Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          fasMNz9axuaaVCPws67YFKxVFRwCTeKDMKIDRbHlaEY=
Subject key identifier:   B4:D9:B0:12:E4:5C:8F:50:07:30:09:52:AA:78:B2:8D:41:A9:F7:87
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019923A085310FC465DA48DC40EACB7FFFD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          03F9
Signing time:             Sun 07 Sep 2025 10:02:26 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:26 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:26 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: 3ZDc+U96A8fUTyHqJ+zR6Qf/B8CmxopfN1cfquqOK3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:85:31:0f:c4:65:da:48:dc:40:ea:cb:7f:ff:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Sep  7 10:02:26 2025 GMT
            Not After : Sep  8 10:02:26 2025 GMT
        Subject: CN=b4d9b012e45c8f5007300952aa78b28d41a9f787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:07:e6:c2:40:8f:29:f2:eb:12:24:47:95:1c:
                    97:f4:1b:ac:17:82:68:e1:b1:ef:88:55:07:e5:9b:
                    a8:99:c1:1b:8c:a8:57:fd:30:30:25:57:17:26:68:
                    11:56:63:33:45:0f:ce:04:ad:56:d6:69:45:16:0f:
                    b1:b7:41:f7:79:27:34:2f:a4:10:46:2d:2c:eb:c8:
                    6f:3d:13:43:26:50:46:72:49:96:e7:0b:73:42:f3:
                    4b:ca:b1:c4:bb:e6:3f:6e:b8:47:d6:e2:f8:62:71:
                    2a:dd:de:11:b9:e7:62:6e:31:f0:7e:4c:3c:86:53:
                    12:ad:23:4c:9b:ee:d5:d4:6c:29:ff:c6:02:69:5f:
                    21:9d:13:96:73:62:4b:d7:3a:41:28:15:29:88:fe:
                    84:51:be:0e:4e:e5:24:08:5e:eb:fa:00:8a:13:5f:
                    ea:49:87:8b:17:d4:c4:ff:c5:3e:fd:d2:c1:ea:5d:
                    65:69:de:0a:08:c0:0b:3f:83:b6:06:c0:58:b3:d9:
                    38:1b:5d:53:2e:f2:9e:2f:26:66:c7:38:af:e6:fc:
                    23:bb:9e:05:32:ea:c5:22:2f:53:96:df:b8:c1:95:
                    f7:82:fe:6c:06:a5:41:43:ba:a8:b6:88:5b:6c:70:
                    8d:16:17:38:92:12:33:b1:40:ee:0e:d9:20:0e:3e:
                    4c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D9:B0:12:E4:5C:8F:50:07:30:09:52:AA:78:B2:8D:41:A9:F7:87
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:cb:7d:ca:a6:a6:cf:a7:6a:1e:76:3c:b0:6c:16:3f:8c:37:
         fc:5e:da:3e:1f:62:cf:93:85:10:7f:d2:5a:a3:f2:39:30:3b:
         56:da:58:8c:8e:c9:7c:61:8f:0e:d1:ee:18:e2:ca:2d:d1:40:
         09:5c:3b:2e:fc:f4:36:18:82:8f:59:a3:9a:00:08:a0:99:19:
         3f:34:d7:bb:3e:7f:0f:ce:64:b6:77:5e:48:d4:fa:b6:a5:60:
         09:3b:05:d9:e5:26:de:a9:2a:41:d3:4d:3b:2a:ce:86:a4:c3:
         dd:2e:3d:2b:f5:32:26:00:f5:8a:7b:2a:7e:ae:63:c8:8a:36:
         6c:60:cb:c9:87:88:1c:52:ef:4b:5e:94:f3:38:86:ff:23:e4:
         06:9b:c0:d7:c9:9f:52:92:14:3d:4e:a9:06:9a:60:c8:8e:71:
         63:29:51:e2:34:30:2e:58:ca:a1:e4:c1:56:25:e4:02:fd:a2:
         6c:56:0d:5c:b1:0e:4a:87:d0:5b:2d:50:7c:36:18:24:1c:9d:
         4f:44:8e:22:9f:5e:43:70:c0:8d:c9:8b:6b:df:85:33:ac:41:
         2a:01:d3:13:a0:b6:9b:e8:91:2e:16:c4:ec:5c:54:f6:56:03:
         a9:22:ae:55:70:58:55:fd:a0:7c:eb:d8:03:5c:d6:65:49:ae:
         83:98:b0:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIUxD8Rl2kjcQOrLf//XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUwOTA3MTAwMjI2WhcNMjUwOTA4MTAwMjI2WjAzMTEwLwYDVQQD
EyhiNGQ5YjAxMmU0NWM4ZjUwMDczMDA5NTJhYTc4YjI4ZDQxYTlmNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQfmwkCPKfLrEiRHlRyX9BusF4Jo
4bHviFUH5ZuomcEbjKhX/TAwJVcXJmgRVmMzRQ/OBK1W1mlFFg+xt0H3eSc0L6QQ
Ri0s68hvPRNDJlBGckmW5wtzQvNLyrHEu+Y/brhH1uL4YnEq3d4RuedibjHwfkw8
hlMSrSNMm+7V1Gwp/8YCaV8hnROWc2JL1zpBKBUpiP6EUb4OTuUkCF7r+gCKE1/q
SYeLF9TE/8U+/dLB6l1lad4KCMALP4O2BsBYs9k4G11TLvKeLyZmxziv5vwju54F
MurFIi9Tlt+4wZX3gv5sBqVBQ7qotohbbHCNFhc4khIzsUDuDtkgDj5MdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTZsBLkXI9QBzAJUqp4so1BqfeHMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt8t9yqam
z6dqHnY8sGwWP4w3/F7aPh9iz5OFEH/SWqPyOTA7VtpYjI7JfGGPDtHuGOLKLdFA
CVw7Lvz0NhiCj1mjmgAIoJkZPzTXuz5/D85ktndeSNT6tqVgCTsF2eUm3qkqQdNN
OyrOhqTD3S49K/UyJgD1insqfq5jyIo2bGDLyYeIHFLvS16U8ziG/yPkBpvA18mf
UpIUPU6pBppgyI5xYylR4jQwLljKoeTBViXkAv2ibFYNXLEOSofQWy1QfDYYJByd
T0SOIp9eQ3DAjcmLa9+FM6xBKgHTE6C2m+iRLhbE7FxU9lYDqSKuVXBYVf2gfOvY
A1zWZUmug5iwGA==
-----END CERTIFICATE-----