Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          XxtYrMPuokBnrBkmuiuGvtn2cvbcEerfFl9a7SRGW7U=
Subject key identifier:   D6:C0:56:CA:44:F0:98:BB:15:3C:C3:E1:1A:75:8B:61:C3:23:04:3B
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       019922FACE7275DFBFE7C57DE42A496F4D98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0BFC
Signing time:             Sun 07 Sep 2025 07:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:26 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: jm5Qoad9TkSPwUpjDgBh8dDvbb6FLLg5eNyhbCfYaTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:ce:72:75:df:bf:e7:c5:7d:e4:2a:49:6f:4d:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Sep  7 07:01:26 2025 GMT
            Not After : Sep  8 07:01:26 2025 GMT
        Subject: CN=d6c056ca44f098bb153cc3e11a758b61c323043b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:be:59:33:7d:ef:09:16:64:12:f7:c7:53:13:
                    a5:65:9b:e2:61:d5:58:82:93:6f:6c:e3:23:20:2f:
                    de:98:d0:31:fe:25:41:de:61:74:cf:5e:dc:de:1d:
                    03:01:22:9c:f4:3c:f9:2a:26:37:b7:49:a4:99:ed:
                    02:57:31:d4:3e:e4:59:85:52:8e:49:b1:4c:fd:7c:
                    dd:a3:a8:ff:68:a6:8d:e0:2f:56:ed:77:0f:b5:9d:
                    80:5c:4f:10:8c:96:6c:9d:8a:ea:bc:1c:83:5e:ef:
                    52:3f:2f:aa:84:12:a1:60:b6:f3:4a:4b:1a:83:6e:
                    7b:b3:9e:f5:79:63:bd:b8:73:27:92:db:f8:cc:77:
                    f8:af:0c:d3:d0:39:e5:87:d3:2c:6a:a4:d1:7f:31:
                    2a:63:73:89:94:56:2d:af:e1:99:fc:ae:11:90:80:
                    60:af:88:d8:02:9a:5f:70:34:61:75:0d:9f:f3:36:
                    d2:73:b2:12:5b:57:a0:96:d4:6c:74:85:c5:7d:27:
                    95:76:3c:7a:82:4d:40:eb:0a:8e:0e:a9:c1:c8:12:
                    11:a6:9b:8c:ad:63:bf:18:7b:ab:e6:87:3a:dd:6c:
                    eb:b5:e1:04:03:a0:6c:7f:79:3c:d3:b5:c4:ec:7d:
                    73:f1:c0:10:f1:21:51:c9:e2:77:64:99:16:67:e9:
                    dd:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:C0:56:CA:44:F0:98:BB:15:3C:C3:E1:1A:75:8B:61:C3:23:04:3B
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:e4:10:b3:e4:0e:c2:4b:4d:cc:f1:9b:d7:19:65:c2:3d:c4:
         0d:9c:4c:08:36:44:2e:59:8d:aa:72:f0:6f:1e:cb:2c:5d:cd:
         82:f4:45:44:74:76:48:81:fb:71:19:db:cb:e1:a1:2d:c0:3b:
         39:ef:9f:57:0f:0c:bb:72:3e:70:ea:c9:75:c4:37:04:73:e9:
         c3:76:c1:5b:52:7c:db:06:f2:5f:01:fd:7e:d7:3d:8c:4f:3a:
         34:fd:4a:23:74:b7:17:21:1f:e4:10:db:7d:62:9f:40:cb:a1:
         48:37:14:7f:37:70:21:72:3e:d6:19:db:2b:24:df:1e:f1:f0:
         52:56:e7:5b:b7:df:64:93:0b:1b:25:d8:c8:e3:2d:d6:b3:5f:
         0f:2a:c6:62:fb:3f:19:49:62:e9:80:bb:6a:7d:6a:ba:f4:c5:
         8e:50:71:ed:36:25:f9:5e:fc:de:ad:5a:c4:79:b1:82:b1:b2:
         79:39:ac:b9:6b:7a:9f:4e:66:16:97:c6:83:42:45:03:b0:97:
         51:8e:53:51:a7:cb:98:7e:bf:db:a5:95:45:f2:37:7a:a2:e9:
         88:79:a1:4d:ea:4a:a1:ae:e9:0c:a5:7c:43:fb:56:9e:06:82:
         84:41:70:c8:93:9a:81:c4:e7:88:ce:a0:a0:de:88:d0:e8:e9:
         bd:8c:45:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+s5ydd+/58V95CpJb02YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwOTA3MDcwMTI2WhcNMjUwOTA4MDcwMTI2WjAzMTEwLwYDVQQD
EyhkNmMwNTZjYTQ0ZjA5OGJiMTUzY2MzZTExYTc1OGI2MWMzMjMwNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL5ZM33vCRZkEvfHUxOlZZviYdVY
gpNvbOMjIC/emNAx/iVB3mF0z17c3h0DASKc9Dz5KiY3t0mkme0CVzHUPuRZhVKO
SbFM/Xzdo6j/aKaN4C9W7XcPtZ2AXE8QjJZsnYrqvByDXu9SPy+qhBKhYLbzSksa
g257s571eWO9uHMnktv4zHf4rwzT0Dnlh9MsaqTRfzEqY3OJlFYtr+GZ/K4RkIBg
r4jYAppfcDRhdQ2f8zbSc7ISW1egltRsdIXFfSeVdjx6gk1A6wqODqnByBIRppuM
rWO/GHur5oc63WzrteEEA6Bsf3k807XE7H1z8cAQ8SFRyeJ3ZJkWZ+nd2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbAVspE8Ji7FTzD4Rp1i2HDIwQ7MB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOQQs+QO
wktNzPGb1xllwj3EDZxMCDZELlmNqnLwbx7LLF3NgvRFRHR2SIH7cRnby+GhLcA7
Oe+fVw8Mu3I+cOrJdcQ3BHPpw3bBW1J82wbyXwH9ftc9jE86NP1KI3S3FyEf5BDb
fWKfQMuhSDcUfzdwIXI+1hnbKyTfHvHwUlbnW7ffZJMLGyXYyOMt1rNfDyrGYvs/
GUli6YC7an1quvTFjlBx7TYl+V783q1axHmxgrGyeTmsuWt6n05mFpfGg0JFA7CX
UY5TUafLmH6/26WVRfI3eqLpiHmhTepKoa7pDKV8Q/tWngaChEFwyJOagcTniM6g
oN6I0OjpvYxFEA==
-----END CERTIFICATE-----