Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
File:                     rh967y8S0HaqitWli8uNyvPwvUw.mft (raw, json)
Hash identifier:          GakYHhiUEh6FoTBdjvwR2cMfAm7D0gdtCdZtQ9/NbuA=
Subject key identifier:   02:D3:C9:A9:68:A4:06:17:76:95:E0:D4:AF:CE:7B:87:9F:11:A3:7E
Authority key identifier: AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C
Certificate issuer:       /CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
Certificate serial:       0199225566323551B848DFD01466DA0C0503
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
Manifest number:          11C0
Signing time:             Sun 07 Sep 2025 04:00:45 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:45 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:45 +0000
Files and hashes:         1: rh967y8S0HaqitWli8uNyvPwvUw.crl (hash: 5evACNWAWzqs5PjRRZvrgnCrKr3sJK2V4xmvyhhAJNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:66:32:35:51:b8:48:df:d0:14:66:da:0c:05:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
        Validity
            Not Before: Sep  7 04:00:45 2025 GMT
            Not After : Sep  8 04:00:45 2025 GMT
        Subject: CN=02d3c9a968a406177695e0d4afce7b879f11a37e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1c:fe:e3:91:3b:84:4c:8e:81:c6:8f:f9:32:
                    33:9e:2b:45:97:74:60:96:c7:b9:3a:b5:97:38:42:
                    d8:89:af:74:a5:6c:10:19:a0:b5:2b:d6:81:50:84:
                    20:05:da:8a:65:55:99:a6:d4:25:08:42:3c:4f:16:
                    17:2a:cf:3c:40:6e:7f:92:d5:73:b7:55:62:24:11:
                    f8:21:c2:f8:34:56:60:96:07:34:db:b9:dc:23:fd:
                    6a:78:33:5c:b6:6a:f6:91:16:4f:9a:18:17:87:47:
                    31:c1:54:6f:36:ab:3f:6c:d7:93:28:75:46:f6:1c:
                    85:68:59:83:85:3f:21:98:d2:90:85:d4:cf:be:d5:
                    3c:2c:2b:dd:90:96:89:62:b5:cd:90:56:a1:3d:32:
                    0e:27:83:aa:6c:46:e6:fe:af:8c:87:a5:0c:59:91:
                    d5:d4:9d:11:99:38:85:08:4c:e5:5d:f0:35:a5:33:
                    69:bf:a2:ec:8a:67:50:16:36:a8:0c:20:20:df:bd:
                    50:b2:1f:fd:03:7d:4a:41:fc:0a:fc:fd:69:6d:d9:
                    12:6c:66:a2:82:f5:17:4a:cd:82:21:4d:c6:04:fe:
                    8c:d5:30:f9:c2:92:66:12:a7:48:e9:27:f0:60:eb:
                    12:04:c3:7b:54:64:cd:5e:94:37:d3:09:64:6a:8f:
                    8c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:D3:C9:A9:68:A4:06:17:76:95:E0:D4:AF:CE:7B:87:9F:11:A3:7E
            X509v3 Authority Key Identifier:
                keyid:AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:9f:07:6b:2c:5d:36:1e:ae:b6:dd:cb:1b:d1:bb:18:aa:fc:
         35:a8:fe:04:6b:45:58:66:64:81:f7:d8:bc:72:d1:c4:4f:3c:
         79:5e:45:c0:30:67:49:db:78:f0:da:d7:a5:6c:e0:2b:ef:2f:
         5e:d3:34:be:13:5c:eb:c9:78:59:8a:2e:0a:fd:cc:7c:93:aa:
         90:93:77:70:c4:93:f4:09:dd:73:99:30:88:6c:1a:c4:e2:a8:
         4c:69:29:3c:df:ef:83:45:15:9f:c7:e6:df:08:b7:92:cb:70:
         53:34:41:9d:94:1d:96:c3:0b:77:bb:99:ce:a2:42:1e:ad:55:
         83:83:92:01:86:cb:f7:76:f4:fe:5e:ec:af:f2:44:04:31:e2:
         f4:71:f1:90:77:7f:01:2b:9a:d1:85:07:5c:9f:69:12:d9:b8:
         f5:27:05:d2:a4:01:46:a1:46:68:67:2c:23:3b:a8:18:c4:f7:
         63:c5:fc:f9:5d:c6:07:6b:f5:9a:86:3d:9f:9f:14:fe:8a:6a:
         c6:a4:8a:28:7c:2f:e9:a9:c9:cf:bd:37:69:c4:bc:68:c9:f4:
         d8:7d:06:e1:85:fc:f3:df:c9:bf:08:0c:0d:8f:57:b2:70:e1:
         46:28:9c:d7:48:3f:97:18:44:0b:ad:a7:20:77:4f:f7:d0:e9:
         b4:02:a0:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVWYyNVG4SN/QFGbaDAUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWY3YWVmMmYxMmQwNzZhYThhZDVhNThiY2I4ZGNhZjNm
MGJkNGMwHhcNMjUwOTA3MDQwMDQ1WhcNMjUwOTA4MDQwMDQ1WjAzMTEwLwYDVQQD
EygwMmQzYzlhOTY4YTQwNjE3NzY5NWUwZDRhZmNlN2I4NzlmMTFhMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBz+45E7hEyOgcaP+TIznitFl3Rg
lse5OrWXOELYia90pWwQGaC1K9aBUIQgBdqKZVWZptQlCEI8TxYXKs88QG5/ktVz
t1ViJBH4IcL4NFZglgc027ncI/1qeDNctmr2kRZPmhgXh0cxwVRvNqs/bNeTKHVG
9hyFaFmDhT8hmNKQhdTPvtU8LCvdkJaJYrXNkFahPTIOJ4OqbEbm/q+Mh6UMWZHV
1J0RmTiFCEzlXfA1pTNpv6LsimdQFjaoDCAg371Qsh/9A31KQfwK/P1pbdkSbGai
gvUXSs2CIU3GBP6M1TD5wpJmEqdI6SfwYOsSBMN7VGTNXpQ30wlkao+MdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALTyalopAYXdpXg1K/Oe4efEaN+MB8GA1UdIwQY
MBaAFK4feu8vEtB2qorVpYvLjcrz8L1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEt
MDk4ZDNiZDBiOTUxLzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEtMDk4ZDNiZDBiOTUx
LzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ58Hayxd
Nh6utt3LG9G7GKr8Naj+BGtFWGZkgffYvHLRxE88eV5FwDBnSdt48NrXpWzgK+8v
XtM0vhNc68l4WYouCv3MfJOqkJN3cMST9Andc5kwiGwaxOKoTGkpPN/vg0UVn8fm
3wi3kstwUzRBnZQdlsMLd7uZzqJCHq1Vg4OSAYbL93b0/l7sr/JEBDHi9HHxkHd/
ASua0YUHXJ9pEtm49ScF0qQBRqFGaGcsIzuoGMT3Y8X8+V3GB2v1moY9n58U/opq
xqSKKHwv6anJz703acS8aMn02H0G4YX889/JvwgMDY9XsnDhRiic10g/lxhEC62n
IHdP99DptAKgGg==
-----END CERTIFICATE-----