Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          LbJ6acDmFpLOIQQXVpWHsvlkPNj3YeC54n+fO6PCjB4=
Subject key identifier:   38:D3:57:8A:EA:4B:0D:3F:41:7D:79:03:B6:77:EC:61:4C:52:72:6C
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       01992444050975892571FC27012DF1903607
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          054E
Signing time:             Sun 07 Sep 2025 13:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 13:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 13:01:01 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: z8A6mbM5RY+ecWHpkbkiuIwx72eF+/nFDvmpZD3n4i8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:44:05:09:75:89:25:71:fc:27:01:2d:f1:90:36:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Sep  7 13:01:01 2025 GMT
            Not After : Sep  8 13:01:01 2025 GMT
        Subject: CN=38d3578aea4b0d3f417d7903b677ec614c52726c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:13:7f:0d:8a:e5:bc:58:fd:71:46:b1:a8:47:
                    77:87:40:4f:0e:fe:ed:2d:79:21:d7:18:82:63:35:
                    25:22:d3:87:72:92:3a:e9:93:08:e6:60:87:69:b0:
                    cc:e5:9d:de:ea:6b:a7:49:d4:73:b6:eb:d8:fd:a1:
                    64:f9:ac:b4:6c:4b:ee:bc:cc:38:42:ff:52:ee:d1:
                    6b:da:c9:7a:96:c9:12:4d:ea:3c:bc:9a:ee:71:b8:
                    29:78:67:a1:b1:df:48:90:87:bf:9b:ff:91:a4:8f:
                    1b:6f:8b:da:15:07:24:44:da:87:fe:50:62:9e:c5:
                    0c:ed:9a:b9:05:b2:e1:65:94:fa:0a:36:62:8f:14:
                    0d:ae:b0:1d:63:73:4f:38:d3:65:a9:f7:6e:0b:3a:
                    8f:7d:5e:69:00:d9:50:35:ec:fc:27:b0:07:6c:21:
                    9b:a4:a7:5b:c1:21:7b:f4:d9:0a:6f:8f:31:6b:7e:
                    bd:b4:38:ab:45:87:2c:22:89:af:b0:b6:93:39:b6:
                    7e:e8:f3:b3:80:0b:57:2a:16:8d:d9:ab:0a:b4:8c:
                    97:13:74:14:af:89:b8:8b:cc:57:91:e8:c9:d8:c9:
                    25:75:d3:b5:49:ca:7c:d1:9d:95:9a:fa:52:9b:44:
                    0f:e0:e0:6a:37:70:2a:3e:9c:cc:b1:d1:d8:6d:22:
                    21:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D3:57:8A:EA:4B:0D:3F:41:7D:79:03:B6:77:EC:61:4C:52:72:6C
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:13:ac:00:42:16:88:03:25:79:7f:96:f9:9a:79:01:51:3e:
         05:49:69:b1:09:44:ba:f3:60:52:0c:61:82:7a:69:c8:1a:bd:
         d0:22:51:a5:b6:8e:1b:99:4b:b1:a2:ee:78:4c:3a:35:ef:0e:
         e0:ff:39:d2:57:58:a3:34:45:bd:2d:3f:eb:36:64:c8:28:49:
         2c:f4:ed:a2:95:8a:c1:5b:b3:af:91:00:2b:c7:c3:51:56:48:
         62:2c:61:40:9b:74:33:dc:a1:1b:61:5f:d0:89:14:be:0c:4d:
         57:16:c1:8d:58:59:81:00:92:71:81:0f:17:1c:a9:f5:93:46:
         53:1d:97:f2:56:f5:2f:cc:a8:80:1a:c3:73:c1:ba:1f:9c:49:
         dc:74:94:7f:bb:fe:73:fd:ce:00:77:50:ec:1a:f3:6d:e8:6e:
         0c:78:6c:66:10:c1:ad:fb:d0:c1:39:4f:43:b3:e4:e3:cd:8a:
         0d:0d:38:91:82:68:d9:f6:58:d5:d7:de:27:80:b8:fd:4e:28:
         d3:73:27:ea:59:9b:da:e6:53:7d:f3:f9:5c:0e:04:2a:86:2f:
         2f:1f:79:a9:f0:43:23:dc:9e:c5:cd:f2:b2:7d:a2:4d:87:7c:
         9a:65:ea:07:92:fc:3e:3d:5b:04:14:53:24:fd:9e:df:24:cc:
         19:73:d2:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkRAUJdYklcfwnAS3xkDYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUwOTA3MTMwMTAxWhcNMjUwOTA4MTMwMTAxWjAzMTEwLwYDVQQD
EygzOGQzNTc4YWVhNGIwZDNmNDE3ZDc5MDNiNjc3ZWM2MTRjNTI3MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xN/DYrlvFj9cUaxqEd3h0BPDv7t
LXkh1xiCYzUlItOHcpI66ZMI5mCHabDM5Z3e6munSdRztuvY/aFk+ay0bEvuvMw4
Qv9S7tFr2sl6lskSTeo8vJrucbgpeGehsd9IkIe/m/+RpI8bb4vaFQckRNqH/lBi
nsUM7Zq5BbLhZZT6CjZijxQNrrAdY3NPONNlqfduCzqPfV5pANlQNez8J7AHbCGb
pKdbwSF79NkKb48xa369tDirRYcsIomvsLaTObZ+6POzgAtXKhaN2asKtIyXE3QU
r4m4i8xXkejJ2MklddO1Scp80Z2VmvpSm0QP4OBqN3AqPpzMsdHYbSIhdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjTV4rqSw0/QX15A7Z37GFMUnJsMB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvBOsAEIW
iAMleX+W+Zp5AVE+BUlpsQlEuvNgUgxhgnppyBq90CJRpbaOG5lLsaLueEw6Ne8O
4P850ldYozRFvS0/6zZkyChJLPTtopWKwVuzr5EAK8fDUVZIYixhQJt0M9yhG2Ff
0IkUvgxNVxbBjVhZgQCScYEPFxyp9ZNGUx2X8lb1L8yogBrDc8G6H5xJ3HSUf7v+
c/3OAHdQ7BrzbehuDHhsZhDBrfvQwTlPQ7Pk482KDQ04kYJo2fZY1dfeJ4C4/U4o
03Mn6lmb2uZTffP5XA4EKoYvLx95qfBDI9yexc3ysn2iTYd8mmXqB5L8Pj1bBBRT
JP2e3yTMGXPSZQ==
-----END CERTIFICATE-----