Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          gcJWZCZ4z/lzRVT5vHzmYEDPF0NfWd68t9Kj2vI82+Y=
Subject key identifier:   63:8B:7D:45:A9:19:AD:13:04:79:36:B4:60:B5:23:72:71:B0:DB:BF
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       0199233179410013FF8E3AAF3CB339C7E5E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          03C6
Signing time:             Sun 07 Sep 2025 08:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:08 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: 0lKLNKlebEEggU9VHMI6fksxhsnljnlZkEs4gmPNu/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:79:41:00:13:ff:8e:3a:af:3c:b3:39:c7:e5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Sep  7 08:01:08 2025 GMT
            Not After : Sep  8 08:01:08 2025 GMT
        Subject: CN=638b7d45a919ad13047936b460b5237271b0dbbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:25:cc:d2:4c:49:40:b1:27:8f:d4:d7:3f:ed:
                    96:5c:61:1b:67:ff:f8:62:33:e9:1a:98:f4:2d:8d:
                    a1:39:cf:46:91:9d:88:53:5b:26:25:20:be:7c:c5:
                    4e:0b:3c:04:b1:eb:b6:16:71:86:ed:fb:61:32:57:
                    23:2b:f9:46:4e:eb:42:fb:72:b7:f7:5c:13:41:e8:
                    2a:cf:d7:1f:c3:b7:f2:3a:c1:c5:2f:e1:b1:37:31:
                    44:45:80:eb:6f:d7:63:66:6b:9f:54:37:b5:98:c7:
                    9b:64:19:41:1a:02:c7:86:dd:c3:e8:46:47:4c:0c:
                    66:21:46:68:30:5a:9d:d9:22:35:9c:1e:69:67:a3:
                    b2:92:34:f6:c4:7e:e2:8f:7c:15:1c:84:45:81:a1:
                    ad:6c:70:e3:74:29:14:75:11:1f:54:3b:dc:86:16:
                    36:c8:12:b0:1e:ea:bb:57:f3:c0:f9:a0:d7:a5:0b:
                    03:04:0a:6a:d9:d5:1e:a7:bf:75:76:41:c9:f3:61:
                    c2:16:e2:89:8b:82:20:2d:36:9d:51:54:e8:9b:54:
                    1e:9f:1c:87:50:16:93:5a:c7:22:a0:e8:12:f8:41:
                    93:5b:40:2e:fb:7b:87:fb:1f:7d:0d:bf:6a:d8:27:
                    83:9b:69:7d:f1:b2:de:81:9c:dd:72:cd:88:ce:a8:
                    24:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:8B:7D:45:A9:19:AD:13:04:79:36:B4:60:B5:23:72:71:B0:DB:BF
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:a4:a0:b0:97:e7:9b:f3:70:44:87:8d:81:bb:f1:e8:29:61:
         b7:80:ec:5a:66:38:25:9f:6c:90:b2:c8:04:3c:97:73:75:ca:
         69:56:29:56:dd:18:d6:0d:85:0d:db:f6:6a:13:7b:35:ca:58:
         e2:07:cc:9a:c3:65:01:55:f1:05:4b:60:dd:8b:fc:b6:b1:68:
         3d:2f:88:e9:95:c2:94:a1:3c:b6:8a:70:35:fd:17:f9:8e:df:
         5e:22:2c:0f:c0:99:9f:db:cb:2d:65:13:a7:29:59:95:25:6a:
         1b:2e:e7:49:06:32:e4:cb:59:b7:21:c4:d4:ae:16:5f:60:d8:
         77:d4:c6:4d:59:c2:d7:0f:27:c5:ff:39:d9:06:55:de:37:d5:
         b3:7a:65:b9:e2:8a:6b:ad:3f:30:a3:4e:69:cb:69:98:59:d4:
         f9:bd:b5:10:36:66:a5:42:3f:5f:34:40:6d:a3:36:9b:8b:05:
         84:e1:51:8f:4c:4a:e6:5a:1e:03:db:d9:a7:60:36:fc:6d:f2:
         5f:65:8d:15:85:c2:06:7c:d5:9d:cc:67:cd:39:e1:3c:d3:13:
         8b:51:17:ef:fe:3e:e4:6b:f6:6b:58:52:5b:f8:06:45:ca:84:
         2b:f8:1c:f3:8e:64:94:7f:9f:ad:6a:f8:d6:86:51:96:63:aa:
         8a:12:08:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMXlBABP/jjqvPLM5x+XpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUwOTA3MDgwMTA4WhcNMjUwOTA4MDgwMTA4WjAzMTEwLwYDVQQD
Eyg2MzhiN2Q0NWE5MTlhZDEzMDQ3OTM2YjQ2MGI1MjM3MjcxYjBkYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyXM0kxJQLEnj9TXP+2WXGEbZ//4
YjPpGpj0LY2hOc9GkZ2IU1smJSC+fMVOCzwEseu2FnGG7fthMlcjK/lGTutC+3K3
91wTQegqz9cfw7fyOsHFL+GxNzFERYDrb9djZmufVDe1mMebZBlBGgLHht3D6EZH
TAxmIUZoMFqd2SI1nB5pZ6OykjT2xH7ij3wVHIRFgaGtbHDjdCkUdREfVDvchhY2
yBKwHuq7V/PA+aDXpQsDBApq2dUep791dkHJ82HCFuKJi4IgLTadUVTom1QenxyH
UBaTWscioOgS+EGTW0Au+3uH+x99Db9q2CeDm2l98bLegZzdcs2IzqgkKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOLfUWpGa0TBHk2tGC1I3JxsNu/MB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6SgsJfn
m/NwRIeNgbvx6Clht4DsWmY4JZ9skLLIBDyXc3XKaVYpVt0Y1g2FDdv2ahN7NcpY
4gfMmsNlAVXxBUtg3Yv8trFoPS+I6ZXClKE8topwNf0X+Y7fXiIsD8CZn9vLLWUT
pylZlSVqGy7nSQYy5MtZtyHE1K4WX2DYd9TGTVnC1w8nxf852QZV3jfVs3plueKK
a60/MKNOactpmFnU+b21EDZmpUI/XzRAbaM2m4sFhOFRj0xK5loeA9vZp2A2/G3y
X2WNFYXCBnzVncxnzTnhPNMTi1EX7/4+5Gv2a1hSW/gGRcqEK/gc845klH+frWr4
1oZRlmOqihIIaA==
-----END CERTIFICATE-----