Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          u1i5EPI9aqL77ukz66dVQfPbjieX3AouWAqdBxkFVoc=
Subject key identifier:   7E:21:B6:8C:9E:E3:BD:A0:66:17:DB:68:33:71:9F:98:D3:48:49:27
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       0199221E552BF5A779ACF79D3F60B9AC1C81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          06C3
Signing time:             Sun 07 Sep 2025 03:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:37 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: iS6i/gp6jk49HxZcx48Hv1X/755yZCg5lAEIWAvfd6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:55:2b:f5:a7:79:ac:f7:9d:3f:60:b9:ac:1c:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Sep  7 03:00:37 2025 GMT
            Not After : Sep  8 03:00:37 2025 GMT
        Subject: CN=7e21b68c9ee3bda06617db6833719f98d3484927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8e:8a:7b:71:71:d6:d2:6e:d9:b7:fa:d6:ec:
                    d7:3c:da:8a:03:8a:a5:28:34:99:1c:19:b7:e2:cb:
                    f7:42:67:b1:67:ea:60:3d:ae:6f:76:ca:a6:73:bb:
                    23:3c:08:0c:35:83:1d:22:09:52:4b:4c:2d:81:e1:
                    f6:04:ba:86:15:62:b4:8b:5b:5c:ec:0d:8f:c2:9f:
                    1a:50:ed:27:48:3b:be:c3:01:8f:58:23:4b:9b:53:
                    bf:ea:24:fc:55:f9:86:eb:d8:17:d9:50:be:71:04:
                    4e:a8:72:91:68:d2:52:d1:06:c6:72:c8:9f:4b:58:
                    a8:a7:58:81:28:86:6c:94:db:1d:1e:04:b5:61:da:
                    d1:91:44:a3:d7:3f:ee:29:fd:1f:2e:0f:1a:c1:8e:
                    58:28:c9:6f:0f:71:ef:13:ce:1d:16:af:92:4d:40:
                    65:06:71:13:ed:24:a4:c6:ac:84:b3:c0:95:ae:f4:
                    0d:4a:88:63:ae:7c:57:81:c7:9f:a3:3a:c8:2a:8a:
                    38:7a:dd:51:1d:00:ab:b0:f6:03:1a:ab:0d:40:01:
                    7f:5f:c6:e3:c7:20:be:02:90:40:0a:8e:93:d4:7c:
                    d9:2f:48:92:a8:86:50:92:e6:b7:1f:a0:26:f0:49:
                    20:e0:66:c6:ad:95:5a:eb:c7:84:11:d2:66:80:0f:
                    e2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:21:B6:8C:9E:E3:BD:A0:66:17:DB:68:33:71:9F:98:D3:48:49:27
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:45:c6:1f:ff:d2:a0:8f:dc:f8:de:c2:10:81:1f:e2:e1:f7:
         35:52:67:16:6e:6d:1c:ec:38:c0:f4:1d:d9:61:ae:b5:7a:0d:
         e6:3b:b5:11:b1:36:74:7c:fc:a6:00:e0:0a:42:5c:a1:b6:c9:
         cc:d2:ed:94:ef:9b:b5:04:8d:41:f9:f4:30:71:24:f7:89:22:
         09:90:d6:bc:fd:58:10:a2:65:b2:02:fb:9c:cc:f2:13:c4:6b:
         f7:34:c7:fc:f6:6b:02:bc:a6:b5:0c:c0:87:39:07:e1:7b:7b:
         68:27:49:a7:b3:b9:76:48:75:02:da:1a:a5:a8:4e:9e:64:d5:
         d4:17:31:44:e4:42:f3:20:50:58:28:ab:cf:0e:e8:73:72:e7:
         69:89:74:9d:09:97:e4:50:94:72:a9:d5:5d:93:2b:68:68:0c:
         ee:d3:6a:a6:c3:34:a0:6c:13:61:3e:ec:6c:32:27:2b:b4:30:
         07:71:c9:f3:c3:5c:ca:dd:c4:80:e3:8e:92:29:8a:2c:6f:74:
         31:62:b5:9b:76:e0:39:7f:99:92:67:99:dd:a7:53:ab:4f:36:
         3c:78:1f:4b:a2:d4:e2:d7:95:86:64:ea:3d:24:15:34:e9:90:
         76:af:4e:9d:04:11:32:76:15:5b:fb:5a:4c:e0:41:97:97:a0:
         be:a0:ee:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHlUr9ad5rPedP2C5rByBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUwOTA3MDMwMDM3WhcNMjUwOTA4MDMwMDM3WjAzMTEwLwYDVQQD
Eyg3ZTIxYjY4YzllZTNiZGEwNjYxN2RiNjgzMzcxOWY5OGQzNDg0OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo6Ke3Fx1tJu2bf61uzXPNqKA4ql
KDSZHBm34sv3QmexZ+pgPa5vdsqmc7sjPAgMNYMdIglSS0wtgeH2BLqGFWK0i1tc
7A2Pwp8aUO0nSDu+wwGPWCNLm1O/6iT8VfmG69gX2VC+cQROqHKRaNJS0QbGcsif
S1iop1iBKIZslNsdHgS1YdrRkUSj1z/uKf0fLg8awY5YKMlvD3HvE84dFq+STUBl
BnET7SSkxqyEs8CVrvQNSohjrnxXgcefozrIKoo4et1RHQCrsPYDGqsNQAF/X8bj
xyC+ApBACo6T1HzZL0iSqIZQkua3H6Am8Ekg4GbGrZVa68eEEdJmgA/i9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4htoye472gZhfbaDNxn5jTSEknMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEXGH//S
oI/c+N7CEIEf4uH3NVJnFm5tHOw4wPQd2WGutXoN5ju1EbE2dHz8pgDgCkJcobbJ
zNLtlO+btQSNQfn0MHEk94kiCZDWvP1YEKJlsgL7nMzyE8Rr9zTH/PZrArymtQzA
hzkH4Xt7aCdJp7O5dkh1AtoapahOnmTV1BcxRORC8yBQWCirzw7oc3LnaYl0nQmX
5FCUcqnVXZMraGgM7tNqpsM0oGwTYT7sbDInK7QwB3HJ88Ncyt3EgOOOkimKLG90
MWK1m3bgOX+ZkmeZ3adTq082PHgfS6LU4teVhmTqPSQVNOmQdq9OnQQRMnYVW/ta
TOBBl5egvqDuIw==
-----END CERTIFICATE-----