Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
File:                     xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json)
Hash identifier:          mIvSmZTm5f0xqWmw2z7Cug7yKq9qylF/bLOUajOd/LA=
Subject key identifier:   32:39:00:9C:DD:45:41:5A:5D:EF:66:4D:32:C5:EE:1F:20:9C:65:53
Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
Certificate issuer:       /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Certificate serial:       019922FA14DF9DA619366ABE29B670EB68D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
Manifest number:          08A1
Signing time:             Sun 07 Sep 2025 07:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:38 +0000
Files and hashes:         1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: K2s1ruNrHqMt+wqUj9DZIKhamlcSPTUwHe4FWLizm4c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:14:df:9d:a6:19:36:6a:be:29:b6:70:eb:68:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
        Validity
            Not Before: Sep  7 07:00:38 2025 GMT
            Not After : Sep  8 07:00:38 2025 GMT
        Subject: CN=3239009cdd45415a5def664d32c5ee1f209c6553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d4:e2:8e:12:22:cc:65:c5:ff:d7:20:49:41:
                    ba:e6:95:f1:3b:c8:e1:ab:66:4f:fd:c2:1c:52:69:
                    bd:80:36:8a:3b:8c:ad:ed:19:8f:d1:7f:a6:4c:b6:
                    71:65:16:4b:dc:5b:c3:bd:0c:15:bf:66:bc:dc:a4:
                    e4:74:21:d2:71:f2:c5:8a:d0:2e:11:f1:13:1d:df:
                    1a:93:b4:c6:9e:a6:c4:4b:f6:d7:bc:6a:cc:2c:99:
                    80:84:94:81:21:a0:d4:b3:e3:af:1d:19:40:19:dd:
                    2e:57:27:9f:f2:38:4c:70:52:03:9b:f5:6a:6b:1a:
                    b2:d3:80:0e:d1:6c:14:94:7d:05:6e:34:a2:c0:c1:
                    8b:5c:3f:be:f0:8b:84:87:e9:72:61:ae:fe:c6:e1:
                    a4:8f:c4:b6:38:95:d0:9f:9d:fc:ea:5e:ac:b3:f8:
                    da:84:54:d5:94:cd:1d:54:41:2d:04:72:fe:28:70:
                    cf:d1:8e:ca:a6:ff:7c:6e:e1:c2:aa:81:5f:72:a2:
                    1d:f0:82:59:6b:37:a7:31:4b:dc:06:ea:24:1c:de:
                    65:37:5f:62:66:7e:88:70:46:93:1d:ac:3a:18:b9:
                    49:37:d7:e1:4b:7a:6c:65:c5:a8:89:3c:25:6b:35:
                    e7:55:d4:37:30:e9:ca:84:31:10:ea:6a:e3:b4:8f:
                    53:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:39:00:9C:DD:45:41:5A:5D:EF:66:4D:32:C5:EE:1F:20:9C:65:53
            X509v3 Authority Key Identifier:
                keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ad:b1:19:59:61:8d:73:46:7c:a1:1d:6b:52:ac:a6:d0:49:
         a4:2e:63:88:8d:6d:01:67:73:87:7e:49:6a:82:4a:b9:40:23:
         53:70:ef:81:6d:d7:11:4a:19:92:2d:e5:9d:76:a6:c3:48:b2:
         55:b7:04:87:c4:c6:72:75:7b:0e:d6:3d:13:cd:b1:b7:a7:eb:
         dd:d9:a1:61:62:bd:31:8f:c2:a9:f9:d5:ad:af:0a:d8:28:d2:
         1d:9b:ea:90:2b:42:d0:ee:d6:94:9a:5b:76:6f:a8:92:c9:93:
         08:24:05:f6:25:78:4b:ba:b1:7b:5d:de:66:62:c4:fc:a7:92:
         4f:b9:e4:9c:61:0d:17:6a:a9:9c:65:e7:a4:b5:e6:8f:35:9a:
         62:7b:30:5e:2f:ec:95:3e:21:fe:6e:70:28:2a:bd:51:4b:95:
         79:c0:0a:9a:b2:ef:5b:d4:1f:bf:52:bb:b8:47:46:a1:bd:3d:
         5b:ea:45:ad:c0:19:e1:01:48:2b:e5:61:85:c1:39:4d:06:22:
         a1:73:21:14:f0:01:02:67:47:2c:9e:4a:c7:dd:31:f8:5b:ec:
         85:67:32:3b:29:68:5f:ca:e1:f8:4f:77:9b:ca:1f:d0:62:26:
         7b:7f:01:df:1e:d2:c6:d0:8a:97:fe:a4:53:97:18:6a:99:05:
         7c:50:e9:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+hTfnaYZNmq+KbZw62jWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5
NzQ1ZTkwHhcNMjUwOTA3MDcwMDM4WhcNMjUwOTA4MDcwMDM4WjAzMTEwLwYDVQQD
EygzMjM5MDA5Y2RkNDU0MTVhNWRlZjY2NGQzMmM1ZWUxZjIwOWM2NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNTijhIizGXF/9cgSUG65pXxO8jh
q2ZP/cIcUmm9gDaKO4yt7RmP0X+mTLZxZRZL3FvDvQwVv2a83KTkdCHScfLFitAu
EfETHd8ak7TGnqbES/bXvGrMLJmAhJSBIaDUs+OvHRlAGd0uVyef8jhMcFIDm/Vq
axqy04AO0WwUlH0FbjSiwMGLXD++8IuEh+lyYa7+xuGkj8S2OJXQn5386l6ss/ja
hFTVlM0dVEEtBHL+KHDP0Y7Kpv98buHCqoFfcqId8IJZazenMUvcBuokHN5lN19i
Zn6IcEaTHaw6GLlJN9fhS3psZcWoiTwlazXnVdQ3MOnKhDEQ6mrjtI9TQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDI5AJzdRUFaXe9mTTLF7h8gnGVTMB8GA1UdIwQY
MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut
YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz
LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAka2xGVlh
jXNGfKEda1KsptBJpC5jiI1tAWdzh35JaoJKuUAjU3DvgW3XEUoZki3lnXamw0iy
VbcEh8TGcnV7DtY9E82xt6fr3dmhYWK9MY/CqfnVra8K2CjSHZvqkCtC0O7WlJpb
dm+oksmTCCQF9iV4S7qxe13eZmLE/KeST7nknGENF2qpnGXnpLXmjzWaYnswXi/s
lT4h/m5wKCq9UUuVecAKmrLvW9Qfv1K7uEdGob09W+pFrcAZ4QFIK+VhhcE5TQYi
oXMhFPABAmdHLJ5Kx90x+FvshWcyOyloX8rh+E93m8of0GIme38B3x7SxtCKl/6k
U5cYapkFfFDp6g==
-----END CERTIFICATE-----