Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
File:                     _9YayMVuOP32EjgDbHNUcnADRjE.mft (raw, json)
Hash identifier:          RiTC1t+5UVh0MZKZxdri2U87jNjAP2DbUSeC2EbFvTw=
Subject key identifier:   CF:BA:31:7E:61:A5:D2:DA:A5:B3:72:4D:9A:8F:19:5A:7D:BC:35:7E
Authority key identifier: FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31
Certificate issuer:       /CN=ffd61ac8c56e38fdf61238036c73547270034631
Certificate serial:       019922C33AFC808DB998DCB0B698D1C3D25D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
Manifest number:          1671
Signing time:             Sun 07 Sep 2025 06:00:43 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:43 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:43 +0000
Files and hashes:         1: _9YayMVuOP32EjgDbHNUcnADRjE.crl (hash: 4WunWifK6tzIt0JGYcyWmLX7Pw++haDVyfSr39D9Iqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:3a:fc:80:8d:b9:98:dc:b0:b6:98:d1:c3:d2:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffd61ac8c56e38fdf61238036c73547270034631
        Validity
            Not Before: Sep  7 06:00:43 2025 GMT
            Not After : Sep  8 06:00:43 2025 GMT
        Subject: CN=cfba317e61a5d2daa5b3724d9a8f195a7dbc357e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b9:d2:08:56:b5:51:8e:f7:01:0a:8f:cb:12:
                    0e:35:f7:b5:a4:eb:05:d5:64:8c:d0:fb:f6:14:d9:
                    84:c5:49:49:c9:21:70:2a:b4:3a:ad:68:d8:a5:bd:
                    dc:21:9f:02:26:9d:48:cf:17:e8:be:be:f0:63:e3:
                    0e:09:54:84:a0:61:d1:3c:35:4b:75:49:dd:84:a2:
                    0f:d8:c9:e2:13:be:56:14:08:9f:b3:78:69:72:e0:
                    d6:a5:0c:bc:4f:07:47:a6:d8:d7:87:07:b2:b6:25:
                    52:15:e3:fd:b2:c1:a4:ff:0e:49:0b:a1:d0:60:aa:
                    47:69:53:fe:c6:20:69:59:2e:9c:4a:07:27:fa:71:
                    e0:b0:2b:a9:06:0d:e6:e1:ae:2f:26:59:45:cf:fb:
                    64:22:e3:82:ec:a1:ca:36:9b:70:3c:d8:b9:1b:d6:
                    f3:a3:cc:82:33:e5:d2:8d:e4:79:b3:06:0f:0f:7b:
                    cb:80:e5:bb:c5:1b:77:da:e6:00:b0:ac:ef:cd:18:
                    46:06:76:17:76:ac:5b:89:cb:c3:bc:9d:6f:fa:6d:
                    9c:a5:b5:2a:41:06:ad:f5:00:f9:4a:fc:03:50:47:
                    9c:d0:54:2e:9f:77:6f:ef:3f:96:7b:ba:ca:2f:0a:
                    0c:72:26:70:95:df:fc:93:7b:ad:12:52:af:ee:5d:
                    be:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:BA:31:7E:61:A5:D2:DA:A5:B3:72:4D:9A:8F:19:5A:7D:BC:35:7E
            X509v3 Authority Key Identifier:
                keyid:FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:53:ce:56:95:fb:65:04:d4:a1:43:ca:4e:c8:0d:0a:f3:32:
         cd:12:0c:59:69:74:c9:85:cb:d8:60:24:2a:ca:e1:bb:1f:0f:
         3b:92:c1:07:03:36:8f:34:8c:2d:e9:82:85:88:f3:5f:c3:f5:
         20:e4:b3:cb:74:1b:cc:3c:8b:e9:2b:45:bd:69:29:cd:ae:9e:
         f9:49:3f:6a:42:76:40:7a:5e:fa:63:c3:f0:fe:49:00:27:39:
         54:ff:b2:bf:3c:3c:cd:f6:76:a0:f3:dc:17:ca:1e:d6:66:ed:
         36:17:31:3c:1e:88:b7:da:13:16:a3:f9:af:1c:4b:53:24:20:
         38:de:92:95:67:e6:0a:db:b8:9c:29:ae:b1:14:45:95:9e:71:
         96:bb:6d:6c:9a:23:cb:b7:fb:16:8f:38:f6:91:4b:72:48:1d:
         0c:5b:e7:a9:e9:33:b5:28:26:99:47:ae:60:a9:6a:e8:82:3f:
         1b:33:15:80:98:2e:45:80:18:a1:04:af:27:f3:4c:34:db:91:
         31:a0:a0:d4:52:e1:fb:88:b1:0d:92:1c:12:ed:1c:cd:dc:b1:
         75:1f:9f:c5:8e:e6:15:61:75:d2:4e:d3:30:df:e4:b4:93:7e:
         99:a9:9a:ce:05:73:eb:41:92:3f:7a:3e:bf:51:1f:3f:b4:d5:
         8a:0d:a1:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwzr8gI25mNywtpjRw9JdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDYxYWM4YzU2ZTM4ZmRmNjEyMzgwMzZjNzM1NDcyNzAw
MzQ2MzEwHhcNMjUwOTA3MDYwMDQzWhcNMjUwOTA4MDYwMDQzWjAzMTEwLwYDVQQD
EyhjZmJhMzE3ZTYxYTVkMmRhYTViMzcyNGQ5YThmMTk1YTdkYmMzNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLnSCFa1UY73AQqPyxIONfe1pOsF
1WSM0Pv2FNmExUlJySFwKrQ6rWjYpb3cIZ8CJp1Izxfovr7wY+MOCVSEoGHRPDVL
dUndhKIP2MniE75WFAifs3hpcuDWpQy8TwdHptjXhweytiVSFeP9ssGk/w5JC6HQ
YKpHaVP+xiBpWS6cSgcn+nHgsCupBg3m4a4vJllFz/tkIuOC7KHKNptwPNi5G9bz
o8yCM+XSjeR5swYPD3vLgOW7xRt32uYAsKzvzRhGBnYXdqxbicvDvJ1v+m2cpbUq
QQat9QD5SvwDUEec0FQun3dv7z+We7rKLwoMciZwld/8k3utElKv7l2+twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+6MX5hpdLapbNyTZqPGVp9vDV+MB8GA1UdIwQY
MBaAFP/WGsjFbjj99hI4A2xzVHJwA0YxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzIt
MDRkOTZmYTgzZDA3LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzItMDRkOTZmYTgzZDA3
LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFPOVpX7
ZQTUoUPKTsgNCvMyzRIMWWl0yYXL2GAkKsrhux8PO5LBBwM2jzSMLemChYjzX8P1
IOSzy3QbzDyL6StFvWkpza6e+Uk/akJ2QHpe+mPD8P5JACc5VP+yvzw8zfZ2oPPc
F8oe1mbtNhcxPB6It9oTFqP5rxxLUyQgON6SlWfmCtu4nCmusRRFlZ5xlrttbJoj
y7f7Fo849pFLckgdDFvnqekztSgmmUeuYKlq6II/GzMVgJguRYAYoQSvJ/NMNNuR
MaCg1FLh+4ixDZIcEu0czdyxdR+fxY7mFWF10k7TMN/ktJN+mamazgVz60GSP3o+
v1EfP7TVig2hUA==
-----END CERTIFICATE-----