Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
File:                     AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft (raw, json)
Hash identifier:          jGFUODrKfKbqLnppWhvYBY9v9YCf51C4TWnCtdiMZJI=
Subject key identifier:   76:BA:43:C9:54:50:67:93:65:36:0C:0B:E5:C3:50:BC:A2:72:CB:F2
Authority key identifier: 01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04
Certificate issuer:       /CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
Certificate serial:       019921B154D6B34A7B08A94E8C04AB0E047E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
Manifest number:          0B47
Signing time:             Sun 07 Sep 2025 01:01:33 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:33 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:33 +0000
Files and hashes:         1: AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl (hash: lMoE4pASTO6FeQXQIx9SIn9yE1Su0gB078B2Zvj1x58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:54:d6:b3:4a:7b:08:a9:4e:8c:04:ab:0e:04:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
        Validity
            Not Before: Sep  7 01:01:33 2025 GMT
            Not After : Sep  8 01:01:33 2025 GMT
        Subject: CN=76ba43c95450679365360c0be5c350bca272cbf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:31:36:df:28:1f:f5:60:59:a8:d6:59:e0:ea:
                    02:21:d2:8b:8f:26:08:58:63:4b:ed:49:43:74:32:
                    8a:a8:e0:8c:e0:78:63:6e:8d:5a:6a:81:ce:46:7f:
                    f7:c3:01:8d:cd:54:7b:70:73:c6:f4:9a:b7:d0:d6:
                    24:4e:f1:38:97:15:45:22:0a:9b:7e:b7:b2:b1:e0:
                    4e:f6:10:be:10:01:a8:34:e7:60:39:e5:a2:98:5b:
                    bb:44:72:7f:5f:3d:0e:93:58:36:76:6a:6c:87:c6:
                    f0:79:02:1c:08:1d:39:d7:e0:6b:52:58:fb:12:e6:
                    2f:f4:ab:93:76:fa:24:58:9c:87:8b:bf:da:ca:11:
                    39:aa:c5:f0:ac:a7:03:d0:55:2a:fc:47:4c:86:dd:
                    2c:7c:84:ee:02:b7:b4:c7:13:1f:57:f2:0a:db:43:
                    46:71:2c:84:da:6c:61:7d:64:0a:90:97:c5:8e:cf:
                    eb:bb:35:e9:63:db:ce:1b:d7:39:ae:ea:82:03:84:
                    0d:6e:ab:da:bf:fe:b8:9a:cb:2f:6b:52:ad:b1:c1:
                    13:77:1d:88:2e:4b:75:ab:bb:4e:0b:9c:a1:e3:56:
                    dc:f0:17:e3:b8:39:54:f8:41:62:99:6e:a2:e4:11:
                    8f:4e:bc:a2:4b:5b:8b:95:ec:cc:62:57:5b:d8:1f:
                    c3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:BA:43:C9:54:50:67:93:65:36:0C:0B:E5:C3:50:BC:A2:72:CB:F2
            X509v3 Authority Key Identifier:
                keyid:01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:5e:16:55:eb:8a:2b:5c:a1:25:5c:a4:f6:a6:23:8c:37:01:
         98:85:fa:40:2b:79:10:df:55:81:51:0b:da:a5:7c:38:c9:a9:
         91:63:44:69:f7:d9:22:da:73:8d:1e:95:17:d0:78:41:84:76:
         b6:8b:bf:29:c9:d8:c6:e8:9b:f9:8b:41:64:ae:25:15:7b:d5:
         51:a8:a4:e0:8b:a9:01:81:87:3c:d2:59:c1:a0:47:82:af:f7:
         23:68:17:4b:37:16:98:c6:a1:40:d6:b7:ad:cd:6f:74:76:d5:
         c0:fe:1b:92:ac:ab:0e:b2:f7:49:81:c3:f4:f1:18:b5:f6:a5:
         99:10:cb:38:45:94:da:55:d3:d9:10:e8:a2:3c:45:3b:9f:ab:
         fc:53:2c:54:b6:c3:92:31:2d:3a:6f:ae:d8:70:ea:54:ee:a2:
         98:7e:27:a7:b5:c8:47:87:ed:03:fd:7b:33:19:49:af:7d:e4:
         53:e8:ab:35:6d:58:07:30:27:bf:1c:bc:2d:69:42:a9:e1:48:
         0c:38:36:d2:10:31:ff:16:31:19:20:96:09:11:4f:aa:10:27:
         2b:b2:48:16:ee:9f:37:21:c1:ff:83:6b:3e:06:b1:c2:b5:8b:
         3c:89:8c:90:3c:45:5b:bb:72:51:2a:bf:c5:8b:9a:37:e7:ad:
         07:dc:a0:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsVTWs0p7CKlOjASrDgR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxM2Y2ZGIwZmQ1N2QxOWY5ZWUxNTI0MmEyZTQxNjdlZmI1
MjJkMDQwHhcNMjUwOTA3MDEwMTMzWhcNMjUwOTA4MDEwMTMzWjAzMTEwLwYDVQQD
Eyg3NmJhNDNjOTU0NTA2NzkzNjUzNjBjMGJlNWMzNTBiY2EyNzJjYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzE23ygf9WBZqNZZ4OoCIdKLjyYI
WGNL7UlDdDKKqOCM4Hhjbo1aaoHORn/3wwGNzVR7cHPG9Jq30NYkTvE4lxVFIgqb
freyseBO9hC+EAGoNOdgOeWimFu7RHJ/Xz0Ok1g2dmpsh8bweQIcCB051+BrUlj7
EuYv9KuTdvokWJyHi7/ayhE5qsXwrKcD0FUq/EdMht0sfITuAre0xxMfV/IK20NG
cSyE2mxhfWQKkJfFjs/ruzXpY9vOG9c5ruqCA4QNbqvav/64mssva1KtscETdx2I
Lkt1q7tOC5yh41bc8BfjuDlU+EFimW6i5BGPTryiS1uLlezMYldb2B/DbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHa6Q8lUUGeTZTYMC+XDULyicsvyMB8GA1UdIwQY
MBaAFAE/bbD9V9GfnuFSQqLkFn77Ui0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMt
ZjUzNTU3ODk4NGMyLzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMtZjUzNTU3ODk4NGMy
LzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA14WVeuK
K1yhJVyk9qYjjDcBmIX6QCt5EN9VgVEL2qV8OMmpkWNEaffZItpzjR6VF9B4QYR2
tou/KcnYxuib+YtBZK4lFXvVUaik4IupAYGHPNJZwaBHgq/3I2gXSzcWmMahQNa3
rc1vdHbVwP4bkqyrDrL3SYHD9PEYtfalmRDLOEWU2lXT2RDoojxFO5+r/FMsVLbD
kjEtOm+u2HDqVO6imH4np7XIR4ftA/17MxlJr33kU+irNW1YBzAnvxy8LWlCqeFI
DDg20hAx/xYxGSCWCRFPqhAnK7JIFu6fNyHB/4NrPgaxwrWLPImMkDxFW7tyUSq/
xYuaN+etB9ygCA==
-----END CERTIFICATE-----