Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          hcysZzF8Jv0NvyccLB81KOeme31LlZSQG0WN6f7lGHo=
Subject key identifier:   C1:61:21:2D:BF:83:C1:8F:97:9C:42:C0:C4:07:91:86:31:95:C8:CE
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       0199233159F781ABD8F1A3D85E8BEDE1F612
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          03D3
Signing time:             Sun 07 Sep 2025 08:01:00 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:00 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:00 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: 8Ccil+mEjLDXnWZ/oA9LSO7eMeMJWXC/eFncveK2h9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:59:f7:81:ab:d8:f1:a3:d8:5e:8b:ed:e1:f6:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Sep  7 08:01:00 2025 GMT
            Not After : Sep  8 08:01:00 2025 GMT
        Subject: CN=c161212dbf83c18f979c42c0c40791863195c8ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f7:2e:ef:3b:0f:5f:42:43:86:8b:75:86:d0:
                    93:58:a8:a0:cd:66:a4:a0:7c:5a:5f:9b:22:9a:5d:
                    08:2d:f2:d0:85:3d:3f:b0:cc:e1:70:86:30:51:98:
                    4e:d0:77:7c:47:a6:c4:57:b6:67:d0:d1:5b:25:21:
                    1d:1c:a2:90:4b:f2:45:a6:97:80:83:48:39:b5:12:
                    ff:d8:dd:43:d4:fb:82:1f:f2:1a:ac:a6:51:f9:db:
                    e3:40:fd:c7:e9:29:0d:06:da:01:a5:ce:00:07:41:
                    25:42:ed:a0:69:63:9f:13:1e:ac:36:f2:43:f4:fe:
                    55:d3:58:c8:47:9a:6e:b7:93:67:59:63:97:53:f5:
                    14:09:7e:6a:f2:4a:6a:6b:37:e9:15:d2:68:6e:b6:
                    25:ec:87:7c:86:e2:1b:4d:65:87:3b:b1:f6:d7:38:
                    89:3e:bc:8c:e4:eb:b6:76:4e:9f:cd:3c:9e:d2:18:
                    a3:a8:eb:af:b3:cf:6e:c5:c7:47:56:42:1e:68:32:
                    56:90:4b:a5:24:85:12:09:36:21:81:3c:d3:9a:bd:
                    dd:11:52:a6:e0:6c:99:a0:07:da:98:f5:22:d8:f4:
                    79:98:ae:47:a9:d5:83:e4:a8:97:ed:82:2f:cc:a2:
                    a5:0e:5c:73:8f:1f:b9:0e:0c:66:72:a0:12:f4:69:
                    a9:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:61:21:2D:BF:83:C1:8F:97:9C:42:C0:C4:07:91:86:31:95:C8:CE
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:b0:d4:4c:da:55:63:b3:45:57:64:40:97:45:b9:0d:5a:66:
         b8:b6:2b:77:f4:6a:66:74:f2:0b:c3:53:61:45:7c:e1:3c:86:
         19:67:85:22:51:57:b3:76:38:c7:5c:ed:ee:8c:3e:aa:ed:77:
         d2:80:5c:f5:4a:ce:90:07:1b:76:0f:03:7a:dd:b2:97:84:18:
         56:25:0d:46:17:4e:bb:d5:1a:97:b1:e9:de:57:c9:71:b2:98:
         fb:74:07:be:03:d6:c7:f8:76:8c:40:a2:f2:48:9f:ab:6d:fd:
         8e:91:08:4a:6b:63:fb:ec:df:14:de:ca:ec:0b:50:cf:44:61:
         4e:97:dc:17:a1:56:88:e0:ff:39:c6:19:7a:23:60:c6:22:eb:
         b5:aa:33:af:6a:11:da:46:c1:93:95:ae:8f:89:6c:79:d1:a3:
         58:d3:23:ea:49:d0:90:f5:e8:8b:70:7d:e2:8f:f7:e8:b4:14:
         64:a8:50:c8:63:08:bc:3e:89:67:7a:f1:d2:22:f9:a1:f0:73:
         aa:2e:66:6f:7b:61:9d:9f:69:d5:40:52:27:59:c7:5a:79:8f:
         69:68:26:d0:d4:38:5d:16:8b:8b:f5:05:15:cb:6e:37:6d:45:
         57:62:76:22:7a:01:84:4f:72:df:90:4c:73:36:16:3e:dd:77:
         17:c7:ae:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMVn3gavY8aPYXovt4fYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUwOTA3MDgwMTAwWhcNMjUwOTA4MDgwMTAwWjAzMTEwLwYDVQQD
EyhjMTYxMjEyZGJmODNjMThmOTc5YzQyYzBjNDA3OTE4NjMxOTVjOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvcu7zsPX0JDhot1htCTWKigzWak
oHxaX5siml0ILfLQhT0/sMzhcIYwUZhO0Hd8R6bEV7Zn0NFbJSEdHKKQS/JFppeA
g0g5tRL/2N1D1PuCH/IarKZR+dvjQP3H6SkNBtoBpc4AB0ElQu2gaWOfEx6sNvJD
9P5V01jIR5put5NnWWOXU/UUCX5q8kpqazfpFdJobrYl7Id8huIbTWWHO7H21ziJ
PryM5Ou2dk6fzTye0hijqOuvs89uxcdHVkIeaDJWkEulJIUSCTYhgTzTmr3dEVKm
4GyZoAfamPUi2PR5mK5HqdWD5KiX7YIvzKKlDlxzjx+5DgxmcqAS9Gmp8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFhIS2/g8GPl5xCwMQHkYYxlcjOMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbrDUTNpV
Y7NFV2RAl0W5DVpmuLYrd/RqZnTyC8NTYUV84TyGGWeFIlFXs3Y4x1zt7ow+qu13
0oBc9UrOkAcbdg8Det2yl4QYViUNRhdOu9Ual7Hp3lfJcbKY+3QHvgPWx/h2jECi
8kifq239jpEISmtj++zfFN7K7AtQz0RhTpfcF6FWiOD/OcYZeiNgxiLrtaozr2oR
2kbBk5Wuj4lsedGjWNMj6knQkPXoi3B94o/36LQUZKhQyGMIvD6JZ3rx0iL5ofBz
qi5mb3thnZ9p1UBSJ1nHWnmPaWgm0NQ4XRaLi/UFFctuN21FV2J2InoBhE9y35BM
czYWPt13F8euzQ==
-----END CERTIFICATE-----