Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
File:                     R7cYcu1kXJZm1VEavHjwfE06uKw.mft (raw, json)
Hash identifier:          P5FEyRAqHyHjWqHcgIGWkovjmOqRi+BD4UMIBWjKATk=
Subject key identifier:   C5:F5:1E:38:45:01:F6:6B:22:29:9A:9A:8C:5B:31:3C:B0:1F:E0:AB
Authority key identifier: 47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC
Certificate issuer:       /CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
Certificate serial:       0199233100B467C5D11D5D6B2A89D72E86A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
Manifest number:          0316
Signing time:             Sun 07 Sep 2025 08:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:37 +0000
Files and hashes:         1: R7cYcu1kXJZm1VEavHjwfE06uKw.crl (hash: 3+Of8SyzemuDW+0TZK4TeFMjK7+kTvjbR0Jv7kwHtDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:00:b4:67:c5:d1:1d:5d:6b:2a:89:d7:2e:86:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
        Validity
            Not Before: Sep  7 08:00:37 2025 GMT
            Not After : Sep  8 08:00:37 2025 GMT
        Subject: CN=c5f51e384501f66b22299a9a8c5b313cb01fe0ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:05:6b:2a:76:4d:62:5f:1a:a5:d5:28:54:68:
                    5e:7c:a8:cc:b3:7f:e4:ab:e8:3f:a6:32:1d:b9:84:
                    6a:29:01:70:1f:87:c6:5a:ab:2b:dc:30:cf:a0:f7:
                    5e:81:f3:ef:37:60:83:fd:7f:36:80:65:07:b7:f2:
                    e6:21:dd:e9:14:79:78:62:e0:75:87:25:51:47:42:
                    d2:6e:2b:07:43:44:63:09:7f:34:65:15:68:5b:af:
                    0e:c7:e1:aa:3a:b0:a7:1f:70:c6:92:98:29:57:55:
                    cc:9f:f5:ff:28:f8:b0:b2:d5:5c:6c:e3:34:d6:3a:
                    cd:53:78:32:62:75:a9:24:d3:5f:02:8a:4d:a1:5e:
                    35:bc:e3:7e:4a:21:c9:f4:05:da:19:a4:99:fa:96:
                    a6:5c:3e:97:9f:f3:8c:c5:70:fd:a7:47:1d:c9:70:
                    d8:2e:73:d1:77:fd:15:3d:fe:9e:cf:ee:78:7b:61:
                    07:1b:45:13:82:21:b1:9d:da:95:83:7f:b4:fc:ca:
                    a6:d0:4e:30:54:e9:c6:1f:37:68:87:9f:36:83:3d:
                    06:1a:42:40:78:c8:90:29:5d:e5:24:1a:4a:0e:45:
                    b9:e1:2a:be:69:b9:d3:64:17:16:b2:23:82:d3:8d:
                    a3:e8:1d:00:d4:da:db:49:f5:5f:5d:9b:28:be:1a:
                    ce:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:F5:1E:38:45:01:F6:6B:22:29:9A:9A:8C:5B:31:3C:B0:1F:E0:AB
            X509v3 Authority Key Identifier:
                keyid:47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:f4:e1:13:75:01:05:2e:aa:3d:43:72:9d:f9:36:eb:d6:b0:
         81:57:f7:d7:1d:1a:64:d2:d3:bb:a3:f3:09:39:dd:79:24:6f:
         45:4f:c4:98:e7:9c:02:5d:20:06:02:85:fe:a9:54:5e:93:c4:
         0e:36:22:b6:03:4c:e8:62:8b:3a:dd:c3:3d:69:0e:34:16:c8:
         12:95:33:c7:8a:a7:b2:93:ff:95:17:ea:fe:2e:36:88:ed:2a:
         e5:ae:91:39:77:9e:c2:a6:85:09:c6:a8:b3:ce:87:9c:e9:5e:
         61:1b:d4:13:51:ae:db:3f:d5:99:50:21:7d:79:44:0a:64:c6:
         2f:03:c7:f4:6a:8b:0c:f3:32:6f:31:bf:97:18:ab:e0:fb:7e:
         4f:98:77:b2:29:a7:c6:48:3f:72:15:10:76:76:7e:33:f9:4b:
         f3:44:12:9a:f4:0a:66:4d:b8:0c:a6:e2:d3:be:38:e3:1d:b9:
         cd:d7:5b:06:1b:5a:01:92:40:8c:2a:38:6c:6d:0d:c1:63:4e:
         ed:06:d5:4b:34:ff:75:17:ef:5c:01:64:b3:53:04:86:46:2e:
         4b:be:1c:f1:f9:52:5a:90:b3:00:a5:69:fa:1f:a9:e5:42:d1:
         a0:7a:55:43:a0:7d:50:d6:33:2f:c0:c2:96:6c:82:79:2f:ca:
         ae:69:59:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMQC0Z8XRHV1rKonXLoalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcxODcyZWQ2NDVjOTY2NmQ1NTExYWJjNzhmMDdjNGQz
YWI4YWMwHhcNMjUwOTA3MDgwMDM3WhcNMjUwOTA4MDgwMDM3WjAzMTEwLwYDVQQD
EyhjNWY1MWUzODQ1MDFmNjZiMjIyOTlhOWE4YzViMzEzY2IwMWZlMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwVrKnZNYl8apdUoVGhefKjMs3/k
q+g/pjIduYRqKQFwH4fGWqsr3DDPoPdegfPvN2CD/X82gGUHt/LmId3pFHl4YuB1
hyVRR0LSbisHQ0RjCX80ZRVoW68Ox+GqOrCnH3DGkpgpV1XMn/X/KPiwstVcbOM0
1jrNU3gyYnWpJNNfAopNoV41vON+SiHJ9AXaGaSZ+pamXD6Xn/OMxXD9p0cdyXDY
LnPRd/0VPf6ez+54e2EHG0UTgiGxndqVg3+0/Mqm0E4wVOnGHzdoh582gz0GGkJA
eMiQKV3lJBpKDkW54Sq+abnTZBcWsiOC042j6B0A1NrbSfVfXZsovhrO6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMX1HjhFAfZrIimamoxbMTywH+CrMB8GA1UdIwQY
MBaAFEe3GHLtZFyWZtVRGrx48HxNOrisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEt
ZWM4NGRkNWM2OWJmLzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEtZWM4NGRkNWM2OWJm
LzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfThE3UB
BS6qPUNynfk269awgVf31x0aZNLTu6PzCTndeSRvRU/EmOecAl0gBgKF/qlUXpPE
DjYitgNM6GKLOt3DPWkONBbIEpUzx4qnspP/lRfq/i42iO0q5a6ROXeewqaFCcao
s86HnOleYRvUE1Gu2z/VmVAhfXlECmTGLwPH9GqLDPMybzG/lxir4Pt+T5h3simn
xkg/chUQdnZ+M/lL80QSmvQKZk24DKbi07444x25zddbBhtaAZJAjCo4bG0NwWNO
7QbVSzT/dRfvXAFks1MEhkYuS74c8flSWpCzAKVp+h+p5ULRoHpVQ6B9UNYzL8DC
lmyCeS/KrmlZwQ==
-----END CERTIFICATE-----