Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
File:                     l3rc9I_t4Rk44XfcBNxnnGktjBw.mft (raw, json)
Hash identifier:          /iUfEbgULfrOPvR//R9lWptRhip7Vznjg60DudwNOhg=
Subject key identifier:   8B:F4:21:AF:FA:2C:92:5B:70:E4:0C:A6:F3:4A:F6:99:4D:09:77:2D
Authority key identifier: 97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C
Certificate issuer:       /CN=977adcf48fede11938e177dc04dc679c692d8c1c
Certificate serial:       019921B0F070AAFC86F0FD77FBFA3F4CF266
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
Manifest number:          22
Signing time:             Sun 07 Sep 2025 01:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:07 +0000
Files and hashes:         1: l3rc9I_t4Rk44XfcBNxnnGktjBw.crl (hash: KbYwlGudC0ziLOyzm4B4AulxYfw8CNcciOlRwNsXTZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:f0:70:aa:fc:86:f0:fd:77:fb:fa:3f:4c:f2:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977adcf48fede11938e177dc04dc679c692d8c1c
        Validity
            Not Before: Sep  7 01:01:07 2025 GMT
            Not After : Sep  8 01:01:07 2025 GMT
        Subject: CN=8bf421affa2c925b70e40ca6f34af6994d09772d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d0:65:8b:c2:d1:c4:1f:bf:33:a6:05:36:79:
                    3e:b6:4f:2d:5a:18:0b:a0:b8:02:2f:c1:d6:89:8e:
                    18:b5:ce:2a:74:17:29:77:54:0c:cb:61:40:b0:db:
                    f1:9a:f7:d7:90:73:55:7d:03:89:c1:de:75:8b:57:
                    f5:4b:c9:52:86:16:ef:90:26:2e:75:9f:60:61:96:
                    61:0b:04:d3:ec:e6:31:fb:0a:99:e0:94:68:1d:39:
                    0e:84:84:f8:40:88:f0:84:10:c0:c8:4f:00:54:8c:
                    71:1c:c2:d3:48:e0:32:25:b8:8c:78:f3:c1:fb:69:
                    2a:70:7e:93:14:e0:3e:97:0b:d0:35:c9:35:da:f6:
                    cb:f5:4f:05:99:ea:54:91:01:79:d5:d6:3c:25:11:
                    dd:fb:c1:60:12:95:58:70:01:6b:e0:4b:38:3f:87:
                    32:e1:da:e5:05:c3:9a:d1:6c:89:19:42:80:ff:13:
                    60:7a:bc:0c:69:c2:24:4b:e4:a9:93:71:ef:b4:a4:
                    ff:73:a3:ca:1a:88:de:8c:91:b0:f1:1a:4d:42:ca:
                    0d:df:0a:ae:4e:06:ec:ab:9b:aa:11:17:2e:a6:da:
                    2e:ea:c5:36:37:95:d7:de:ad:fb:73:fc:0c:84:fd:
                    89:eb:72:8a:0f:05:bb:1d:d9:e2:15:6f:ce:34:92:
                    ef:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F4:21:AF:FA:2C:92:5B:70:E4:0C:A6:F3:4A:F6:99:4D:09:77:2D
            X509v3 Authority Key Identifier:
                keyid:97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:44:1d:23:52:b1:16:d1:ed:18:e6:ac:01:3d:2f:42:8a:f2:
         85:8c:65:d6:35:0b:2a:5e:c9:41:0f:1f:23:06:63:ba:d1:b8:
         04:06:f7:25:ad:df:57:7c:09:b2:f7:02:92:ba:eb:15:88:c4:
         9d:47:ef:6f:95:b2:e3:19:56:50:af:02:44:21:58:1d:bb:e4:
         a4:74:73:6e:dd:3f:72:de:e0:02:42:32:b0:79:1e:b4:36:ab:
         3e:0a:ea:d9:72:d4:4e:d4:a8:38:bd:6d:de:b6:a9:6d:e3:87:
         32:09:11:f4:e9:8f:5d:24:61:1b:b2:23:75:0f:be:03:0e:29:
         2b:56:8d:71:26:c7:36:9d:c8:f3:32:f2:29:37:f9:a3:3a:f0:
         c0:b3:ce:0b:41:26:fd:e6:7c:61:35:82:c5:b7:90:67:08:3d:
         f8:39:8e:8c:d8:72:16:e6:48:d8:65:d1:8e:80:03:7c:95:e5:
         88:d9:11:78:c5:b7:e0:66:11:93:cf:b2:57:d4:52:bb:33:6c:
         da:54:64:59:22:0b:9c:22:67:4c:4b:b4:f9:7e:94:ed:6e:b5:
         4d:a9:ce:5a:f6:93:49:a0:4c:22:83:f6:ab:5b:e5:60:06:b0:
         9a:04:42:8d:95:5e:89:e0:e4:2f:59:f2:e8:6e:27:d7:40:be:
         51:a3:3c:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsPBwqvyG8P13+/o/TPJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2FkY2Y0OGZlZGUxMTkzOGUxNzdkYzA0ZGM2NzljNjky
ZDhjMWMwHhcNMjUwOTA3MDEwMTA3WhcNMjUwOTA4MDEwMTA3WjAzMTEwLwYDVQQD
Eyg4YmY0MjFhZmZhMmM5MjViNzBlNDBjYTZmMzRhZjY5OTRkMDk3NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9Bli8LRxB+/M6YFNnk+tk8tWhgL
oLgCL8HWiY4Ytc4qdBcpd1QMy2FAsNvxmvfXkHNVfQOJwd51i1f1S8lShhbvkCYu
dZ9gYZZhCwTT7OYx+wqZ4JRoHTkOhIT4QIjwhBDAyE8AVIxxHMLTSOAyJbiMePPB
+2kqcH6TFOA+lwvQNck12vbL9U8FmepUkQF51dY8JRHd+8FgEpVYcAFr4Es4P4cy
4drlBcOa0WyJGUKA/xNgerwMacIkS+Spk3HvtKT/c6PKGojejJGw8RpNQsoN3wqu
Tgbsq5uqERcuptou6sU2N5XX3q37c/wMhP2J63KKDwW7HdniFW/ONJLvLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIv0Ia/6LJJbcOQMpvNK9plNCXctMB8GA1UdIwQY
MBaAFJd63PSP7eEZOOF33ATcZ5xpLYwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGIt
MjU0NzdkYWQ5NDM0LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGItMjU0NzdkYWQ5NDM0
LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo0QdI1Kx
FtHtGOasAT0vQoryhYxl1jULKl7JQQ8fIwZjutG4BAb3Ja3fV3wJsvcCkrrrFYjE
nUfvb5Wy4xlWUK8CRCFYHbvkpHRzbt0/ct7gAkIysHketDarPgrq2XLUTtSoOL1t
3rapbeOHMgkR9OmPXSRhG7IjdQ++Aw4pK1aNcSbHNp3I8zLyKTf5ozrwwLPOC0Em
/eZ8YTWCxbeQZwg9+DmOjNhyFuZI2GXRjoADfJXliNkReMW34GYRk8+yV9RSuzNs
2lRkWSILnCJnTEu0+X6U7W61TanOWvaTSaBMIoP2q1vlYAawmgRCjZVeieDkL1ny
6G4n10C+UaM8JQ==
-----END CERTIFICATE-----