Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
File:                     z9rC7BEEwkXZyrqOthY46drxADk.mft (raw, json)
Hash identifier:          W+TVlIAa5omf3IXjr86QZEz22sF9aCo46eH+JiLpTpI=
Subject key identifier:   15:22:D2:F2:1F:63:F2:3D:74:2C:9C:92:72:5F:32:06:42:F2:C1:7C
Authority key identifier: CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
Certificate issuer:       /CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Certificate serial:       0199239FA853FFDBD60F11148BA4FBA728DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
Manifest number:          11AF
Signing time:             Sun 07 Sep 2025 10:01:29 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:29 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:29 +0000
Files and hashes:         1: z9rC7BEEwkXZyrqOthY46drxADk.crl (hash: KKLUjMfOv9JdSCcBK9nj4Qz8vuTqRFcJhFIm2mhLozE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:a8:53:ff:db:d6:0f:11:14:8b:a4:fb:a7:28:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
        Validity
            Not Before: Sep  7 10:01:29 2025 GMT
            Not After : Sep  8 10:01:29 2025 GMT
        Subject: CN=1522d2f21f63f23d742c9c92725f320642f2c17c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ec:e7:6c:58:41:48:29:6d:fc:b2:66:a8:38:
                    8c:8c:3b:d6:f6:c2:df:d5:0c:aa:33:96:8d:e8:d5:
                    9e:48:c9:dd:c2:58:d7:84:78:db:20:96:16:93:c9:
                    43:13:b2:07:5a:65:00:68:64:ed:a4:5b:a2:51:5d:
                    0b:f1:cd:8d:5a:38:28:da:d7:c7:20:2c:ad:00:54:
                    74:29:3c:ac:ce:5d:f3:4d:c3:7a:eb:a1:9f:6a:46:
                    1a:fb:41:b8:be:66:ed:2f:ef:4e:67:f4:18:79:44:
                    97:a3:1e:18:e7:b7:10:3a:73:c7:57:e6:6a:62:cc:
                    4f:ef:f3:b3:49:c3:07:5f:df:5d:48:d4:6d:c6:f7:
                    e1:e4:fb:72:af:1c:97:75:b8:3e:10:a6:ba:da:c4:
                    96:79:09:3f:95:bf:90:f1:79:55:03:b3:b4:dd:06:
                    d7:45:30:fa:7a:c8:6d:b1:75:7a:69:8d:22:e3:50:
                    0f:3f:97:d1:2e:7f:fc:4f:b3:ee:b3:32:df:49:4d:
                    08:6b:20:27:49:6b:19:16:cb:7d:19:38:3d:3f:ad:
                    e8:59:04:0c:32:4d:ef:e5:cf:0e:6d:9e:43:4c:1b:
                    86:95:cd:c1:69:2d:58:8c:75:ba:68:38:46:7e:7e:
                    74:4b:25:4e:8b:0d:ce:36:b5:e3:f3:be:5b:e9:f5:
                    71:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:22:D2:F2:1F:63:F2:3D:74:2C:9C:92:72:5F:32:06:42:F2:C1:7C
            X509v3 Authority Key Identifier:
                keyid:CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:a9:f2:cc:a7:fe:0b:9f:5e:2b:12:75:06:4b:8c:a9:82:e9:
         47:21:c8:05:97:99:7b:cf:94:00:73:61:5c:2d:e1:1c:2d:2f:
         4c:af:73:ab:53:96:31:a5:bc:67:99:48:d4:a0:b0:a2:ec:31:
         63:5c:42:4b:77:71:da:f7:bf:08:0e:7c:f0:e9:f1:c6:3d:c8:
         28:c1:d3:43:1b:31:5a:61:58:07:ac:69:5a:89:23:4c:59:25:
         45:b5:d4:da:b5:69:ad:80:09:fe:ee:c2:dc:76:ae:d7:04:66:
         fa:93:08:5f:2a:ba:31:d3:f5:6b:6a:bb:c5:20:eb:19:80:99:
         63:89:1e:f7:ae:01:39:24:29:08:17:95:b6:26:89:c2:4e:b8:
         8f:89:91:24:7b:1b:c6:5c:00:15:30:75:af:82:2a:13:c0:37:
         ac:ab:b0:4d:ce:51:79:67:be:b9:32:da:7d:7e:76:c7:8f:06:
         40:df:5b:93:87:b4:6f:88:6e:ef:1f:97:4b:2f:3a:3b:9e:43:
         2a:41:0f:7e:80:81:c5:a5:86:de:61:e3:1d:63:14:2c:89:8c:
         73:c3:a5:34:d4:4d:8f:31:72:76:a4:2e:91:63:b1:0a:3d:e6:
         e9:40:46:21:83:e7:14:2f:a8:01:c4:ae:a2:59:17:d0:d6:15:
         8b:0d:c4:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn6hT/9vWDxEUi6T7pyjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGFjMmVjMTEwNGMyNDVkOWNhYmE4ZWI2MTYzOGU5ZGFm
MTAwMzkwHhcNMjUwOTA3MTAwMTI5WhcNMjUwOTA4MTAwMTI5WjAzMTEwLwYDVQQD
EygxNTIyZDJmMjFmNjNmMjNkNzQyYzljOTI3MjVmMzIwNjQyZjJjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uznbFhBSClt/LJmqDiMjDvW9sLf
1QyqM5aN6NWeSMndwljXhHjbIJYWk8lDE7IHWmUAaGTtpFuiUV0L8c2NWjgo2tfH
ICytAFR0KTyszl3zTcN666GfakYa+0G4vmbtL+9OZ/QYeUSXox4Y57cQOnPHV+Zq
YsxP7/OzScMHX99dSNRtxvfh5PtyrxyXdbg+EKa62sSWeQk/lb+Q8XlVA7O03QbX
RTD6eshtsXV6aY0i41APP5fRLn/8T7PuszLfSU0IayAnSWsZFst9GTg9P63oWQQM
Mk3v5c8ObZ5DTBuGlc3BaS1YjHW6aDhGfn50SyVOiw3ONrXj875b6fVxrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUi0vIfY/I9dCycknJfMgZC8sF8MB8GA1UdIwQY
MBaAFM/awuwRBMJF2cq6jrYWOOna8QA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYt
NTYwNzhjODRkYzE3LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYtNTYwNzhjODRkYzE3
LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKnyzKf+
C59eKxJ1BkuMqYLpRyHIBZeZe8+UAHNhXC3hHC0vTK9zq1OWMaW8Z5lI1KCwouwx
Y1xCS3dx2ve/CA588Onxxj3IKMHTQxsxWmFYB6xpWokjTFklRbXU2rVprYAJ/u7C
3Hau1wRm+pMIXyq6MdP1a2q7xSDrGYCZY4ke964BOSQpCBeVtiaJwk64j4mRJHsb
xlwAFTB1r4IqE8A3rKuwTc5ReWe+uTLafX52x48GQN9bk4e0b4hu7x+XSy86O55D
KkEPfoCBxaWG3mHjHWMULImMc8OlNNRNjzFydqQukWOxCj3m6UBGIYPnFC+oAcSu
olkX0NYViw3ERg==
-----END CERTIFICATE-----