Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
File:                     zRvlrhITa5bNnXilwkykct6Ixlg.mft (raw, json)
Hash identifier:          j5DMApkVp8Qd6QlzrtNE/Jc5EWbgHt7TzJQbPRWyIlY=
Subject key identifier:   1C:85:2A:FC:9F:09:10:DC:D7:CC:72:DF:50:FF:BB:A8:8A:DB:A9:A8
Authority key identifier: CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58
Certificate issuer:       /CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
Certificate serial:       01992255CBB9B3CDBF0977B88D5336D00283
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
Manifest number:          08A4
Signing time:             Sun 07 Sep 2025 04:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:11 +0000
Files and hashes:         1: zRvlrhITa5bNnXilwkykct6Ixlg.crl (hash: GrkOYKglwkgio9cWMNb6A2915q1v4nqpZ9y1hfhO6jM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:cb:b9:b3:cd:bf:09:77:b8:8d:53:36:d0:02:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
        Validity
            Not Before: Sep  7 04:01:11 2025 GMT
            Not After : Sep  8 04:01:11 2025 GMT
        Subject: CN=1c852afc9f0910dcd7cc72df50ffbba88adba9a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7a:cf:2a:16:56:22:59:86:10:a4:3c:64:dd:
                    ef:73:ae:58:5d:83:84:92:04:83:c2:95:19:d5:c4:
                    ff:67:d3:26:cf:76:7b:11:74:e1:08:dd:a6:92:74:
                    eb:0f:37:df:97:1a:4f:25:45:c7:ea:56:a1:aa:70:
                    20:d6:a0:14:c4:b6:db:e6:38:0b:17:a4:30:63:4c:
                    3a:07:40:23:e5:63:bc:89:d1:19:86:57:c6:2d:97:
                    1f:0c:2f:e6:84:77:d9:46:a1:60:0f:e4:aa:19:1d:
                    4e:42:75:24:42:c5:5e:9c:98:5a:d4:b7:9a:ef:31:
                    79:38:1c:50:a6:a6:09:7d:18:cd:69:3a:6f:f6:e6:
                    5e:ac:d8:a0:a6:d2:00:71:f2:ac:a7:f6:68:80:15:
                    b2:18:b5:1c:17:ce:18:9f:f3:d5:5a:f5:2a:c0:73:
                    08:d8:04:ed:26:25:29:06:0b:b7:e4:f0:d4:25:22:
                    f5:6c:63:c1:1e:a3:09:f0:9b:4b:c1:1b:05:d9:d8:
                    4f:a7:3d:d7:ac:e2:02:2c:ad:ac:a7:f9:bb:dc:59:
                    76:2e:28:47:25:d1:7c:e9:b5:23:7b:3d:38:24:1e:
                    3a:45:ad:7c:a1:26:37:9e:e5:62:98:97:f2:bd:06:
                    57:5f:fb:0b:2d:10:2f:9b:5d:b6:b0:b7:15:6c:1f:
                    58:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:85:2A:FC:9F:09:10:DC:D7:CC:72:DF:50:FF:BB:A8:8A:DB:A9:A8
            X509v3 Authority Key Identifier:
                keyid:CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:45:5f:71:2a:e8:68:a1:68:0c:b0:26:7f:d8:25:90:b9:bb:
         f8:e9:64:5a:60:d9:63:c5:55:9b:45:38:73:03:7c:04:f3:9b:
         7f:d7:e8:af:24:e2:5f:c1:35:b3:4e:16:84:ad:a6:78:3f:d4:
         1f:32:97:d8:07:d9:ca:4d:9a:70:55:dc:7c:e0:b9:48:65:d9:
         01:5b:93:32:16:90:a9:e9:48:a3:9b:b3:1b:66:18:0a:6b:53:
         b4:c9:46:ab:ec:82:d0:45:1b:56:22:f1:51:f0:63:d7:4f:cd:
         08:3d:d3:e5:48:eb:4f:87:e9:dc:b4:c2:0b:a0:d3:1e:52:b6:
         b1:0d:61:f3:5e:58:59:94:f4:74:43:c4:b2:ff:34:b3:3c:c3:
         d6:86:54:09:ec:71:a1:0e:b8:a0:d3:c7:dc:86:4c:48:39:3c:
         59:da:64:00:cb:41:fc:3e:5c:5b:6f:72:4b:b6:db:bb:4a:b7:
         14:fd:e0:82:7e:81:1e:1b:21:33:9e:7c:86:25:fb:e5:29:f3:
         7f:82:e8:62:8a:a5:be:73:b9:49:b8:c1:fe:cf:dc:64:42:d2:
         f9:0c:af:7c:8a:90:19:cf:96:0c:57:3e:32:08:b9:03:6a:62:
         a4:83:72:bc:5f:2d:7b:be:82:25:3d:b1:6f:82:70:b7:c0:7d:
         21:87:fc:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVcu5s82/CXe4jVM20AKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWJlNWFlMTIxMzZiOTZjZDlkNzhhNWMyNGNhNDcyZGU4
OGM2NTgwHhcNMjUwOTA3MDQwMTExWhcNMjUwOTA4MDQwMTExWjAzMTEwLwYDVQQD
EygxYzg1MmFmYzlmMDkxMGRjZDdjYzcyZGY1MGZmYmJhODhhZGJhOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHrPKhZWIlmGEKQ8ZN3vc65YXYOE
kgSDwpUZ1cT/Z9Mmz3Z7EXThCN2mknTrDzfflxpPJUXH6lahqnAg1qAUxLbb5jgL
F6QwY0w6B0Aj5WO8idEZhlfGLZcfDC/mhHfZRqFgD+SqGR1OQnUkQsVenJha1Lea
7zF5OBxQpqYJfRjNaTpv9uZerNigptIAcfKsp/ZogBWyGLUcF84Yn/PVWvUqwHMI
2ATtJiUpBgu35PDUJSL1bGPBHqMJ8JtLwRsF2dhPpz3XrOICLK2sp/m73Fl2LihH
JdF86bUjez04JB46Ra18oSY3nuVimJfyvQZXX/sLLRAvm122sLcVbB9YrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByFKvyfCRDc18xy31D/u6iK26moMB8GA1UdIwQY
MBaAFM0b5a4SE2uWzZ14pcJMpHLeiMZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgt
NWYxNmRlNWM4NjU4LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgtNWYxNmRlNWM4NjU4
LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK0VfcSro
aKFoDLAmf9glkLm7+OlkWmDZY8VVm0U4cwN8BPObf9foryTiX8E1s04WhK2meD/U
HzKX2AfZyk2acFXcfOC5SGXZAVuTMhaQqelIo5uzG2YYCmtTtMlGq+yC0EUbViLx
UfBj10/NCD3T5UjrT4fp3LTCC6DTHlK2sQ1h815YWZT0dEPEsv80szzD1oZUCexx
oQ64oNPH3IZMSDk8WdpkAMtB/D5cW29yS7bbu0q3FP3ggn6BHhshM558hiX75Snz
f4LoYoqlvnO5SbjB/s/cZELS+QyvfIqQGc+WDFc+Mgi5A2pipINyvF8te76CJT2x
b4Jwt8B9IYf8bw==
-----END CERTIFICATE-----