Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          7yJTwrgM1QXfFBAq/r09Ls4cfCr7tA0COTsgZlS0dno=
Subject key identifier:   93:AF:DE:16:9B:77:CF:17:79:AA:EC:3C:0B:27:3C:10:7A:FB:39:FD
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       01992255342063C43CDB4DB6510F0CE71125
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0900
Signing time:             Sun 07 Sep 2025 04:00:33 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:33 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:33 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: pO5nWik6S05qRF3QacySRsP2Ym4xviVF2ISTx7Xqo34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:34:20:63:c4:3c:db:4d:b6:51:0f:0c:e7:11:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Sep  7 04:00:33 2025 GMT
            Not After : Sep  8 04:00:33 2025 GMT
        Subject: CN=93afde169b77cf1779aaec3c0b273c107afb39fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:be:1b:e7:a8:0c:f7:87:00:69:96:ec:c4:ba:
                    ef:8c:c0:18:8a:81:15:c1:8b:30:6e:a1:9a:51:39:
                    f3:a1:ce:15:f6:d0:9c:98:8c:c5:ef:5d:d4:7f:74:
                    9b:92:57:0b:70:af:1e:81:d1:ef:c5:9f:c4:db:de:
                    30:3f:d6:3e:72:df:dc:57:ea:ea:8a:49:51:de:64:
                    f9:fd:4a:9d:35:bf:03:71:a3:57:d0:7f:87:dc:ba:
                    03:7a:db:4a:f1:98:4a:24:7a:1b:fa:64:cb:f5:57:
                    29:fa:5c:60:63:bb:7c:a5:3f:4d:c9:af:ca:8c:f6:
                    33:a3:2e:88:54:53:a5:07:7a:a2:9b:6f:8b:7f:54:
                    f1:30:e2:65:57:b0:7d:34:0e:41:2e:5b:d8:73:01:
                    92:c5:a2:a4:b3:f9:9e:20:94:49:d8:53:d9:75:10:
                    d3:32:7f:d8:54:b6:2b:01:80:ae:1b:e4:b6:0d:5c:
                    42:0c:92:c9:bd:57:ed:72:67:e1:a7:9a:a5:bb:4b:
                    a9:12:85:48:22:8a:ab:50:c6:81:fc:83:76:26:4b:
                    df:cd:9c:62:86:f6:f9:b5:fe:c1:9b:22:83:ae:8b:
                    b0:a3:86:fb:bd:ce:6f:47:7a:56:fe:df:f8:c3:0c:
                    32:dc:79:b8:06:4e:22:08:6f:be:51:cd:83:e6:fc:
                    2c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:AF:DE:16:9B:77:CF:17:79:AA:EC:3C:0B:27:3C:10:7A:FB:39:FD
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:1f:be:43:ab:a8:15:5d:0c:48:a3:42:a7:41:a3:58:4a:69:
         cc:79:35:c7:3e:56:88:02:02:3e:dd:22:92:28:d3:11:6f:c7:
         98:ce:55:2b:79:ec:2c:8a:32:38:5c:03:5d:11:dc:ee:54:91:
         8e:67:89:7f:80:aa:86:92:bd:3f:8a:24:dd:16:85:40:1b:9d:
         f0:a6:a2:b3:94:d0:3b:88:79:64:59:bf:b4:9e:ec:a0:e8:f8:
         49:5a:07:37:8c:bb:25:9f:74:98:e7:56:07:93:21:97:dc:34:
         05:99:9b:6b:16:6e:57:62:1f:2a:e9:a0:14:15:64:5b:eb:9a:
         e2:ab:dd:4e:d4:1c:11:98:65:ee:ed:96:72:c0:6d:85:be:82:
         dd:83:44:3d:41:19:a4:2c:ae:89:93:02:ff:94:0e:90:b3:30:
         e1:26:84:bc:19:ff:ae:d2:d0:3c:3a:40:9f:68:9c:19:ae:f5:
         c8:f0:ef:98:76:43:ed:b9:35:53:c3:0e:81:b1:9b:c4:5a:dc:
         bf:3b:06:28:9b:24:ec:39:04:0c:b2:5d:06:f0:9d:c6:51:27:
         c3:94:cb:6c:b4:58:5c:b3:1d:dc:1d:fd:08:9a:99:86:92:5f:
         da:f4:b8:79:d9:c5:1c:86:57:cd:b5:43:0b:50:42:f1:55:9e:
         df:0d:3c:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVTQgY8Q82022UQ8M5xElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjUwOTA3MDQwMDMzWhcNMjUwOTA4MDQwMDMzWjAzMTEwLwYDVQQD
Eyg5M2FmZGUxNjliNzdjZjE3NzlhYWVjM2MwYjI3M2MxMDdhZmIzOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb4b56gM94cAaZbsxLrvjMAYioEV
wYswbqGaUTnzoc4V9tCcmIzF713Uf3SbklcLcK8egdHvxZ/E294wP9Y+ct/cV+rq
iklR3mT5/UqdNb8DcaNX0H+H3LoDettK8ZhKJHob+mTL9Vcp+lxgY7t8pT9Nya/K
jPYzoy6IVFOlB3qim2+Lf1TxMOJlV7B9NA5BLlvYcwGSxaKks/meIJRJ2FPZdRDT
Mn/YVLYrAYCuG+S2DVxCDJLJvVftcmfhp5qlu0upEoVIIoqrUMaB/IN2JkvfzZxi
hvb5tf7BmyKDrouwo4b7vc5vR3pW/t/4wwwy3Hm4Bk4iCG++Uc2D5vwsGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOv3habd88XearsPAsnPBB6+zn9MB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPh++Q6uo
FV0MSKNCp0GjWEppzHk1xz5WiAICPt0ikijTEW/HmM5VK3nsLIoyOFwDXRHc7lSR
jmeJf4CqhpK9P4ok3RaFQBud8Kais5TQO4h5ZFm/tJ7soOj4SVoHN4y7JZ90mOdW
B5Mhl9w0BZmbaxZuV2IfKumgFBVkW+ua4qvdTtQcEZhl7u2WcsBthb6C3YNEPUEZ
pCyuiZMC/5QOkLMw4SaEvBn/rtLQPDpAn2icGa71yPDvmHZD7bk1U8MOgbGbxFrc
vzsGKJsk7DkEDLJdBvCdxlEnw5TLbLRYXLMd3B39CJqZhpJf2vS4ednFHIZXzbVD
C1BC8VWe3w08nA==
-----END CERTIFICATE-----