Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          gTTo1s9IjrDLywDkEH/WjmXGByOKrr3tLC4wkcZfv/s=
Subject key identifier:   DE:8A:D5:A3:20:24:17:0F:2B:D1:FB:63:85:76:F9:59:FE:86:D1:52
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       0199239F6B9F3732874C63458379560C9E9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          1259
Signing time:             Sun 07 Sep 2025 10:01:14 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:14 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:14 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: sNMpiJeiJR5TRmdPWnC1rlyQhfTgJYW/U1fQeo0zWRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:6b:9f:37:32:87:4c:63:45:83:79:56:0c:9e:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Sep  7 10:01:14 2025 GMT
            Not After : Sep  8 10:01:14 2025 GMT
        Subject: CN=de8ad5a32024170f2bd1fb638576f959fe86d152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:98:9a:f4:f9:13:d5:11:ec:c0:0f:78:12:73:
                    75:0e:49:b8:ce:52:f9:53:d5:e3:0d:a9:7a:f6:a0:
                    92:9d:da:fa:18:6c:5c:a5:60:8b:17:e2:15:d9:75:
                    ae:7e:3b:b5:79:06:a0:0a:d1:a6:dd:84:b3:58:cc:
                    3c:ff:a9:27:a3:46:38:d9:48:bb:c8:fe:d6:6f:cc:
                    b9:56:e8:82:d5:b4:cc:b8:df:96:65:91:f9:b2:f6:
                    30:f3:bf:76:51:01:a8:88:25:a6:b4:2b:8f:64:14:
                    c8:12:93:62:4f:ce:08:73:c1:68:e1:03:5c:48:96:
                    78:55:2f:40:84:af:c1:49:d1:12:57:2a:cb:65:f1:
                    75:6e:5f:0b:45:35:0b:ea:41:f6:77:c0:4f:15:dc:
                    3a:b3:7c:98:79:36:0a:b5:c2:67:cc:19:f6:4f:c1:
                    46:34:24:81:f4:71:9f:06:fb:cb:3e:5a:c2:0d:22:
                    8d:dc:9a:d3:64:a3:95:bc:39:b1:9a:65:f9:d0:3c:
                    7f:3a:e4:e9:af:b7:32:23:84:7d:2d:3d:5b:f8:52:
                    4e:14:45:a9:f9:87:de:09:ab:33:82:9e:95:a2:36:
                    ce:fb:67:4c:ce:b4:a6:44:72:c1:c9:90:da:84:e4:
                    ab:63:d1:21:4a:04:90:44:a8:13:f9:0b:35:92:40:
                    db:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:8A:D5:A3:20:24:17:0F:2B:D1:FB:63:85:76:F9:59:FE:86:D1:52
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:6a:6d:7a:3c:ad:67:b6:8c:da:82:71:a5:0b:1b:97:94:3f:
         92:7b:fc:e1:df:49:74:59:ce:7e:50:26:cd:b6:8e:5b:59:b7:
         0e:74:d4:19:4a:41:78:82:32:e5:82:a4:72:d5:6f:3f:8c:d0:
         52:54:51:8d:76:72:20:15:0d:92:44:ea:6f:f7:3e:5e:d7:8e:
         13:22:9a:0a:f6:51:07:19:7d:ef:55:e0:12:3f:e3:97:62:94:
         0e:85:65:e3:f6:90:88:52:45:a1:36:be:89:09:d5:c9:62:5a:
         95:ee:54:06:1b:3e:fa:ad:f9:04:b2:87:e2:a0:88:ad:fb:58:
         43:a0:24:03:c9:38:bf:92:3a:7e:6d:36:0a:e6:c3:9f:b6:ab:
         1e:f2:d8:2e:60:de:a6:c6:00:15:71:98:be:2f:5d:56:2f:55:
         9a:ac:a1:0c:b1:d9:8e:15:ab:e1:6c:f0:85:0a:91:5b:56:81:
         57:5c:c8:f4:b4:72:e5:da:6f:d0:55:c7:ac:1a:c0:15:44:70:
         54:91:24:1e:d8:7c:c0:46:f0:e9:4a:ed:8e:e4:d7:63:45:0a:
         1e:f6:1c:b7:09:d8:bd:9a:df:7c:f0:83:e2:81:55:00:a4:f3:
         0d:c9:c9:41:6c:7f:ee:99:32:bd:27:45:0c:d9:37:b6:fd:9f:
         b5:05:7d:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn2ufNzKHTGNFg3lWDJ6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjUwOTA3MTAwMTE0WhcNMjUwOTA4MTAwMTE0WjAzMTEwLwYDVQQD
EyhkZThhZDVhMzIwMjQxNzBmMmJkMWZiNjM4NTc2Zjk1OWZlODZkMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZia9PkT1RHswA94EnN1Dkm4zlL5
U9XjDal69qCSndr6GGxcpWCLF+IV2XWufju1eQagCtGm3YSzWMw8/6kno0Y42Ui7
yP7Wb8y5VuiC1bTMuN+WZZH5svYw8792UQGoiCWmtCuPZBTIEpNiT84Ic8Fo4QNc
SJZ4VS9AhK/BSdESVyrLZfF1bl8LRTUL6kH2d8BPFdw6s3yYeTYKtcJnzBn2T8FG
NCSB9HGfBvvLPlrCDSKN3JrTZKOVvDmxmmX50Dx/OuTpr7cyI4R9LT1b+FJOFEWp
+YfeCaszgp6VojbO+2dMzrSmRHLByZDahOSrY9EhSgSQRKgT+Qs1kkDbkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6K1aMgJBcPK9H7Y4V2+Vn+htFSMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWptejyt
Z7aM2oJxpQsbl5Q/knv84d9JdFnOflAmzbaOW1m3DnTUGUpBeIIy5YKkctVvP4zQ
UlRRjXZyIBUNkkTqb/c+XteOEyKaCvZRBxl971XgEj/jl2KUDoVl4/aQiFJFoTa+
iQnVyWJale5UBhs++q35BLKH4qCIrftYQ6AkA8k4v5I6fm02CubDn7arHvLYLmDe
psYAFXGYvi9dVi9VmqyhDLHZjhWr4WzwhQqRW1aBV1zI9LRy5dpv0FXHrBrAFURw
VJEkHth8wEbw6UrtjuTXY0UKHvYctwnYvZrffPCD4oFVAKTzDcnJQWx/7pkyvSdF
DNk3tv2ftQV9Kw==
-----END CERTIFICATE-----