Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          a9hGZ487Uel4SH58XNVWPMIJEQYKDZlYPv5C2aqSZ/Q=
Subject key identifier:   8B:BE:65:2A:DA:DD:05:C9:1D:FD:6C:75:E9:A3:0B:B3:A4:11:9E:B6
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       0199239F1801A6C07D86C99B1FEED58260C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          0523
Signing time:             Sun 07 Sep 2025 10:00:52 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:52 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:52 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: pkP9vLcrWYH+pqNnGsU7G3e0F0ZEu4363zeUd/Jtk00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:18:01:a6:c0:7d:86:c9:9b:1f:ee:d5:82:60:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Sep  7 10:00:52 2025 GMT
            Not After : Sep  8 10:00:52 2025 GMT
        Subject: CN=8bbe652adadd05c91dfd6c75e9a30bb3a4119eb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:03:a3:c4:c2:0e:15:56:90:e5:f9:62:01:cd:
                    ad:72:ab:a6:a1:fa:01:5d:28:02:fb:ab:3b:d6:d6:
                    0d:4a:58:21:f2:0e:38:f6:c2:fb:53:af:6d:72:21:
                    c1:c7:3d:ee:ca:70:65:78:39:34:f3:af:09:ca:18:
                    0b:4c:81:ac:48:05:85:ab:5d:a1:03:bb:f3:cd:91:
                    6d:85:c5:1b:4b:96:b6:63:ab:aa:b8:38:63:f2:c9:
                    06:c1:56:9e:64:13:78:de:88:19:b0:ec:a1:4f:e3:
                    bc:05:9a:9d:8a:70:ca:87:be:c8:4a:47:b7:af:df:
                    dd:d9:81:53:72:7d:05:dd:98:ad:57:58:69:ef:c7:
                    88:e3:fb:69:da:ef:07:ce:fa:5c:3d:41:94:e2:02:
                    68:4a:f9:7c:5c:ff:a9:40:e8:05:6f:c0:a1:08:5d:
                    82:d6:bf:43:e0:8d:f1:cb:7d:20:4d:bd:f8:c5:7a:
                    2d:14:5d:b6:a0:27:a2:5f:b6:03:7f:62:5a:66:e3:
                    67:ec:18:be:5e:2a:92:b1:a9:0a:80:7c:42:8a:35:
                    50:14:a8:d8:74:a7:68:36:cf:c6:9b:7b:2d:2e:39:
                    f3:3e:32:89:17:66:0c:26:42:2b:42:0e:50:16:a5:
                    db:69:84:a4:20:93:8d:5f:46:86:17:ef:af:a9:02:
                    5c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:BE:65:2A:DA:DD:05:C9:1D:FD:6C:75:E9:A3:0B:B3:A4:11:9E:B6
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:c6:1b:58:6e:a9:92:74:63:b1:e5:f0:77:e4:23:0a:03:5c:
         46:a0:7b:1b:4d:d7:27:e2:6f:8d:21:1d:ba:c5:1b:a3:0c:9b:
         90:5f:f8:36:1f:c0:96:99:8a:6b:0f:5d:55:a0:d3:38:63:ba:
         12:bc:9b:2c:1b:3f:df:bc:ba:08:68:36:33:7b:8e:5c:e1:46:
         79:ab:56:31:5a:7d:4e:75:6b:b0:a9:a3:21:8c:6a:fe:2a:38:
         ff:75:07:ed:69:6b:a4:93:84:f2:b5:fd:bb:01:f3:c9:1f:41:
         58:35:8b:35:e2:98:00:f5:d2:d1:d5:9e:c8:c5:14:de:41:cd:
         15:ef:23:5e:a7:d5:c3:1e:98:15:3f:91:9b:4a:4b:91:89:c7:
         6b:ab:3a:b4:8b:43:e7:4e:91:fc:59:c5:fa:d8:75:76:ba:98:
         0a:16:2d:83:4f:e1:e2:5c:2b:a8:e1:db:0f:35:60:ec:76:98:
         9b:62:fb:7a:cc:fd:30:3f:7b:2f:cd:f9:fd:76:c9:41:26:ac:
         52:45:81:87:ad:43:90:02:26:dd:28:c1:a0:26:59:e9:f0:a6:
         61:0b:d1:3b:96:57:98:08:07:f5:14:a6:a2:f3:57:53:9c:04:
         17:2d:91:8b:e8:51:12:49:98:8a:90:32:2d:18:44:9a:c5:69:
         5d:98:fc:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnxgBpsB9hsmbH+7VgmDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjUwOTA3MTAwMDUyWhcNMjUwOTA4MTAwMDUyWjAzMTEwLwYDVQQD
Eyg4YmJlNjUyYWRhZGQwNWM5MWRmZDZjNzVlOWEzMGJiM2E0MTE5ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQOjxMIOFVaQ5fliAc2tcqumofoB
XSgC+6s71tYNSlgh8g449sL7U69tciHBxz3uynBleDk0868JyhgLTIGsSAWFq12h
A7vzzZFthcUbS5a2Y6uquDhj8skGwVaeZBN43ogZsOyhT+O8BZqdinDKh77ISke3
r9/d2YFTcn0F3ZitV1hp78eI4/tp2u8HzvpcPUGU4gJoSvl8XP+pQOgFb8ChCF2C
1r9D4I3xy30gTb34xXotFF22oCeiX7YDf2JaZuNn7Bi+XiqSsakKgHxCijVQFKjY
dKdoNs/Gm3stLjnzPjKJF2YMJkIrQg5QFqXbaYSkIJONX0aGF++vqQJcnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIu+ZSra3QXJHf1sdemjC7OkEZ62MB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVcYbWG6p
knRjseXwd+QjCgNcRqB7G03XJ+JvjSEdusUbowybkF/4Nh/AlpmKaw9dVaDTOGO6
ErybLBs/37y6CGg2M3uOXOFGeatWMVp9TnVrsKmjIYxq/io4/3UH7WlrpJOE8rX9
uwHzyR9BWDWLNeKYAPXS0dWeyMUU3kHNFe8jXqfVwx6YFT+Rm0pLkYnHa6s6tItD
506R/FnF+th1drqYChYtg0/h4lwrqOHbDzVg7HaYm2L7esz9MD97L835/XbJQSas
UkWBh61DkAIm3SjBoCZZ6fCmYQvRO5ZXmAgH9RSmovNXU5wEFy2Ri+hREkmYipAy
LRhEmsVpXZj8Hg==
-----END CERTIFICATE-----