Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
File:                     6MSDt1wtsc-f9OlMeg_fDbAADwA.mft (raw, json)
Hash identifier:          LUqrvBfx8yCvs59/f94cbagvzIPDqm8SzlekUpxqMlM=
Subject key identifier:   A5:FC:93:79:6F:7A:C9:85:23:97:62:D9:71:10:38:50:B6:47:F6:24
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Certificate issuer:       /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial:       019922558F9D26CBAA1A9578E086C70D2AF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
Manifest number:          11AD
Signing time:             Sun 07 Sep 2025 04:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:56 +0000
Files and hashes:         1: 6MSDt1wtsc-f9OlMeg_fDbAADwA.crl (hash: rxXJ992c1Ti3pp16FY3beBYZTU2FlMu6N+SudrQKcQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:8f:9d:26:cb:aa:1a:95:78:e0:86:c7:0d:2a:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
        Validity
            Not Before: Sep  7 04:00:56 2025 GMT
            Not After : Sep  8 04:00:56 2025 GMT
        Subject: CN=a5fc93796f7ac985239762d971103850b647f624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:aa:73:11:23:c9:83:79:37:af:95:52:bb:8b:
                    89:e6:64:b2:af:67:13:69:67:5e:b5:b1:4f:3a:f2:
                    aa:ee:de:4d:d7:9e:26:70:bb:17:e7:d7:fd:5a:9a:
                    b4:b1:94:20:72:14:94:d4:3e:1f:10:dc:16:09:af:
                    4b:8d:91:e5:54:d9:1f:5f:29:f2:60:46:2c:3d:b9:
                    a5:6a:11:7f:b9:89:83:12:3e:e6:53:21:17:4a:56:
                    7f:e6:e9:a6:c1:7f:a0:27:fe:6f:d3:80:77:ba:ce:
                    49:4b:53:4d:17:98:26:4a:23:15:af:a2:6d:db:67:
                    b5:70:b9:01:ce:e6:8e:e5:94:92:77:35:09:46:c5:
                    89:b3:eb:6c:a1:b9:9a:81:0c:1d:11:20:b1:04:46:
                    b3:d8:57:7a:53:1b:9f:ab:6d:37:1b:35:4d:5c:5b:
                    ab:8a:fc:00:46:16:dc:94:ef:66:84:ed:14:a0:7a:
                    a1:fc:f5:bb:e4:14:4b:5d:c1:ef:8e:27:c8:dc:70:
                    39:fe:af:dc:fd:43:2e:36:89:0b:1d:eb:93:46:df:
                    3c:8f:65:e8:bd:65:bc:69:4b:c1:01:d5:0b:0a:90:
                    95:33:0d:a2:1a:ba:ce:79:d9:e5:48:f4:c4:57:f7:
                    d9:ca:f2:55:73:a6:e3:4c:3d:2e:f6:30:ab:35:65:
                    19:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:FC:93:79:6F:7A:C9:85:23:97:62:D9:71:10:38:50:B6:47:F6:24
            X509v3 Authority Key Identifier:
                keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:6c:5b:ed:b8:ee:73:e8:a4:8e:c0:94:34:03:72:4f:88:6d:
         23:bf:1b:f3:b4:10:0b:fc:35:87:2a:2f:b5:db:a1:3a:7b:55:
         5c:4c:25:3d:79:70:e4:f6:f9:7e:ae:20:e2:dc:79:72:5e:e2:
         68:a2:31:bf:5d:26:8a:a4:9b:72:01:fc:ed:4a:b9:82:e8:c8:
         07:42:f5:3c:63:fd:c1:75:ec:b6:97:2b:2c:66:35:38:40:cc:
         32:75:26:ec:32:2c:13:2e:79:c8:29:56:06:98:88:ec:98:65:
         cf:3f:c5:1e:41:fe:a8:7f:6e:d9:d2:78:6e:e6:a7:3e:49:ae:
         a0:a4:0a:71:0d:b1:64:e7:3f:64:b4:b1:16:6a:1a:fa:8f:b1:
         48:aa:ad:77:89:d8:7d:c8:57:47:0f:81:08:35:18:1b:f3:55:
         b8:05:25:3d:59:b3:bb:a5:b8:75:6a:98:95:1c:8a:c9:6e:fa:
         86:a2:6f:73:2b:12:a5:46:30:aa:8e:e3:63:a1:ba:d6:32:42:
         0d:58:28:0b:46:91:39:14:f8:51:8f:5a:76:89:80:ec:04:49:
         9a:50:97:ed:51:96:84:d8:be:f9:c9:17:b9:a9:bb:ab:5a:2c:
         51:65:9d:8a:f0:a0:29:5a:1b:b0:4c:96:61:03:10:06:e8:54:
         72:56:e8:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVY+dJsuqGpV44IbHDSr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzQ4M2I3NWMyZGIxY2Y5ZmY0ZTk0YzdhMGZkZjBkYjAw
MDBmMDAwHhcNMjUwOTA3MDQwMDU2WhcNMjUwOTA4MDQwMDU2WjAzMTEwLwYDVQQD
EyhhNWZjOTM3OTZmN2FjOTg1MjM5NzYyZDk3MTEwMzg1MGI2NDdmNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqpzESPJg3k3r5VSu4uJ5mSyr2cT
aWdetbFPOvKq7t5N154mcLsX59f9Wpq0sZQgchSU1D4fENwWCa9LjZHlVNkfXyny
YEYsPbmlahF/uYmDEj7mUyEXSlZ/5ummwX+gJ/5v04B3us5JS1NNF5gmSiMVr6Jt
22e1cLkBzuaO5ZSSdzUJRsWJs+tsobmagQwdESCxBEaz2Fd6Uxufq203GzVNXFur
ivwARhbclO9mhO0UoHqh/PW75BRLXcHvjifI3HA5/q/c/UMuNokLHeuTRt88j2Xo
vWW8aUvBAdULCpCVMw2iGrrOednlSPTEV/fZyvJVc6bjTD0u9jCrNWUZNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX8k3lvesmFI5di2XEQOFC2R/YkMB8GA1UdIwQY
MBaAFOjEg7dcLbHPn/TpTHoP3w2wAA8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTIt
ZWIzNWJmYTA2NWFkLzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTItZWIzNWJmYTA2NWFk
LzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOWxb7bju
c+ikjsCUNANyT4htI78b87QQC/w1hyovtduhOntVXEwlPXlw5Pb5fq4g4tx5cl7i
aKIxv10miqSbcgH87Uq5gujIB0L1PGP9wXXstpcrLGY1OEDMMnUm7DIsEy55yClW
BpiI7Jhlzz/FHkH+qH9u2dJ4buanPkmuoKQKcQ2xZOc/ZLSxFmoa+o+xSKqtd4nY
fchXRw+BCDUYG/NVuAUlPVmzu6W4dWqYlRyKyW76hqJvcysSpUYwqo7jY6G61jJC
DVgoC0aRORT4UY9adomA7ARJmlCX7VGWhNi++ckXuam7q1osUWWdivCgKVobsEyW
YQMQBuhUclboGQ==
-----END CERTIFICATE-----