Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          /eQMaTWg/JtBjphLL1RE9pjCQ8A9xu8kvEg+Wqytoag=
Subject key identifier:   CB:EA:DF:2F:AD:F9:58:30:9D:15:D2:5D:8B:D0:79:F6:E1:2A:3B:C1
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019922FA95245F898AF0E0E164BEDB91A5F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          1303
Signing time:             Sun 07 Sep 2025 07:01:10 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:10 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:10 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: SQa7zmRg0IN2e3QhOm1erMDFgU0EppeJhRu1KrA9Kyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:95:24:5f:89:8a:f0:e0:e1:64:be:db:91:a5:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Sep  7 07:01:10 2025 GMT
            Not After : Sep  8 07:01:10 2025 GMT
        Subject: CN=cbeadf2fadf958309d15d25d8bd079f6e12a3bc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c8:86:57:4a:19:4b:a8:e5:3e:e9:ba:5e:88:
                    39:1a:51:06:ed:18:b7:10:81:5d:70:ad:fb:2b:85:
                    d2:c8:35:51:7c:fd:59:82:07:77:77:55:c9:db:11:
                    c8:ba:18:5f:f0:c9:e5:71:77:9d:56:e0:5d:2a:b0:
                    e3:6a:92:4b:f6:0e:df:70:9a:de:bd:35:b6:4b:b9:
                    24:fb:21:62:71:ca:f1:4c:ad:f3:54:05:4d:3b:49:
                    1e:ea:5d:48:38:f9:f8:1e:b4:6d:4b:ba:0c:bc:b1:
                    ea:63:5b:25:c5:7b:c6:a7:ff:b1:be:27:bb:91:51:
                    0e:93:30:23:a6:39:b9:3e:a7:cb:ea:cd:9b:fa:7f:
                    b6:b0:9a:b5:95:20:26:2b:f5:ff:c5:a6:b2:ec:7c:
                    95:9f:4d:52:a8:9f:84:8f:00:7d:12:8d:68:87:7c:
                    a5:7f:d2:f3:95:45:59:65:97:1b:a4:ed:4b:f8:5f:
                    f5:7d:5b:9a:53:9b:8e:f4:9b:6c:ff:9b:a8:09:d9:
                    c5:ca:d0:16:da:2e:1a:30:b5:db:26:6b:07:e8:91:
                    d8:05:58:bf:85:7f:9e:c5:1a:a2:a4:4c:ca:ec:21:
                    e5:f3:12:b4:5c:2f:5b:aa:ab:fe:47:30:b8:f6:1d:
                    3a:cb:0b:2a:2a:45:e6:31:6b:b9:df:96:86:25:40:
                    2a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:EA:DF:2F:AD:F9:58:30:9D:15:D2:5D:8B:D0:79:F6:E1:2A:3B:C1
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:46:96:70:1d:fe:a0:3d:cd:3e:14:d0:bc:91:96:5c:d6:c4:
         58:7b:ea:17:2f:88:9f:f2:a9:de:6d:7e:13:ea:7f:77:ad:28:
         3a:09:80:93:e9:19:5b:3b:a7:a4:29:f0:f6:e0:1e:04:aa:a7:
         55:2c:19:f0:38:b8:76:66:62:2a:83:ba:40:d7:ad:a8:cc:a0:
         91:d8:1f:da:c1:d9:9f:54:22:b7:e7:81:a3:4a:de:3b:13:bf:
         7c:bf:d1:f9:38:68:4a:39:ad:31:5f:2a:60:a6:26:35:51:75:
         8a:13:db:46:0f:0c:11:9e:07:f8:d8:11:66:0e:38:e7:58:2c:
         79:bb:1f:37:c8:6e:ea:45:68:23:d9:78:e3:a3:00:1c:13:b2:
         7b:3c:79:c7:fd:b3:f8:58:7d:38:20:32:96:fd:bc:bc:00:34:
         2e:a3:5b:79:5a:9a:1a:1a:f6:f3:7e:a7:d5:60:1e:91:6d:4a:
         85:c0:32:86:66:2a:6f:b4:18:49:03:2a:82:30:4e:b0:47:e7:
         e4:42:39:d1:ab:1c:09:f9:48:fe:d2:97:e6:d0:4d:ca:e5:35:
         ed:88:7f:26:f4:74:24:14:23:52:cd:fc:3c:c2:b9:e1:6e:4e:
         fb:32:5c:7f:f3:db:e4:d9:8f:bb:5c:c3:43:44:3a:66:82:ae:
         23:d2:a3:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+pUkX4mK8ODhZL7bkaX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUwOTA3MDcwMTEwWhcNMjUwOTA4MDcwMTEwWjAzMTEwLwYDVQQD
EyhjYmVhZGYyZmFkZjk1ODMwOWQxNWQyNWQ4YmQwNzlmNmUxMmEzYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtciGV0oZS6jlPum6Xog5GlEG7Ri3
EIFdcK37K4XSyDVRfP1Zggd3d1XJ2xHIuhhf8MnlcXedVuBdKrDjapJL9g7fcJre
vTW2S7kk+yFiccrxTK3zVAVNO0ke6l1IOPn4HrRtS7oMvLHqY1slxXvGp/+xvie7
kVEOkzAjpjm5PqfL6s2b+n+2sJq1lSAmK/X/xaay7HyVn01SqJ+EjwB9Eo1oh3yl
f9LzlUVZZZcbpO1L+F/1fVuaU5uO9Jts/5uoCdnFytAW2i4aMLXbJmsH6JHYBVi/
hX+exRqipEzK7CHl8xK0XC9bqqv+RzC49h06ywsqKkXmMWu535aGJUAqpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvq3y+t+VgwnRXSXYvQefbhKjvBMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEEaWcB3+
oD3NPhTQvJGWXNbEWHvqFy+In/Kp3m1+E+p/d60oOgmAk+kZWzunpCnw9uAeBKqn
VSwZ8Di4dmZiKoO6QNetqMygkdgf2sHZn1Qit+eBo0reOxO/fL/R+ThoSjmtMV8q
YKYmNVF1ihPbRg8MEZ4H+NgRZg4451gsebsfN8hu6kVoI9l446MAHBOyezx5x/2z
+Fh9OCAylv28vAA0LqNbeVqaGhr2836n1WAekW1KhcAyhmYqb7QYSQMqgjBOsEfn
5EI50ascCflI/tKX5tBNyuU17Yh/JvR0JBQjUs38PMK54W5O+zJcf/Pb5NmPu1zD
Q0Q6ZoKuI9KjZw==
-----END CERTIFICATE-----