifier:   48:55:C5:7F:74:2D:4E:B3:AB:E7:5F:7E:1D:A0:13:D3:9C:12:14:F2
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       019922FA880134A1B67303CFCAA2F00996D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0BB6
Signing time:             Sun 07 Sep 2025 07:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:08 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: K2YfWBg7cjqlZMk3Tm+1Dyj1JMSoXNggD+EUsuOXgO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:88:01:34:a1:b6:73:03:cf:ca:a2:f0:09:96:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Sep  7 07:01:08 2025 GMT
            Not After : Sep  8 07:01:08 2025 GMT
        Subject: CN=4855c57f742d4eb3abe75f7e1da013d39c1214f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:bd:43:e3:5c:e2:2e:7a:5f:5d:4c:fa:1e:ac:
                    95:06:17:93:43:e7:a2:42:c8:6e:b0:a1:72:1b:30:
                    19:29:41:58:77:b3:c9:52:95:42:4e:95:71:c3:66:
                    e0:f4:b4:f8:9c:8a:7c:32:dc:33:86:e5:8c:1d:f6:
                    f7:47:de:57:03:ed:d8:34:37:11:da:4f:fc:38:f3:
                    63:33:fa:0f:d3:c7:20:f1:e4:58:d6:f2:54:b3:30:
                    28:95:37:b8:0a:71:35:8d:ef:6a:13:80:af:ce:aa:
                    63:70:a9:e6:3d:5e:c0:68:db:c4:bf:2d:d9:81:52:
                    ed:97:89:44:44:65:9a:fd:92:77:5f:c9:8d:f4:93:
                    11:d7:36:f7:a0:ab:8e:a5:86:24:0d:dd:ed:57:31:
                    85:fd:ec:ce:85:ad:11:77:94:bf:03:ee:61:28:55:
                    36:82:52:4c:5e:fa:81:c1:f2:cb:2d:f7:81:66:c1:
                    b1:38:83:49:c1:c5:87:71:13:42:5d:9b:26:b7:f7:
                    fc:cc:7f:61:27:33:7c:98:2e:cd:10:db:26:1b:ff:
                    62:47:ba:49:39:5d:2b:2f:f0:1b:cd:e1:ab:d3:84:
                    02:7e:b9:c4:85:0d:bb:9b:8d:31:e9:32:9e:59:f7:
                    8a:06:b9:a6:fc:e0:93:b9:7f:63:c7:38:c1:30:f0:
                    43:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:55:C5:7F:74:2D:4E:B3:AB:E7:5F:7E:1D:A0:13:D3:9C:12:14:F2
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e2:46:67:66:43:49:55:14:52:c6:2f:58:c9:ad:a4:3d:a6:55:
         9f:72:4b:92:e9:fa:8f:15:2f:6b:ba:1c:0a:ef:1c:6b:29:dd:
         49:ce:1d:3e:c7:27:e0:e8:23:73:cb:80:aa:9c:69:0f:c5:0b:
         69:44:90:72:d8:0a:de:d6:d5:5d:6e:ce:4b:f9:36:89:5d:d5:
         f2:31:a9:e8:3e:f5:b2:e5:d2:66:31:13:86:97:65:85:b6:92:
         04:1b:ba:b0:49:41:6c:4c:08:40:be:7b:44:8b:67:c0:7c:a3:
         33:69:0d:ef:de:36:1e:1d:34:89:63:67:5b:16:d7:92:77:bf:
         68:95:fe:da:38:fd:5d:ab:50:5c:bf:52:7d:bd:57:bd:ac:4a:
         e0:5d:cd:05:9b:8e:46:3e:0c:cc:60:a3:fa:5a:16:c7:20:dd:
         c2:2a:5b:56:91:f1:a2:3f:64:2a:33:21:26:69:6c:bb:1c:12:
         2a:44:c1:a6:b3:33:d7:5f:e5:f4:d9:d8:05:01:34:51:92:a7:
         7a:70:31:2b:f4:40:50:81:7a:d2:a7:e5:5a:94:0c:92:93:58:
         6b:df:20:68:15:1c:b5:be:20:01:b8:81:27:d0:24:79:7c:40:
         0a:66:4f:cc:ad:a3:12:7d:7e:da:48:12:55:93:58:32:e3:05:
         da:4f:fa:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+ogBNKG2cwPPyqLwCZbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUwOTA3MDcwMTA4WhcNMjUwOTA4MDcwMTA4WjAzMTEwLwYDVQQD
Eyg0ODU1YzU3Zjc0MmQ0ZWIzYWJlNzVmN2UxZGEwMTNkMzljMTIxNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb1D41ziLnpfXUz6HqyVBheTQ+ei
QshusKFyGzAZKUFYd7PJUpVCTpVxw2bg9LT4nIp8MtwzhuWMHfb3R95XA+3YNDcR
2k/8OPNjM/oP08cg8eRY1vJUszAolTe4CnE1je9qE4CvzqpjcKnmPV7AaNvEvy3Z
gVLtl4lERGWa/ZJ3X8mN9JMR1zb3oKuOpYYkDd3tVzGF/ezOha0Rd5S/A+5hKFU2
glJMXvqBwfLLLfeBZsGxOINJwcWHcRNCXZsmt/f8zH9hJzN8mC7NENsmG/9iR7pJ
OV0rL/AbzeGr04QCfrnEhQ27m40x6TKeWfeKBrmm/OCTuX9jxzjBMPBD1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhVxX90LU6zq+dffh2gE9OcEhTyMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4kZnZkNJ
VRRSxi9Yya2kPaZVn3JLkun6jxUva7ocCu8cayndSc4dPscn4Ogjc8uAqpxpD8UL
aUSQctgK3tbVXW7OS/k2iV3V8jGp6D71suXSZjEThpdlhbaSBBu6sElBbEwIQL57
RItnwHyjM2kN7942Hh00iWNnWxbXkne/aJX+2jj9XatQXL9Sfb1XvaxK4F3NBZuO
Rj4MzGCj+loWxyDdwipbVpHxoj9kKjMhJmlsuxwSKkTBprMz11/l9NnYBQE0UZKn
enAxK/RAUIF60qflWpQMkpNYa98gaBUctb4gAbiBJ9AkeXxACmZPzK2jEn1+2kgS
VZNYMuMF2k/61A==
-----END CERTIFICATE-----