Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          Awwfpv0O1CB06qKzhOMk9+10XtjPDj0nRHaEiJaBggE=
Subject key identifier:   5B:E6:7A:AA:0A:FE:3B:F5:72:30:9E:73:CD:25:47:04:0F:F1:46:12
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       0199179AF911A3E5C500282A1CD71B82085C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          03B9
Signing time:             Fri 05 Sep 2025 02:00:56 +0000
Manifest this update:     Fri 05 Sep 2025 02:00:56 +0000
Manifest next update:     Sat 06 Sep 2025 02:00:56 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: IbwYrQmQ32Zq8yaIhyVdM6UBsdbtjV6e++/Dukt3Uh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:9a:f9:11:a3:e5:c5:00:28:2a:1c:d7:1b:82:08:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: Sep  5 02:00:56 2025 GMT
            Not After : Sep  6 02:00:56 2025 GMT
        Subject: CN=5be67aaa0afe3bf572309e73cd2547040ff14612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:05:bc:ba:b3:37:d3:c9:7f:68:e0:40:40:5e:
                    c7:6e:3d:a5:93:ef:a9:4f:2c:67:a1:79:57:f0:24:
                    c7:db:8e:31:bd:ce:de:59:9c:fa:ea:b0:d4:c5:38:
                    84:c5:d9:57:1c:4c:03:32:85:6b:14:30:d9:84:d7:
                    67:e9:b9:66:c3:25:d0:e7:10:8b:26:ea:2b:34:e4:
                    2e:86:01:64:8b:db:67:4b:ef:ca:40:ba:63:1c:47:
                    09:88:82:27:9a:93:1e:12:7b:b7:ef:0e:90:71:5a:
                    d3:23:73:c3:84:62:f7:29:8d:15:bd:1e:9c:46:b3:
                    56:bb:38:d3:08:14:e1:9d:0b:33:45:24:f1:e2:0f:
                    52:a7:2e:94:5f:59:5b:68:a6:89:f3:02:a7:e2:24:
                    6e:41:1f:5f:15:79:b0:88:67:0e:fb:8a:d9:c0:53:
                    d3:d2:5f:10:b8:88:0d:5c:96:36:53:21:18:97:c3:
                    e6:3b:ba:e1:5f:eb:c2:19:68:64:5c:99:90:7c:03:
                    38:f2:e7:2b:01:48:f4:f7:b2:51:bf:b6:bf:b5:84:
                    2f:d5:50:6f:19:80:50:ba:0d:dc:6c:44:b1:a6:cb:
                    75:05:f0:be:11:88:e4:1b:3c:16:b7:6a:74:d0:6e:
                    bd:a0:c0:52:39:8b:8b:71:57:b9:46:22:be:93:8c:
                    62:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E6:7A:AA:0A:FE:3B:F5:72:30:9E:73:CD:25:47:04:0F:F1:46:12
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:59:6c:ab:5e:df:7f:09:28:19:74:21:a4:33:f1:ff:44:46:
         16:f7:66:a0:41:0b:e0:5e:22:27:ac:f9:65:a1:e4:e6:ea:cb:
         b1:1f:c3:ab:2a:ed:16:dc:03:f8:2c:76:24:c9:65:7f:8a:ee:
         08:60:7c:9c:e1:54:ac:be:de:c8:ef:54:d4:da:d0:ac:05:f0:
         f0:bd:9d:c3:12:49:4b:d8:0e:72:ff:f8:bf:e0:63:5b:d1:32:
         88:aa:8f:27:7f:67:d8:fe:48:54:b7:c8:2f:03:96:cc:e8:53:
         63:4a:53:1e:69:87:5c:08:4e:27:0e:01:fe:e4:ed:32:2f:6d:
         3d:70:48:ef:5c:66:3c:b2:ae:cb:92:81:9e:a8:81:0f:ae:31:
         66:b1:e0:ba:4f:c4:3c:fe:3d:2d:94:ff:e3:b0:bd:b7:2e:18:
         16:b4:39:af:d4:8f:01:ae:e9:3d:a7:88:e4:f8:ad:3c:55:ab:
         cb:ec:b7:e3:a9:48:5e:80:2e:dc:f4:fc:c7:3b:d7:d2:82:08:
         52:2b:8a:97:6c:92:6c:4b:41:9f:d1:cf:63:1a:fb:af:f6:b8:
         ec:c6:3d:e6:81:19:0b:c0:4b:d9:11:ee:92:ed:ad:b5:09:a7:
         e6:73:49:b8:53:82:ce:2e:61:7c:ce:98:91:47:2b:42:87:8e:
         c4:05:e8:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXmvkRo+XFACgqHNcbgghcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUwOTA1MDIwMDU2WhcNMjUwOTA2MDIwMDU2WjAzMTEwLwYDVQQD
Eyg1YmU2N2FhYTBhZmUzYmY1NzIzMDllNzNjZDI1NDcwNDBmZjE0NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQW8urM308l/aOBAQF7Hbj2lk++p
TyxnoXlX8CTH244xvc7eWZz66rDUxTiExdlXHEwDMoVrFDDZhNdn6blmwyXQ5xCL
JuorNOQuhgFki9tnS+/KQLpjHEcJiIInmpMeEnu37w6QcVrTI3PDhGL3KY0VvR6c
RrNWuzjTCBThnQszRSTx4g9Spy6UX1lbaKaJ8wKn4iRuQR9fFXmwiGcO+4rZwFPT
0l8QuIgNXJY2UyEYl8PmO7rhX+vCGWhkXJmQfAM48ucrAUj097JRv7a/tYQv1VBv
GYBQug3cbESxpst1BfC+EYjkGzwWt2p00G69oMBSOYuLcVe5RiK+k4xicQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvmeqoK/jv1cjCec80lRwQP8UYSMB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFlsq17f
fwkoGXQhpDPx/0RGFvdmoEEL4F4iJ6z5ZaHk5urLsR/DqyrtFtwD+Cx2JMllf4ru
CGB8nOFUrL7eyO9U1NrQrAXw8L2dwxJJS9gOcv/4v+BjW9EyiKqPJ39n2P5IVLfI
LwOWzOhTY0pTHmmHXAhOJw4B/uTtMi9tPXBI71xmPLKuy5KBnqiBD64xZrHguk/E
PP49LZT/47C9ty4YFrQ5r9SPAa7pPaeI5PitPFWry+y346lIXoAu3PT8xzvX0oII
UiuKl2ySbEtBn9HPYxr7r/a47MY95oEZC8BL2RHuku2ttQmn5nNJuFOCzi5hfM6Y
kUcrQoeOxAXoKw==
-----END CERTIFICATE-----