Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          JAwYx6ms/0MAp2vXsQhUMPI9PQDtkD76U1uvYp6nKlM=
Subject key identifier:   9E:25:CC:B0:6A:42:06:4A:5C:15:06:5B:CB:F8:56:95:7C:12:46:B2
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       0199228C4FE275EACFE6159AB083470FDFBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          15F1
Signing time:             Sun 07 Sep 2025 05:00:44 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:44 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:44 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: +t3gFb/1vYm4gdSrwnWdinHimKtjaXt1lUSR8GYI4II=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:4f:e2:75:ea:cf:e6:15:9a:b0:83:47:0f:df:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Sep  7 05:00:44 2025 GMT
            Not After : Sep  8 05:00:44 2025 GMT
        Subject: CN=9e25ccb06a42064a5c15065bcbf856957c1246b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ef:c7:3a:33:e7:cd:d2:ae:ae:16:cd:99:74:
                    34:1f:bf:cd:08:0a:70:26:9b:17:6e:83:41:e9:16:
                    a6:45:47:fc:00:3e:d6:0a:68:c3:e1:3d:f0:46:b1:
                    98:ce:39:6c:7c:33:a1:82:5b:52:60:82:4e:7b:25:
                    b6:38:46:a7:32:63:fa:e5:20:07:a3:08:27:cf:23:
                    a3:43:2b:f1:aa:4a:51:50:5e:21:2f:9b:40:cc:27:
                    f1:df:e6:e6:d5:6a:36:f6:06:62:36:39:0c:df:77:
                    74:6e:b7:8c:60:2b:ed:4f:45:fc:d2:9e:50:a6:9a:
                    2e:01:a8:3a:3f:b2:6f:f8:74:7e:e4:f8:b2:bc:12:
                    c3:3d:64:0b:aa:d6:ca:c8:48:cd:ec:69:d5:96:1a:
                    03:6e:6f:49:57:ec:3e:22:6a:28:3f:3c:ab:90:b6:
                    cc:5c:e3:2c:23:80:5f:cc:b1:2b:d8:21:ef:1f:2e:
                    9c:75:b6:73:c1:de:6d:65:dc:3e:58:2e:ae:2b:1f:
                    c9:19:ff:45:6b:a9:db:ca:e9:ec:32:eb:ab:d8:87:
                    aa:03:59:06:ca:09:e3:b6:34:4f:53:a2:b0:c0:16:
                    d2:b9:05:65:67:86:c4:3a:e4:81:51:57:25:c5:f3:
                    50:a2:6a:63:8c:8e:9e:4f:4c:96:77:ab:4b:45:4e:
                    79:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:25:CC:B0:6A:42:06:4A:5C:15:06:5B:CB:F8:56:95:7C:12:46:B2
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:ce:fd:35:1e:14:da:ed:da:15:a5:7c:42:c3:fe:30:bc:57:
         46:bd:6a:6e:91:c2:20:65:5a:8e:8a:a6:5a:cb:f0:1e:9e:2f:
         d5:18:5e:b2:e6:58:fc:7d:1a:2f:35:78:fc:a5:da:ce:f0:4a:
         92:37:91:53:55:c7:b9:b3:28:0c:22:62:54:71:30:55:68:b1:
         b5:5a:bf:38:c0:22:6a:ec:64:0d:cb:49:92:59:c4:d3:c6:eb:
         53:bd:e0:9f:b4:96:89:d4:0e:91:01:39:d8:e6:b7:58:4b:2e:
         a8:3a:a3:7c:38:ee:59:af:11:65:40:d6:f2:b4:52:5a:2d:01:
         e6:ce:6f:1f:fe:15:92:ff:bc:ae:75:3f:e3:f7:23:c0:fb:2e:
         e1:b7:84:72:a7:23:5a:6a:48:32:d2:ca:36:4e:0d:30:85:89:
         da:19:44:12:9d:0b:51:5b:be:7e:dd:91:3f:19:62:5d:64:7d:
         08:63:2d:65:47:69:cb:17:cc:53:01:2f:36:b5:36:5f:be:4f:
         25:b5:51:d1:62:5e:2f:e3:8c:1d:24:f3:12:78:bc:41:86:0a:
         e0:87:22:02:c6:2c:c5:27:b7:c2:91:22:8e:12:c5:3a:79:fb:
         51:36:e2:36:0f:9a:a0:67:5a:ad:1a:7b:2f:a2:81:55:39:f5:
         07:15:e6:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijE/iderP5hWasINHD9+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUwOTA3MDUwMDQ0WhcNMjUwOTA4MDUwMDQ0WjAzMTEwLwYDVQQD
Eyg5ZTI1Y2NiMDZhNDIwNjRhNWMxNTA2NWJjYmY4NTY5NTdjMTI0NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8u/HOjPnzdKurhbNmXQ0H7/NCApw
JpsXboNB6RamRUf8AD7WCmjD4T3wRrGYzjlsfDOhgltSYIJOeyW2OEanMmP65SAH
owgnzyOjQyvxqkpRUF4hL5tAzCfx3+bm1Wo29gZiNjkM33d0breMYCvtT0X80p5Q
ppouAag6P7Jv+HR+5PiyvBLDPWQLqtbKyEjN7GnVlhoDbm9JV+w+ImooPzyrkLbM
XOMsI4BfzLEr2CHvHy6cdbZzwd5tZdw+WC6uKx/JGf9Fa6nbyunsMuur2IeqA1kG
ygnjtjRPU6KwwBbSuQVlZ4bEOuSBUVclxfNQompjjI6eT0yWd6tLRU55MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4lzLBqQgZKXBUGW8v4VpV8EkayMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlM79NR4U
2u3aFaV8QsP+MLxXRr1qbpHCIGVajoqmWsvwHp4v1RhesuZY/H0aLzV4/KXazvBK
kjeRU1XHubMoDCJiVHEwVWixtVq/OMAiauxkDctJklnE08brU73gn7SWidQOkQE5
2Oa3WEsuqDqjfDjuWa8RZUDW8rRSWi0B5s5vH/4Vkv+8rnU/4/cjwPsu4beEcqcj
WmpIMtLKNk4NMIWJ2hlEEp0LUVu+ft2RPxliXWR9CGMtZUdpyxfMUwEvNrU2X75P
JbVR0WJeL+OMHSTzEni8QYYK4IciAsYsxSe3wpEijhLFOnn7UTbiNg+aoGdarRp7
L6KBVTn1BxXmRg==
-----END CERTIFICATE-----