Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          OuyXzIoNHpkGNRXn8l5CZkAdNr8v2e5szRwz0KLiwnY=
Subject key identifier:   1A:22:80:EC:30:AC:14:B1:D2:17:67:8A:87:BA:DF:4E:9A:12:B8:1C
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       0199221E42DD1F9D5EA8990F149E80A3949A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          06BD
Signing time:             Sun 07 Sep 2025 03:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:32 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: FHKvdadCJeiVXOIDeeitaxtuHefJvb/+2Oe+EGTXB7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:42:dd:1f:9d:5e:a8:99:0f:14:9e:80:a3:94:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Sep  7 03:00:32 2025 GMT
            Not After : Sep  8 03:00:32 2025 GMT
        Subject: CN=1a2280ec30ac14b1d217678a87badf4e9a12b81c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:de:d3:75:16:4b:55:c0:f3:62:f2:42:18:df:
                    dd:fc:18:ca:b9:7c:bc:e1:a1:e5:e7:f0:3d:74:03:
                    d2:9b:34:b1:ff:9f:9a:d2:d6:d8:b1:9a:b7:ba:e7:
                    e0:29:3b:6f:8f:1c:67:88:f2:fa:ae:c9:a6:0e:ba:
                    3d:cb:fd:f8:f1:ba:75:f5:8f:98:93:81:54:56:5d:
                    a5:fe:c9:f8:83:62:17:6d:7d:7e:6c:e3:a4:79:56:
                    b1:b2:9d:e0:1d:6b:09:5e:9a:f2:82:b0:62:26:b7:
                    9f:44:6f:bc:eb:99:af:f2:f4:19:07:68:21:8e:b3:
                    a9:9c:fb:25:c3:c4:b8:0a:5c:08:43:7a:94:32:c1:
                    45:54:d2:3c:e3:91:a2:62:62:b8:f4:ec:cf:49:ea:
                    93:71:1f:ce:81:d1:00:14:39:fa:0d:a6:08:fe:63:
                    9d:81:53:a1:4f:79:95:33:88:0d:f0:f5:5f:62:80:
                    ad:a8:d1:dd:80:24:66:ec:8b:a7:c1:5a:b6:91:0a:
                    79:8e:0f:7c:57:ab:af:40:f8:68:f2:22:ec:1c:1d:
                    ed:e2:65:88:2e:10:50:5f:c2:86:b3:4e:9a:86:e8:
                    84:5e:70:ab:c6:6a:7d:74:e0:4d:9f:2b:66:19:ab:
                    53:eb:19:9a:19:2e:e7:00:97:61:35:cc:19:16:d8:
                    cc:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:22:80:EC:30:AC:14:B1:D2:17:67:8A:87:BA:DF:4E:9A:12:B8:1C
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:21:fc:06:33:73:98:e8:34:d8:73:ef:08:41:dd:58:9b:2f:
         16:f3:16:c4:c1:70:f6:d8:ee:e4:99:19:e7:7b:e2:73:82:95:
         bc:f3:e0:ad:d2:80:0c:db:47:c7:0a:a7:8e:02:3f:35:be:fc:
         0f:ce:e5:86:4e:0b:50:bf:1a:b6:ec:6c:b1:d8:44:f3:a7:1d:
         fc:ff:18:b0:8d:30:2a:9f:08:a6:ee:c3:df:ce:7c:e7:7d:ab:
         db:dc:af:4c:40:c3:60:a9:af:ee:1a:f3:75:60:f2:03:5b:f2:
         4f:05:94:f7:56:67:ea:cc:66:1c:61:b0:e3:eb:e4:fd:22:16:
         4c:a7:ca:c3:55:16:2f:3c:db:03:dd:18:cb:46:24:97:d4:4b:
         22:af:b8:26:01:09:e8:7c:54:bd:3a:b9:eb:2c:4c:9c:82:d6:
         dc:a2:fd:91:3a:0b:22:db:8a:eb:03:48:43:f5:48:9a:16:0d:
         94:db:4f:08:85:71:45:e4:47:9b:27:a5:6f:73:25:62:11:4d:
         16:e8:db:06:0b:3d:22:7d:da:3c:4d:a2:33:d4:c0:8c:8b:0d:
         53:4a:dc:da:e8:3c:4e:00:3e:0b:c9:de:9b:86:21:ff:93:8f:
         ba:23:1c:60:3e:1d:31:0e:ef:a7:fc:a5:34:a1:4c:f6:75:4f:
         07:66:6e:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHkLdH51eqJkPFJ6Ao5SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjUwOTA3MDMwMDMyWhcNMjUwOTA4MDMwMDMyWjAzMTEwLwYDVQQD
EygxYTIyODBlYzMwYWMxNGIxZDIxNzY3OGE4N2JhZGY0ZTlhMTJiODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv97TdRZLVcDzYvJCGN/d/BjKuXy8
4aHl5/A9dAPSmzSx/5+a0tbYsZq3uufgKTtvjxxniPL6rsmmDro9y/348bp19Y+Y
k4FUVl2l/sn4g2IXbX1+bOOkeVaxsp3gHWsJXprygrBiJrefRG+865mv8vQZB2gh
jrOpnPslw8S4ClwIQ3qUMsFFVNI845GiYmK49OzPSeqTcR/OgdEAFDn6DaYI/mOd
gVOhT3mVM4gN8PVfYoCtqNHdgCRm7IunwVq2kQp5jg98V6uvQPho8iLsHB3t4mWI
LhBQX8KGs06ahuiEXnCrxmp9dOBNnytmGatT6xmaGS7nAJdhNcwZFtjMVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoigOwwrBSx0hdnioe6306aErgcMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyH8BjNz
mOg02HPvCEHdWJsvFvMWxMFw9tju5JkZ53vic4KVvPPgrdKADNtHxwqnjgI/Nb78
D87lhk4LUL8atuxssdhE86cd/P8YsI0wKp8Ipu7D3858532r29yvTEDDYKmv7hrz
dWDyA1vyTwWU91Zn6sxmHGGw4+vk/SIWTKfKw1UWLzzbA90Yy0Ykl9RLIq+4JgEJ
6HxUvTq56yxMnILW3KL9kToLItuK6wNIQ/VImhYNlNtPCIVxReRHmyelb3MlYhFN
FujbBgs9In3aPE2iM9TAjIsNU0rc2ug8TgA+C8nem4Yh/5OPuiMcYD4dMQ7vp/yl
NKFM9nVPB2Zu5Q==
-----END CERTIFICATE-----