Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          j9/7G/XVThbjwTC6cXYCbtEdXKchxK9tPT+KmcFYD3c=
Subject key identifier:   55:44:1E:5A:A3:7E:EF:8E:66:A0:29:F9:60:4B:8A:49:C2:27:BB:A9
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       0199228C5E516DB74D689294819D9ED8D4D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0D40
Signing time:             Sun 07 Sep 2025 05:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:48 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: PLHwaglDrVZNvlRxhAOCmpRAMxTyGSvvYh4SdwXaV4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:5e:51:6d:b7:4d:68:92:94:81:9d:9e:d8:d4:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Sep  7 05:00:48 2025 GMT
            Not After : Sep  8 05:00:48 2025 GMT
        Subject: CN=55441e5aa37eef8e66a029f9604b8a49c227bba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:51:6f:a0:ba:af:d9:7b:0d:bb:41:18:58:97:
                    c2:3b:8c:24:de:1a:ed:bb:4a:9f:89:5e:4c:5b:da:
                    73:b9:7a:cc:cc:dc:e7:fc:26:cb:6c:ba:ea:fb:8d:
                    e1:e8:a8:ae:f3:e6:c4:8c:44:c2:e8:1f:b4:67:ad:
                    99:3c:f9:01:1b:8d:cf:2e:c8:04:c6:ae:de:65:56:
                    1f:19:3e:ae:70:62:74:32:f0:eb:09:02:31:ff:31:
                    86:1c:fb:a4:15:82:cb:14:3c:f8:82:71:26:11:a4:
                    26:95:5e:b9:13:dd:26:02:68:df:cb:b1:06:a0:8a:
                    67:a9:7d:f2:c2:3c:8f:90:26:51:d8:23:a3:7d:b5:
                    94:aa:c6:c6:aa:2d:7e:84:84:66:30:3c:53:57:82:
                    88:06:ca:8f:0b:e1:8f:06:99:87:55:67:cc:19:35:
                    bc:d2:f0:0c:6e:cb:1a:1d:cd:e8:24:00:1d:f6:7a:
                    96:0b:80:f9:e1:5d:65:5f:08:2c:98:76:f3:4e:b4:
                    bd:a3:1b:b6:5d:e7:00:13:52:a0:90:47:5d:30:49:
                    42:13:87:86:99:13:9d:2d:90:64:bc:74:70:d6:a2:
                    a4:b0:93:e2:15:56:a9:34:85:6f:e0:02:c8:ce:5a:
                    30:1f:b2:04:36:7f:cf:48:8a:02:44:a3:a2:a4:5f:
                    54:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:44:1E:5A:A3:7E:EF:8E:66:A0:29:F9:60:4B:8A:49:C2:27:BB:A9
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:e0:ba:62:f4:fa:da:3a:15:4d:c7:de:a9:da:19:da:47:02:
         01:f6:67:73:4d:d2:12:60:0d:4d:46:5c:5a:f8:55:03:50:f9:
         f3:70:bc:60:4a:3f:95:c0:b0:7e:75:d7:7d:4c:78:18:33:11:
         25:e8:f6:0f:f1:da:31:fa:c9:eb:0f:ef:6f:78:dd:a6:8c:be:
         5c:90:2c:83:a6:a7:0e:87:8d:81:66:0b:9e:e0:0f:2a:c4:d2:
         79:6d:0d:58:f5:b7:c2:dc:1b:89:40:92:9e:12:7d:e8:8a:8a:
         52:32:d2:a5:39:32:f8:7b:85:43:df:15:eb:29:3b:c4:92:df:
         3d:cb:81:5c:40:89:45:36:25:55:e9:d1:7a:3e:ab:9c:be:e4:
         fc:c9:2b:2c:13:6c:20:85:96:52:fa:a3:a3:45:17:ed:18:aa:
         8a:21:eb:46:93:64:77:43:8a:7a:1f:be:65:34:40:79:55:e1:
         69:89:b4:b5:33:11:27:d4:e6:03:5b:d7:67:95:18:66:c2:ec:
         92:67:6a:85:27:66:93:16:b9:00:df:22:dd:94:27:60:ee:14:
         5b:20:4f:11:4f:ad:95:af:e6:55:7b:65:36:ae:b1:64:f7:70:
         ea:32:03:35:70:10:32:46:58:b2:fc:95:e5:54:43:b6:dd:ad:
         77:20:1a:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijF5RbbdNaJKUgZ2e2NTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwOTA3MDUwMDQ4WhcNMjUwOTA4MDUwMDQ4WjAzMTEwLwYDVQQD
Eyg1NTQ0MWU1YWEzN2VlZjhlNjZhMDI5Zjk2MDRiOGE0OWMyMjdiYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFFvoLqv2XsNu0EYWJfCO4wk3hrt
u0qfiV5MW9pzuXrMzNzn/CbLbLrq+43h6Kiu8+bEjETC6B+0Z62ZPPkBG43PLsgE
xq7eZVYfGT6ucGJ0MvDrCQIx/zGGHPukFYLLFDz4gnEmEaQmlV65E90mAmjfy7EG
oIpnqX3ywjyPkCZR2COjfbWUqsbGqi1+hIRmMDxTV4KIBsqPC+GPBpmHVWfMGTW8
0vAMbssaHc3oJAAd9nqWC4D54V1lXwgsmHbzTrS9oxu2XecAE1KgkEddMElCE4eG
mROdLZBkvHRw1qKksJPiFVapNIVv4ALIzlowH7IENn/PSIoCRKOipF9U9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVEHlqjfu+OZqAp+WBLiknCJ7upMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANOC6YvT6
2joVTcfeqdoZ2kcCAfZnc03SEmANTUZcWvhVA1D583C8YEo/lcCwfnXXfUx4GDMR
Jej2D/HaMfrJ6w/vb3jdpoy+XJAsg6anDoeNgWYLnuAPKsTSeW0NWPW3wtwbiUCS
nhJ96IqKUjLSpTky+HuFQ98V6yk7xJLfPcuBXECJRTYlVenRej6rnL7k/MkrLBNs
IIWWUvqjo0UX7RiqiiHrRpNkd0OKeh++ZTRAeVXhaYm0tTMRJ9TmA1vXZ5UYZsLs
kmdqhSdmkxa5AN8i3ZQnYO4UWyBPEU+tla/mVXtlNq6xZPdw6jIDNXAQMkZYsvyV
5VRDtt2tdyAaDA==
-----END CERTIFICATE-----