Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          fkcyoZFCTng/3gEMX7JwpVHWe8y790VBAr145R9Jtdk=
Subject key identifier:   9C:66:EF:F8:48:D7:F4:5C:6E:C8:D7:17:E2:DC:AA:C3:27:51:70:34
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       0199239ED7A77EF6A97F37687E9E8AD89BB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          01DC
Signing time:             Sun 07 Sep 2025 10:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:36 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: 3AGlxDvq9TOFW2FQsaIe0JxOV82RZ0hlITpgHhO8NM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:d7:a7:7e:f6:a9:7f:37:68:7e:9e:8a:d8:9b:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Sep  7 10:00:36 2025 GMT
            Not After : Sep  8 10:00:36 2025 GMT
        Subject: CN=9c66eff848d7f45c6ec8d717e2dcaac327517034
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e1:f5:c5:07:1d:95:a1:0d:dd:15:8c:bf:0a:
                    71:01:8c:00:26:2d:6d:c0:52:e6:4e:73:9b:ab:9a:
                    15:71:45:d3:ff:99:3d:bb:2d:a7:71:d7:57:2f:86:
                    1d:2e:cc:bb:7a:04:e0:1d:78:da:90:c5:a4:52:20:
                    61:bd:91:19:fb:ae:1f:a9:3a:78:73:20:01:33:bc:
                    27:52:90:7e:29:85:dc:fb:b8:27:e4:f9:b2:1e:4d:
                    ea:4d:4b:9c:4b:ef:42:b5:2e:3c:75:d6:89:f7:46:
                    82:59:85:9e:f2:fe:69:72:de:72:62:1b:88:cf:05:
                    29:28:81:14:ee:e2:51:50:74:f1:fc:52:d9:5d:86:
                    93:77:13:59:69:e6:b4:54:10:29:81:48:bc:7a:ae:
                    5f:bd:6f:9c:aa:85:c3:39:19:41:ed:e1:7d:b6:36:
                    40:5b:f7:c4:eb:e6:ab:06:5a:55:78:2b:e2:da:47:
                    0f:43:47:78:b0:14:64:fe:73:87:10:18:be:78:4b:
                    83:30:40:69:84:97:1f:d2:5e:95:cd:81:85:fa:bb:
                    0e:93:43:af:ac:d9:29:ca:1d:19:b7:78:6f:3a:f7:
                    d4:b3:d1:bb:28:dd:f1:0f:f5:8b:40:e4:b5:0e:0d:
                    eb:82:61:fc:f6:0b:df:f0:13:20:85:ab:3a:13:73:
                    ab:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:66:EF:F8:48:D7:F4:5C:6E:C8:D7:17:E2:DC:AA:C3:27:51:70:34
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:f0:8b:b7:96:04:5b:74:ef:a3:35:bf:25:a0:7b:41:44:c4:
         cd:e4:39:10:d2:6b:13:87:1f:a8:36:47:d8:84:60:78:db:25:
         41:51:34:33:22:d2:d3:f1:e8:3f:85:50:9d:d9:28:9e:95:9d:
         14:f1:49:b4:08:b7:2f:37:14:83:22:1d:78:e5:22:0a:87:2c:
         8f:5a:2d:4f:b1:ec:ca:22:41:43:bd:6d:cc:57:9b:69:a3:f3:
         dc:13:8f:fb:9b:7a:f8:f2:8d:4e:aa:10:96:aa:b4:ae:99:35:
         a7:e0:59:55:1d:30:89:99:f9:6f:d0:fb:3a:df:ab:d8:d4:b1:
         9f:86:4e:ae:ac:14:23:5e:be:43:bd:bb:78:32:3e:5b:8f:6c:
         5a:64:57:e1:28:f1:40:13:4d:9d:c8:e5:25:24:1a:a0:10:71:
         75:b6:dc:e2:40:2d:e7:43:87:1d:7e:c6:ba:1a:62:f0:b7:e7:
         1b:3b:8e:87:0e:1f:c1:a7:5a:f0:1c:ab:31:90:d0:ff:9b:2d:
         63:d4:44:e0:2a:7b:b3:9c:b8:a9:20:5e:19:45:df:d1:78:46:
         43:a9:e7:e3:17:3a:79:cf:ee:9e:43:10:41:31:27:dd:65:b4:
         0d:4f:63:13:fd:2b:2e:61:6f:af:97:f0:78:95:f6:97:c6:45:
         22:61:ba:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjntenfvapfzdofp6K2Ju4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwOTA3MTAwMDM2WhcNMjUwOTA4MTAwMDM2WjAzMTEwLwYDVQQD
Eyg5YzY2ZWZmODQ4ZDdmNDVjNmVjOGQ3MTdlMmRjYWFjMzI3NTE3MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuH1xQcdlaEN3RWMvwpxAYwAJi1t
wFLmTnObq5oVcUXT/5k9uy2ncddXL4YdLsy7egTgHXjakMWkUiBhvZEZ+64fqTp4
cyABM7wnUpB+KYXc+7gn5PmyHk3qTUucS+9CtS48ddaJ90aCWYWe8v5pct5yYhuI
zwUpKIEU7uJRUHTx/FLZXYaTdxNZaea0VBApgUi8eq5fvW+cqoXDORlB7eF9tjZA
W/fE6+arBlpVeCvi2kcPQ0d4sBRk/nOHEBi+eEuDMEBphJcf0l6VzYGF+rsOk0Ov
rNkpyh0Zt3hvOvfUs9G7KN3xD/WLQOS1Dg3rgmH89gvf8BMghas6E3OrRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxm7/hI1/RcbsjXF+LcqsMnUXA0MB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0PCLt5YE
W3TvozW/JaB7QUTEzeQ5ENJrE4cfqDZH2IRgeNslQVE0MyLS0/HoP4VQndkonpWd
FPFJtAi3LzcUgyIdeOUiCocsj1otT7HsyiJBQ71tzFebaaPz3BOP+5t6+PKNTqoQ
lqq0rpk1p+BZVR0wiZn5b9D7Ot+r2NSxn4ZOrqwUI16+Q727eDI+W49sWmRX4Sjx
QBNNncjlJSQaoBBxdbbc4kAt50OHHX7Guhpi8LfnGzuOhw4fwada8ByrMZDQ/5st
Y9RE4Cp7s5y4qSBeGUXf0XhGQ6nn4xc6ec/unkMQQTEn3WW0DU9jE/0rLmFvr5fw
eJX2l8ZFImG6NA==
-----END CERTIFICATE-----