Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          nEd3yanaWjzwRRsadloeITZuJZlkYgke7iV3P8i3oB0=
Subject key identifier:   78:DB:05:6F:9E:7D:E2:EB:B6:7C:35:52:54:90:79:2D:8F:08:C5:3F
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       0199239FADB62A5A903230073C781D0816B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0D95
Signing time:             Sun 07 Sep 2025 10:01:31 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:31 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:31 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: s4K99o4b7SgreU5tIfiLJey9SYf5pc2PSYIEdKXA5ko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ad:b6:2a:5a:90:32:30:07:3c:78:1d:08:16:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Sep  7 10:01:31 2025 GMT
            Not After : Sep  8 10:01:31 2025 GMT
        Subject: CN=78db056f9e7de2ebb67c35525490792d8f08c53f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:cd:be:28:dc:1c:06:48:ec:4c:ee:1a:34:b2:
                    66:b6:2f:05:b7:bd:78:95:db:c7:af:aa:f2:ae:e1:
                    d4:89:06:3b:b4:03:88:8a:99:b7:c4:c8:9d:95:a8:
                    a7:ec:e0:16:99:e3:ca:df:5c:2d:6d:e5:ba:ac:7c:
                    f6:8b:b5:b1:e3:32:4c:34:97:e0:1a:c5:03:05:57:
                    f3:09:ef:be:b7:fd:65:cc:99:5d:0a:b1:21:1d:e2:
                    7f:f2:8c:47:9a:94:51:55:7b:e9:7a:a3:29:a9:80:
                    b0:d3:88:a6:c7:96:7f:8a:95:45:0d:0e:7f:43:a5:
                    c7:8a:1f:30:4f:be:45:cd:09:b9:c8:f5:62:b2:e9:
                    28:d9:7f:29:77:22:0a:fa:dd:6b:7c:49:29:52:07:
                    79:d0:e0:e1:17:72:ac:c8:4f:67:1a:63:e2:98:b5:
                    4c:50:1b:77:26:2e:ee:17:14:6c:5a:69:d6:a5:10:
                    78:07:93:77:20:a4:cd:01:8f:da:f0:dc:fa:d1:6e:
                    92:f7:fa:14:f0:db:d8:4e:c9:7e:62:c5:17:61:43:
                    8e:82:35:3b:e6:ee:53:b6:3a:e0:8b:2b:08:e5:02:
                    9b:6c:d4:12:b9:3e:14:b6:1d:69:3f:4b:56:8d:02:
                    37:4b:e2:e6:39:c7:da:41:5f:40:58:e1:85:57:97:
                    05:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:DB:05:6F:9E:7D:E2:EB:B6:7C:35:52:54:90:79:2D:8F:08:C5:3F
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:6f:f1:b2:9b:bd:25:2c:22:7c:9d:20:e6:60:af:6e:ed:62:
         04:9d:73:cb:e9:26:5a:88:2e:eb:5e:37:00:39:1b:31:24:45:
         ef:cc:f2:d0:08:0f:77:0b:69:79:b1:7e:74:b3:f6:f6:51:04:
         dc:88:0f:35:0e:21:53:78:07:52:72:70:de:3c:7b:3a:90:8f:
         c5:57:20:ab:28:11:00:22:f6:c7:ee:68:f3:00:7d:96:ac:3d:
         08:cb:9b:68:42:67:18:1a:32:de:3a:d4:8a:0d:d4:62:de:71:
         8c:50:c0:dd:d6:15:da:89:65:c4:30:1b:1b:ce:68:b3:f2:ba:
         7c:cd:ce:41:6e:4a:47:83:8b:a1:22:4b:be:53:7d:f0:05:af:
         3a:42:77:17:9b:2d:35:3c:7b:75:3a:6f:f3:0d:6c:8e:ae:ef:
         d7:05:24:20:38:3c:ea:a4:75:40:68:fb:0b:cf:60:70:55:a4:
         20:7f:ff:bd:b3:f1:ed:47:e1:51:3a:ee:3e:95:c3:a2:4f:21:
         12:0e:5c:71:15:28:c3:b2:29:99:e4:87:cc:6a:07:ec:3b:a4:
         4d:8a:23:ae:7e:d6:3a:ff:69:f5:90:84:6a:07:2a:b2:f8:c4:
         4e:ea:3f:b2:5c:0f:2e:b3:63:90:a5:72:69:96:d2:b9:7a:ec:
         60:d2:e0:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn622KlqQMjAHPHgdCBawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjUwOTA3MTAwMTMxWhcNMjUwOTA4MTAwMTMxWjAzMTEwLwYDVQQD
Eyg3OGRiMDU2ZjllN2RlMmViYjY3YzM1NTI1NDkwNzkyZDhmMDhjNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s2+KNwcBkjsTO4aNLJmti8Ft714
ldvHr6ryruHUiQY7tAOIipm3xMidlain7OAWmePK31wtbeW6rHz2i7Wx4zJMNJfg
GsUDBVfzCe++t/1lzJldCrEhHeJ/8oxHmpRRVXvpeqMpqYCw04imx5Z/ipVFDQ5/
Q6XHih8wT75FzQm5yPVisuko2X8pdyIK+t1rfEkpUgd50ODhF3KsyE9nGmPimLVM
UBt3Ji7uFxRsWmnWpRB4B5N3IKTNAY/a8Nz60W6S9/oU8NvYTsl+YsUXYUOOgjU7
5u5TtjrgiysI5QKbbNQSuT4Uth1pP0tWjQI3S+LmOcfaQV9AWOGFV5cFIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjbBW+efeLrtnw1UlSQeS2PCMU/MB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj2/xspu9
JSwifJ0g5mCvbu1iBJ1zy+kmWogu6143ADkbMSRF78zy0AgPdwtpebF+dLP29lEE
3IgPNQ4hU3gHUnJw3jx7OpCPxVcgqygRACL2x+5o8wB9lqw9CMubaEJnGBoy3jrU
ig3UYt5xjFDA3dYV2ollxDAbG85os/K6fM3OQW5KR4OLoSJLvlN98AWvOkJ3F5st
NTx7dTpv8w1sjq7v1wUkIDg86qR1QGj7C89gcFWkIH//vbPx7UfhUTruPpXDok8h
Eg5ccRUow7IpmeSHzGoH7DukTYojrn7WOv9p9ZCEagcqsvjETuo/slwPLrNjkKVy
aZbSuXrsYNLgSw==
-----END CERTIFICATE-----