Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          RB5eY8wQS6xOlOWWV+Du4zUVC0D0K8GIHbGcCBOiiMg=
Subject key identifier:   D7:FA:AE:13:82:1F:0F:CD:F6:9E:77:5C:45:50:8D:5A:E4:0A:1F:A4
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       01992BFD91BC37097CD6EF6322D43BEB43CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          1672
Signing time:             Tue 09 Sep 2025 01:01:02 +0000
Manifest this update:     Tue 09 Sep 2025 01:01:02 +0000
Manifest next update:     Wed 10 Sep 2025 01:01:02 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: 7UHr2oSRoXXs2Jqh2dh/JmG3qWPbPJ/PEjawRFwg/Kw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 09 Sep 2025 23:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:2b:fd:91:bc:37:09:7c:d6:ef:63:22:d4:3b:eb:43:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Sep  9 01:01:02 2025 GMT
            Not After : Sep 10 01:01:02 2025 GMT
        Subject: CN=d7faae13821f0fcdf69e775c45508d5ae40a1fa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5a:14:d8:84:ff:b2:f9:31:1a:ed:58:3b:a5:
                    2a:66:0d:3e:77:65:8e:32:fa:2a:31:cf:ca:f6:35:
                    c3:56:d9:d6:aa:02:41:13:1f:af:1e:3f:50:2e:23:
                    8c:6c:0d:f6:5e:40:02:e4:f9:a4:ef:5d:b8:72:18:
                    9e:b9:61:13:35:08:9a:3a:64:bf:3c:bf:6d:db:6a:
                    11:b9:65:27:b7:a4:77:a7:dd:9a:65:f2:60:a8:6f:
                    f2:f9:c1:7f:eb:9e:a5:ce:f3:47:e0:16:5a:68:c2:
                    bc:a3:d0:2d:c4:5e:b9:55:81:c9:c8:3d:40:56:c0:
                    66:29:f5:f7:f5:8a:d1:50:03:1a:09:af:60:66:dd:
                    4c:3a:e5:fb:bf:15:7a:09:0c:4e:7c:5e:8d:bc:8f:
                    6c:bf:1c:9f:c8:2d:b5:5a:d7:28:00:c8:8d:fc:9b:
                    02:4d:9d:79:b6:c2:93:df:09:93:cb:a2:0b:7c:37:
                    34:43:63:ff:a9:9c:3b:72:e9:0d:52:b3:18:64:01:
                    d3:7f:37:1d:87:c0:03:02:6c:a8:79:cd:7b:2b:5c:
                    db:6f:b9:54:9d:9f:44:1c:9e:08:92:65:f5:21:3f:
                    3d:64:8e:11:d3:20:bd:86:b6:a4:1a:e0:4e:34:25:
                    21:54:1d:4c:64:48:ea:ad:ae:d9:02:25:bc:3d:94:
                    1a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FA:AE:13:82:1F:0F:CD:F6:9E:77:5C:45:50:8D:5A:E4:0A:1F:A4
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:7d:91:af:86:c6:8d:a3:a5:fb:27:c9:32:30:68:e7:d5:81:
         dc:f3:85:9e:56:d7:d6:4c:eb:59:4e:80:26:cb:38:b2:0c:9c:
         2a:65:6a:9d:b7:88:ff:e0:d5:94:d4:ec:f1:82:7b:5a:c9:2f:
         d8:df:f1:2f:82:34:03:53:64:9b:c7:2c:6b:fb:5d:5b:53:ca:
         cd:e4:73:27:0e:50:36:5a:52:fe:05:36:ba:0b:f1:12:a6:18:
         ec:f8:f0:02:1f:3b:47:ff:23:92:50:7f:b1:e8:7e:11:9a:96:
         e8:8b:49:e5:12:f6:24:66:7d:c5:21:79:71:1a:0b:c9:68:72:
         aa:89:f8:da:2e:e4:1e:d3:5f:6d:e8:2a:80:c1:ea:65:d3:c6:
         ea:a5:75:ef:c6:04:c8:d6:0b:d5:b0:a4:27:fa:8f:8c:ac:d8:
         24:24:b0:48:59:4d:4f:32:77:0e:c6:4d:42:70:bf:cf:ca:d1:
         95:5a:26:d0:2d:68:30:c4:a1:3c:e8:bd:59:dd:93:27:0a:b7:
         7d:21:41:9e:69:b7:a3:97:2c:90:f7:15:18:72:e8:93:c1:f3:
         c4:cd:1f:3c:f8:36:00:a8:dc:46:b1:e4:7e:65:5e:ca:d8:65:
         64:b8:32:0c:6a:15:7f:02:70:be:9e:3e:96:01:ee:f6:39:39:
         13:ec:f8:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkr/ZG8Nwl81u9jItQ760PNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjUwOTA5MDEwMTAyWhcNMjUwOTEwMDEwMTAyWjAzMTEwLwYDVQQD
EyhkN2ZhYWUxMzgyMWYwZmNkZjY5ZTc3NWM0NTUwOGQ1YWU0MGExZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFoU2IT/svkxGu1YO6UqZg0+d2WO
MvoqMc/K9jXDVtnWqgJBEx+vHj9QLiOMbA32XkAC5Pmk7124chieuWETNQiaOmS/
PL9t22oRuWUnt6R3p92aZfJgqG/y+cF/656lzvNH4BZaaMK8o9AtxF65VYHJyD1A
VsBmKfX39YrRUAMaCa9gZt1MOuX7vxV6CQxOfF6NvI9svxyfyC21WtcoAMiN/JsC
TZ15tsKT3wmTy6ILfDc0Q2P/qZw7cukNUrMYZAHTfzcdh8ADAmyoec17K1zbb7lU
nZ9EHJ4IkmX1IT89ZI4R0yC9hrakGuBONCUhVB1MZEjqra7ZAiW8PZQaWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNf6rhOCHw/N9p53XEVQjVrkCh+kMB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARH2Rr4bG
jaOl+yfJMjBo59WB3POFnlbX1kzrWU6AJss4sgycKmVqnbeI/+DVlNTs8YJ7Wskv
2N/xL4I0A1Nkm8csa/tdW1PKzeRzJw5QNlpS/gU2ugvxEqYY7PjwAh87R/8jklB/
seh+EZqW6ItJ5RL2JGZ9xSF5cRoLyWhyqon42i7kHtNfbegqgMHqZdPG6qV178YE
yNYL1bCkJ/qPjKzYJCSwSFlNTzJ3DsZNQnC/z8rRlVom0C1oMMShPOi9Wd2TJwq3
fSFBnmm3o5cskPcVGHLok8HzxM0fPPg2AKjcRrHkfmVeythlZLgyDGoVfwJwvp4+
lgHu9jk5E+z4mQ==
-----END CERTIFICATE-----