Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          Ep+e0yGzcsmfP5kYKj3YbuHityhdB/7kUbhOD+BL5H0=
Subject key identifier:   F3:9A:3A:8E:D2:62:9A:0D:62:08:E2:5E:61:D2:32:CA:26:81:9F:AC
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019922C36713804E9547B1CA2DF881DE9632
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          069E
Signing time:             Sun 07 Sep 2025 06:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:55 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: wTio8b/wypGDSxTdjeBGMhT2+L+eW4UgYEpjryW+Bvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:67:13:80:4e:95:47:b1:ca:2d:f8:81:de:96:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Sep  7 06:00:55 2025 GMT
            Not After : Sep  8 06:00:55 2025 GMT
        Subject: CN=f39a3a8ed2629a0d6208e25e61d232ca26819fac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:89:b0:41:a3:46:95:a9:9a:eb:87:13:83:ed:
                    65:57:c5:f6:46:50:28:47:3e:b8:72:db:fc:59:db:
                    a2:fc:ef:c1:88:a8:04:9f:f1:5b:7b:63:c2:58:8b:
                    78:14:a9:4f:94:7f:88:dd:e7:1b:4a:98:09:62:d4:
                    2e:eb:a8:8d:b2:f6:ee:a7:fe:e4:47:3a:e4:ac:02:
                    04:88:5f:da:9b:dc:c3:98:e2:78:0f:bb:8e:2f:43:
                    ae:5b:22:a1:8e:06:95:07:1e:13:f0:b3:9c:0b:3b:
                    8d:79:7a:80:76:45:fd:dc:5f:da:f2:63:cb:79:7b:
                    2c:d7:35:d9:63:31:57:48:7e:25:d2:19:a1:52:43:
                    b1:f5:1f:5c:90:3d:a5:d8:de:c4:52:9e:03:11:d7:
                    46:65:98:6c:33:f0:9e:4e:b2:0f:71:08:c3:10:dd:
                    f5:ef:e9:d9:4e:20:de:4a:07:c8:19:5e:d8:2b:33:
                    5e:7e:12:5d:f0:e5:e6:b1:38:77:53:b4:b3:c9:23:
                    c9:45:d5:1c:cf:11:ab:d6:0a:49:a5:4a:fe:f9:bc:
                    30:a7:82:7e:ea:18:d7:15:64:e2:bd:1c:5b:a1:a6:
                    6c:24:2a:9f:a0:58:df:d5:81:5b:aa:82:c1:9b:15:
                    a7:d8:bd:10:42:f6:6a:fe:42:ed:f8:df:dc:4e:21:
                    1e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:9A:3A:8E:D2:62:9A:0D:62:08:E2:5E:61:D2:32:CA:26:81:9F:AC
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:6e:86:29:dd:42:48:95:5c:b8:a9:ce:bf:1f:b8:7e:7f:90:
         1d:1d:64:27:46:ce:c3:6e:39:0c:fb:57:6d:2a:98:19:e6:ea:
         34:16:d3:89:a2:45:d0:a6:7e:9c:bf:f2:81:7c:79:80:0c:b7:
         b5:60:11:ea:a8:01:46:55:42:53:a6:b9:a7:3c:be:16:7d:5c:
         22:0f:78:e4:20:f8:b1:27:51:0a:89:b3:56:d1:0d:e1:54:4f:
         29:27:76:b7:4a:6b:38:2d:00:6a:c8:4c:b2:94:94:2d:60:ba:
         10:04:03:e3:8a:d1:be:eb:06:86:fb:f2:91:41:35:08:bd:0b:
         a5:1f:ae:c9:bf:74:aa:7f:98:ce:5d:e7:50:c3:dd:e3:77:45:
         55:af:4c:4a:07:d4:5a:11:54:cb:a4:76:9a:54:1b:93:1f:59:
         c1:76:a6:bc:fe:6f:8a:f4:07:b6:c1:ae:72:d7:a9:ff:61:da:
         1c:a0:32:5c:d8:6e:0a:db:a3:eb:88:68:a0:99:c9:b5:b1:b5:
         7a:07:6a:3c:c5:c6:8a:30:9b:4e:1e:6f:62:da:f4:3a:13:b3:
         d4:28:4f:a0:ed:99:1e:3b:e2:ac:21:20:f7:33:4e:b6:33:ef:
         65:fa:67:74:4b:1b:8d:8f:de:9b:4f:70:65:90:4d:21:0a:0d:
         e5:47:e9:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw2cTgE6VR7HKLfiB3pYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwOTA3MDYwMDU1WhcNMjUwOTA4MDYwMDU1WjAzMTEwLwYDVQQD
EyhmMzlhM2E4ZWQyNjI5YTBkNjIwOGUyNWU2MWQyMzJjYTI2ODE5ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3omwQaNGlama64cTg+1lV8X2RlAo
Rz64ctv8Wdui/O/BiKgEn/Fbe2PCWIt4FKlPlH+I3ecbSpgJYtQu66iNsvbup/7k
RzrkrAIEiF/am9zDmOJ4D7uOL0OuWyKhjgaVBx4T8LOcCzuNeXqAdkX93F/a8mPL
eXss1zXZYzFXSH4l0hmhUkOx9R9ckD2l2N7EUp4DEddGZZhsM/CeTrIPcQjDEN31
7+nZTiDeSgfIGV7YKzNefhJd8OXmsTh3U7SzySPJRdUczxGr1gpJpUr++bwwp4J+
6hjXFWTivRxboaZsJCqfoFjf1YFbqoLBmxWn2L0QQvZq/kLt+N/cTiEe9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOaOo7SYpoNYgjiXmHSMsomgZ+sMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUm6GKd1C
SJVcuKnOvx+4fn+QHR1kJ0bOw245DPtXbSqYGebqNBbTiaJF0KZ+nL/ygXx5gAy3
tWAR6qgBRlVCU6a5pzy+Fn1cIg945CD4sSdRComzVtEN4VRPKSd2t0prOC0AashM
spSULWC6EAQD44rRvusGhvvykUE1CL0LpR+uyb90qn+Yzl3nUMPd43dFVa9MSgfU
WhFUy6R2mlQbkx9ZwXamvP5vivQHtsGuctep/2HaHKAyXNhuCtuj64hooJnJtbG1
egdqPMXGijCbTh5vYtr0OhOz1ChPoO2ZHjvirCEg9zNOtjPvZfpndEsbjY/em09w
ZZBNIQoN5UfpQA==
-----END CERTIFICATE-----