Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          PV9aVih9/MGEFeWn1zt8qXp8BJlZ8N2tlNTYJk1OofQ=
Subject key identifier:   4C:C5:15:6E:A8:BB:7D:F6:7C:B7:B7:F3:68:A1:00:9E:6D:6B:7B:45
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       01991764A08023A80B3F0487396BEE8EB68F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          1491
Signing time:             Fri 05 Sep 2025 01:01:34 +0000
Manifest this update:     Fri 05 Sep 2025 01:01:34 +0000
Manifest next update:     Sat 06 Sep 2025 01:01:34 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: VSRe4e520yVynErx8fdKZZSgcY0TLWq5ERdsv7boE9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:64:a0:80:23:a8:0b:3f:04:87:39:6b:ee:8e:b6:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Sep  5 01:01:34 2025 GMT
            Not After : Sep  6 01:01:34 2025 GMT
        Subject: CN=4cc5156ea8bb7df67cb7b7f368a1009e6d6b7b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:a4:cf:d4:5d:0d:9a:fa:ad:81:b7:08:00:b5:
                    02:65:b3:69:c5:34:39:cb:ea:64:51:3d:96:b2:13:
                    67:76:e6:e8:7a:a0:6d:1e:8c:ad:99:49:c3:a8:66:
                    73:50:40:da:7b:ca:22:60:4c:78:3d:0e:ec:06:e2:
                    e6:2a:0b:7b:f6:c5:f8:09:4b:da:51:e6:0a:9b:64:
                    bf:e0:e9:c9:bc:21:e9:ca:b0:75:bc:f0:ca:a3:64:
                    b9:2a:3c:d6:cb:2c:4e:5b:17:6a:bd:23:46:9b:9d:
                    70:68:67:b9:13:c1:9f:c7:e4:17:ad:d7:d5:38:73:
                    74:96:d7:fd:af:0a:0a:bd:ac:d2:04:dc:fd:97:b3:
                    ed:d9:4c:01:8f:da:c0:23:85:91:08:a9:f0:02:96:
                    f6:fd:f5:30:99:3c:0d:96:68:a7:3c:3b:d0:dd:4d:
                    13:63:67:75:9b:fc:3e:fd:bc:98:a8:6d:9b:3e:67:
                    e3:a9:70:55:d7:48:06:e8:65:39:af:d7:d0:04:cb:
                    01:18:db:7d:a0:9f:c1:68:7d:de:57:67:95:80:81:
                    05:ef:c5:f7:f2:4d:dc:d2:4a:4a:e0:d0:d5:f4:e6:
                    a3:10:ba:b0:fc:0f:55:6c:08:7c:23:dc:28:72:22:
                    aa:36:b7:83:f2:df:95:95:13:df:a5:cb:7b:f9:2e:
                    5d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:C5:15:6E:A8:BB:7D:F6:7C:B7:B7:F3:68:A1:00:9E:6D:6B:7B:45
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:fc:31:5c:7a:ae:eb:40:bd:45:94:2d:6d:9a:11:68:7f:9d:
         51:48:f7:a7:2e:90:af:72:bf:03:d5:5a:c9:d1:0e:52:5e:9e:
         a7:42:b5:c2:66:af:d5:ea:6d:34:96:aa:f5:05:34:68:cb:b7:
         ac:0f:97:68:14:5b:a0:a5:9d:e3:6b:11:2c:58:c1:36:f2:49:
         6f:cb:4a:33:9f:20:d7:d8:9e:07:4a:dd:b9:cd:79:c8:e8:7f:
         e8:23:eb:46:45:69:ba:67:3e:12:18:31:4d:4d:42:55:c1:64:
         30:91:be:bd:8a:fe:9b:cd:9d:f3:3b:95:68:98:5b:ab:f6:aa:
         64:c4:1e:b8:5c:ad:56:fb:05:2b:c2:86:2a:f5:79:75:a3:e4:
         94:09:b8:e0:6c:ec:30:57:8f:95:be:07:da:5e:15:81:e8:38:
         55:b0:5d:a9:df:0a:af:cf:d4:5b:56:ac:1b:ee:2a:32:60:07:
         c2:e0:06:42:00:66:27:86:fd:7a:95:1c:93:c3:11:ea:86:22:
         db:2b:8b:d4:37:7c:3e:00:ef:36:9e:62:45:58:16:9f:32:a1:
         a4:48:4b:14:64:80:88:96:f8:69:ce:a9:cc:c9:3a:f1:56:0c:
         9b:11:85:a2:cf:4b:c0:bb:4c:c9:de:21:3a:4c:ef:06:c7:07:
         c8:79:83:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXZKCAI6gLPwSHOWvujraPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwOTA1MDEwMTM0WhcNMjUwOTA2MDEwMTM0WjAzMTEwLwYDVQQD
Eyg0Y2M1MTU2ZWE4YmI3ZGY2N2NiN2I3ZjM2OGExMDA5ZTZkNmI3YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KTP1F0NmvqtgbcIALUCZbNpxTQ5
y+pkUT2WshNnduboeqBtHoytmUnDqGZzUEDae8oiYEx4PQ7sBuLmKgt79sX4CUva
UeYKm2S/4OnJvCHpyrB1vPDKo2S5KjzWyyxOWxdqvSNGm51waGe5E8Gfx+QXrdfV
OHN0ltf9rwoKvazSBNz9l7Pt2UwBj9rAI4WRCKnwApb2/fUwmTwNlminPDvQ3U0T
Y2d1m/w+/byYqG2bPmfjqXBV10gG6GU5r9fQBMsBGNt9oJ/BaH3eV2eVgIEF78X3
8k3c0kpK4NDV9OajELqw/A9VbAh8I9wociKqNreD8t+VlRPfpct7+S5dKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzFFW6ou332fLe382ihAJ5ta3tFMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/wxXHqu
60C9RZQtbZoRaH+dUUj3py6Qr3K/A9VaydEOUl6ep0K1wmav1eptNJaq9QU0aMu3
rA+XaBRboKWd42sRLFjBNvJJb8tKM58g19ieB0rduc15yOh/6CPrRkVpumc+Ehgx
TU1CVcFkMJG+vYr+m82d8zuVaJhbq/aqZMQeuFytVvsFK8KGKvV5daPklAm44Gzs
MFePlb4H2l4Vgeg4VbBdqd8Kr8/UW1asG+4qMmAHwuAGQgBmJ4b9epUck8MR6oYi
2yuL1Dd8PgDvNp5iRVgWnzKhpEhLFGSAiJb4ac6pzMk68VYMmxGFos9LwLtMyd4h
OkzvBscHyHmDVw==
-----END CERTIFICATE-----