Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File:                     MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier:          y2VsTL2MLNnUsDiGcMJ7Q1mL7gyJr/H5eb0f7PG+3jE=
Subject key identifier:   40:12:79:84:B8:32:00:7F:7C:A2:E4:B4:E9:67:7B:F4:2F:A3:F3:C8
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer:       /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial:       0199172D24C33746FC99D246474285DF938B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number:          019F
Signing time:             Fri 05 Sep 2025 00:00:58 +0000
Manifest this update:     Fri 05 Sep 2025 00:00:58 +0000
Manifest next update:     Sat 06 Sep 2025 00:00:58 +0000
Files and hashes:         1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: r5PPmqUgoqEzu7/rExnIXb5c8AMtGqjrcYK5vZRD2Z4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:2d:24:c3:37:46:fc:99:d2:46:47:42:85:df:93:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
        Validity
            Not Before: Sep  5 00:00:58 2025 GMT
            Not After : Sep  6 00:00:58 2025 GMT
        Subject: CN=40127984b832007f7ca2e4b4e9677bf42fa3f3c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:53:67:cf:1c:93:56:ed:a9:60:89:71:d7:ae:
                    7b:df:74:11:af:7f:3e:e9:51:f7:d4:6c:a6:47:17:
                    b9:33:76:ec:4e:ce:77:6f:cc:17:14:d9:54:f0:12:
                    aa:79:bf:e0:69:6d:ad:cc:1a:b4:bc:4a:84:e4:5d:
                    f0:e9:a3:4a:b9:a9:39:9a:4a:4d:13:65:e2:65:b7:
                    79:f0:7e:ef:33:52:55:41:9e:9b:67:d5:19:ae:88:
                    06:b3:4d:54:95:b1:f3:4e:da:be:a1:e7:1e:7a:49:
                    a5:60:84:30:90:f1:7c:ef:08:fa:d4:df:81:09:3d:
                    55:6d:0a:21:04:17:77:85:05:fd:1f:ca:e5:3f:2b:
                    0c:50:7d:66:57:fb:e2:f9:4e:25:22:2e:5d:86:e7:
                    d0:9c:9c:30:04:e2:21:37:0f:16:ea:e9:05:96:c5:
                    1b:f9:d6:f7:a8:0c:aa:13:f8:2c:38:2b:7f:53:b6:
                    19:2f:f5:22:3d:61:53:b2:42:ae:b3:95:a1:99:6f:
                    e1:20:a2:82:67:a2:7e:e1:e2:78:43:8e:3c:03:82:
                    13:f4:c0:d3:c5:eb:56:f3:55:4c:3b:41:a5:a3:11:
                    61:cf:dc:6f:63:32:fa:8c:b8:dd:38:32:eb:1a:13:
                    52:88:d8:4b:4e:c7:df:f6:41:30:b0:7a:47:62:66:
                    ea:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:12:79:84:B8:32:00:7F:7C:A2:E4:B4:E9:67:7B:F4:2F:A3:F3:C8
            X509v3 Authority Key Identifier:
                keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:04:a4:d9:3e:94:97:98:2e:8e:93:f5:f5:cb:b7:9b:03:2d:
         95:42:49:ca:01:c4:2f:f1:5c:36:ac:35:bc:cc:68:55:6e:4b:
         12:a5:2f:c7:92:93:99:84:f2:8e:f6:8d:9d:bd:07:fe:a2:d3:
         fc:3c:6f:e3:72:ef:32:b8:5c:98:b7:7f:03:94:82:54:5f:81:
         14:e1:85:68:74:1e:19:d0:13:e7:5c:64:db:16:44:c7:68:aa:
         ef:b8:5b:2d:dd:bf:23:95:4e:c3:58:45:d1:a4:05:ee:01:4a:
         b1:18:4b:eb:4e:5a:a4:03:e5:7a:31:fc:3b:7e:12:69:9f:4e:
         0a:22:ae:40:e9:de:83:f7:30:52:fa:a4:a4:45:a3:e7:6d:ab:
         c4:c9:aa:49:75:9d:b3:bb:df:41:c1:a5:2b:9e:f7:e0:53:6f:
         93:5a:02:0c:15:7f:e3:c5:e1:62:54:46:1c:44:78:fb:ca:19:
         b0:6b:89:4a:82:c2:61:3b:57:4e:4a:2e:14:4e:6a:97:db:83:
         79:88:94:f9:4b:d7:60:14:34:02:66:42:cd:f0:40:1e:7e:d2:
         21:1d:fd:52:ab:ee:77:91:53:c3:8d:ee:a1:ae:7b:f8:fd:c9:
         3b:c2:80:8e:9d:cb:7b:40:2c:32:12:9a:c8:f2:8c:0f:9d:d2:
         a0:ec:04:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLSTDN0b8mdJGR0KF35OLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUwOTA1MDAwMDU4WhcNMjUwOTA2MDAwMDU4WjAzMTEwLwYDVQQD
Eyg0MDEyNzk4NGI4MzIwMDdmN2NhMmU0YjRlOTY3N2JmNDJmYTNmM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFNnzxyTVu2pYIlx165733QRr38+
6VH31GymRxe5M3bsTs53b8wXFNlU8BKqeb/gaW2tzBq0vEqE5F3w6aNKuak5mkpN
E2XiZbd58H7vM1JVQZ6bZ9UZrogGs01UlbHzTtq+oeceekmlYIQwkPF87wj61N+B
CT1VbQohBBd3hQX9H8rlPysMUH1mV/vi+U4lIi5dhufQnJwwBOIhNw8W6ukFlsUb
+db3qAyqE/gsOCt/U7YZL/UiPWFTskKus5WhmW/hIKKCZ6J+4eJ4Q448A4IT9MDT
xetW81VMO0GloxFhz9xvYzL6jLjdODLrGhNSiNhLTsff9kEwsHpHYmbqzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEASeYS4MgB/fKLktOlne/Qvo/PIMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqwSk2T6U
l5gujpP19cu3mwMtlUJJygHEL/FcNqw1vMxoVW5LEqUvx5KTmYTyjvaNnb0H/qLT
/Dxv43LvMrhcmLd/A5SCVF+BFOGFaHQeGdAT51xk2xZEx2iq77hbLd2/I5VOw1hF
0aQF7gFKsRhL605apAPlejH8O34SaZ9OCiKuQOneg/cwUvqkpEWj522rxMmqSXWd
s7vfQcGlK5734FNvk1oCDBV/48XhYlRGHER4+8oZsGuJSoLCYTtXTkouFE5ql9uD
eYiU+UvXYBQ0AmZCzfBAHn7SIR39Uqvud5FTw43uoa57+P3JO8KAjp3Le0AsMhKa
yPKMD53SoOwEpA==
-----END CERTIFICATE-----