Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
File:                     wKopmx5fodUSbfrXXf1Km65EOhc.mft (raw, json)
Hash identifier:          qbeoBKNWnz6fji9XI5GkR9zNzt/xGsCZi6ttg6jsVAw=
Subject key identifier:   F0:93:AF:6D:E3:55:B4:8D:58:D0:DC:1D:2D:08:AB:DC:7E:60:60:82
Authority key identifier: C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17
Certificate issuer:       /CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
Certificate serial:       019921B11941A42DB8EA5C837CC1DA4AB859
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
Manifest number:          05AB
Signing time:             Sun 07 Sep 2025 01:01:18 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:18 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:18 +0000
Files and hashes:         1: wKopmx5fodUSbfrXXf1Km65EOhc.crl (hash: BdfvYKeaBHLCX86kYznI7hdf2adpY35ypTynIk4YdTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:19:41:a4:2d:b8:ea:5c:83:7c:c1:da:4a:b8:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
        Validity
            Not Before: Sep  7 01:01:18 2025 GMT
            Not After : Sep  8 01:01:18 2025 GMT
        Subject: CN=f093af6de355b48d58d0dc1d2d08abdc7e606082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9d:23:69:37:56:8e:2b:46:19:7b:9e:dd:45:
                    a4:53:b1:08:65:f8:5f:03:2d:08:2c:39:1e:a9:8b:
                    91:46:eb:c4:ab:78:77:8b:f5:a1:e3:9e:1b:dc:cd:
                    f4:30:1d:77:57:1e:83:25:ce:24:b9:bb:69:b1:e8:
                    7b:68:e7:c8:98:13:14:09:6f:86:43:df:6d:b3:d8:
                    5c:82:87:aa:22:f2:1b:65:9a:21:63:3d:dd:af:36:
                    30:eb:a3:71:d3:93:1a:e0:83:14:63:e9:05:a6:41:
                    3c:4d:75:e4:ff:66:99:b3:0d:99:d0:f5:62:d6:07:
                    ba:e4:88:85:16:ab:c8:45:e8:5a:5a:f3:76:d1:8f:
                    0b:89:ac:e7:54:94:1d:79:a4:62:31:b4:42:19:04:
                    34:50:03:0a:0b:db:49:19:c2:98:e8:5d:23:05:e1:
                    b6:39:59:71:8b:6c:fa:82:cf:fd:6c:59:71:b9:5e:
                    fa:94:29:fe:57:87:9f:54:e8:fd:7c:3d:bb:74:f3:
                    c8:94:74:d9:90:60:55:ae:12:df:72:96:3c:8f:6b:
                    6c:58:02:58:75:ae:1e:26:7a:a6:d3:b1:f2:35:aa:
                    30:38:40:5e:87:0b:8d:6f:d5:21:65:ad:76:b7:52:
                    e4:3c:ef:a5:99:41:3e:38:6b:c1:1d:dc:09:ad:cf:
                    18:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:93:AF:6D:E3:55:B4:8D:58:D0:DC:1D:2D:08:AB:DC:7E:60:60:82
            X509v3 Authority Key Identifier:
                keyid:C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:b1:3b:3d:77:da:f6:e5:8b:3a:42:e8:67:74:7b:20:15:13:
         21:52:ab:0e:d8:b2:b6:35:69:12:0b:24:8b:fe:df:51:58:92:
         ef:86:1e:73:70:0b:6c:f3:a0:02:cb:d0:da:c3:ea:1f:12:21:
         b2:31:0c:8b:f4:1b:f0:81:dd:1e:28:b4:64:1f:a1:55:39:fe:
         33:b4:85:06:d7:70:7c:a8:66:ad:11:a9:03:b7:12:cc:42:18:
         8c:e5:6f:42:ef:b6:59:3f:d2:9e:96:0f:e8:2a:ca:ce:80:61:
         08:33:c7:44:0a:f3:66:96:49:03:1b:45:59:92:65:53:5e:3b:
         58:f6:64:94:79:a7:16:88:fa:fc:76:65:11:cd:32:e3:ab:f4:
         f4:20:22:72:82:01:b0:45:e3:f7:49:3f:3c:ff:92:3a:c5:5c:
         3c:b2:9f:4d:ae:7b:24:b2:eb:ad:b0:07:8a:3f:1a:86:83:d5:
         75:bf:fe:50:2e:8c:61:b8:68:72:9b:9c:26:38:97:24:b2:26:
         22:63:e1:c6:a0:ed:63:d7:cb:76:35:f0:34:d5:7d:40:7b:8d:
         24:d6:e2:35:87:75:fd:03:9f:05:84:e3:63:3e:53:db:65:bd:
         29:a8:6f:75:60:e7:60:c8:5d:e3:f0:37:5c:5d:89:cc:0a:80:
         9e:64:88:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsRlBpC246lyDfMHaSrhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYWEyOTliMWU1ZmExZDUxMjZkZmFkNzVkZmQ0YTliYWU0
NDNhMTcwHhcNMjUwOTA3MDEwMTE4WhcNMjUwOTA4MDEwMTE4WjAzMTEwLwYDVQQD
EyhmMDkzYWY2ZGUzNTViNDhkNThkMGRjMWQyZDA4YWJkYzdlNjA2MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ0jaTdWjitGGXue3UWkU7EIZfhf
Ay0ILDkeqYuRRuvEq3h3i/Wh454b3M30MB13Vx6DJc4kubtpseh7aOfImBMUCW+G
Q99ts9hcgoeqIvIbZZohYz3drzYw66Nx05Ma4IMUY+kFpkE8TXXk/2aZsw2Z0PVi
1ge65IiFFqvIRehaWvN20Y8LiaznVJQdeaRiMbRCGQQ0UAMKC9tJGcKY6F0jBeG2
OVlxi2z6gs/9bFlxuV76lCn+V4efVOj9fD27dPPIlHTZkGBVrhLfcpY8j2tsWAJY
da4eJnqm07HyNaowOEBehwuNb9UhZa12t1LkPO+lmUE+OGvBHdwJrc8YnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCTr23jVbSNWNDcHS0Iq9x+YGCCMB8GA1UdIwQY
MBaAFMCqKZseX6HVEm361139SpuuRDoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzct
NzA0YTk5NWUzZGI2LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzctNzA0YTk5NWUzZGI2
LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFLE7PXfa
9uWLOkLoZ3R7IBUTIVKrDtiytjVpEgski/7fUViS74Yec3ALbPOgAsvQ2sPqHxIh
sjEMi/Qb8IHdHii0ZB+hVTn+M7SFBtdwfKhmrRGpA7cSzEIYjOVvQu+2WT/SnpYP
6CrKzoBhCDPHRArzZpZJAxtFWZJlU147WPZklHmnFoj6/HZlEc0y46v09CAicoIB
sEXj90k/PP+SOsVcPLKfTa57JLLrrbAHij8ahoPVdb/+UC6MYbhocpucJjiXJLIm
ImPhxqDtY9fLdjXwNNV9QHuNJNbiNYd1/QOfBYTjYz5T22W9KahvdWDnYMhd4/A3
XF2JzAqAnmSITA==
-----END CERTIFICATE-----