Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          2VFRjNRtJhoGCu8tYoYuCRFaFMI9swroahQ+Acqm/sc=
Subject key identifier:   9C:47:B2:A9:54:B1:52:F5:5F:A4:D1:73:E1:35:BD:BA:08:81:35:ED
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       01992331330274A983C8CBDB1ED77BA1D257
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          042A
Signing time:             Sun 07 Sep 2025 08:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:50 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: 2dVS7LVjnPfJ+uH6f3GqTLjeaZY1hc9hZ+PnxZs3VBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:33:02:74:a9:83:c8:cb:db:1e:d7:7b:a1:d2:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Sep  7 08:00:50 2025 GMT
            Not After : Sep  8 08:00:50 2025 GMT
        Subject: CN=9c47b2a954b152f55fa4d173e135bdba088135ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d1:85:a6:1f:16:51:38:f1:53:3b:1f:36:1d:
                    f4:d3:37:39:ad:dc:e0:98:09:84:02:d5:34:89:bc:
                    88:90:98:85:65:e3:7a:03:61:57:2c:8a:e1:d3:76:
                    66:89:72:20:d7:e6:4c:a5:85:62:c5:dd:14:23:0e:
                    0f:66:98:d8:1e:9a:77:88:78:20:94:fe:93:09:66:
                    b6:06:46:c2:6d:ff:6c:50:f4:6f:7b:76:e6:79:18:
                    d0:84:e7:a4:0e:55:ed:74:44:75:5d:be:4d:62:14:
                    d9:1c:44:e5:50:10:d7:4f:33:4a:3a:aa:4d:03:01:
                    4d:77:55:28:af:0d:45:5e:84:b1:9f:0e:b3:d1:24:
                    92:63:08:6e:bd:b9:b6:b5:fb:a5:9d:bd:da:87:31:
                    ac:2b:2e:2b:e9:6c:c9:de:f7:d4:20:23:62:28:50:
                    d1:b7:97:be:e5:31:5f:77:a2:6f:a5:68:18:a8:0c:
                    e9:f6:1b:f2:ff:5f:80:6f:9c:5d:df:2f:15:20:63:
                    56:fe:ee:93:7e:87:b1:32:a6:52:e1:ac:5d:31:d3:
                    e0:6b:75:fd:a7:9a:77:a2:5d:2f:93:29:94:a2:3b:
                    de:8f:64:63:fc:b9:d9:93:62:c1:c9:a5:da:ea:e0:
                    df:ff:9f:dd:00:0c:58:95:5d:34:90:24:83:14:7a:
                    64:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:47:B2:A9:54:B1:52:F5:5F:A4:D1:73:E1:35:BD:BA:08:81:35:ED
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:65:0b:da:08:61:b9:e4:14:4f:37:c6:47:2a:b0:83:a7:0a:
         ef:58:c3:e1:4a:c6:f8:af:0f:56:d0:ed:0b:12:28:fe:35:b8:
         ed:eb:63:52:0b:c3:5e:0e:04:6b:d8:ab:1d:0b:3a:5f:10:e2:
         40:8e:83:a8:48:3a:f1:1d:09:36:80:13:fa:60:c2:d4:e6:5e:
         61:c3:c0:78:4d:73:7e:62:f1:5c:db:82:cf:90:1b:0f:0b:84:
         48:85:d1:0d:29:ae:a3:da:79:01:83:7a:9f:01:99:4e:9f:86:
         ea:36:f1:18:5a:6b:3b:40:bb:a0:ee:4e:cd:35:40:88:b9:c5:
         e7:30:29:3b:30:81:80:a8:c7:21:05:f1:5b:45:a6:a0:a7:e6:
         14:15:65:8c:f5:ff:18:d0:99:2a:0e:c7:9e:0a:3d:9b:9d:86:
         1a:07:0d:f5:7c:22:ad:b1:61:9f:f0:62:a1:fd:39:93:64:de:
         33:80:c1:f0:99:da:93:ad:8b:27:53:3b:60:27:77:60:2c:f5:
         3c:fc:ec:dd:57:b4:57:c0:5b:7d:2e:20:3d:9b:54:56:c3:4e:
         f9:35:70:2f:03:ee:17:fe:10:2c:ab:54:27:9f:45:4b:61:40:
         88:13:25:08:c7:00:5f:fd:a1:c2:5b:87:39:aa:f0:4d:7c:83:
         fd:a1:8f:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMTMCdKmDyMvbHtd7odJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjUwOTA3MDgwMDUwWhcNMjUwOTA4MDgwMDUwWjAzMTEwLwYDVQQD
Eyg5YzQ3YjJhOTU0YjE1MmY1NWZhNGQxNzNlMTM1YmRiYTA4ODEzNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdGFph8WUTjxUzsfNh300zc5rdzg
mAmEAtU0ibyIkJiFZeN6A2FXLIrh03ZmiXIg1+ZMpYVixd0UIw4PZpjYHpp3iHgg
lP6TCWa2BkbCbf9sUPRve3bmeRjQhOekDlXtdER1Xb5NYhTZHETlUBDXTzNKOqpN
AwFNd1Uorw1FXoSxnw6z0SSSYwhuvbm2tfulnb3ahzGsKy4r6WzJ3vfUICNiKFDR
t5e+5TFfd6JvpWgYqAzp9hvy/1+Ab5xd3y8VIGNW/u6TfoexMqZS4axdMdPga3X9
p5p3ol0vkymUojvej2Rj/LnZk2LByaXa6uDf/5/dAAxYlV00kCSDFHpk3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxHsqlUsVL1X6TRc+E1vboIgTXtMB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWUL2ghh
ueQUTzfGRyqwg6cK71jD4UrG+K8PVtDtCxIo/jW47etjUgvDXg4Ea9irHQs6XxDi
QI6DqEg68R0JNoAT+mDC1OZeYcPAeE1zfmLxXNuCz5AbDwuESIXRDSmuo9p5AYN6
nwGZTp+G6jbxGFprO0C7oO5OzTVAiLnF5zApOzCBgKjHIQXxW0WmoKfmFBVljPX/
GNCZKg7Hngo9m52GGgcN9XwirbFhn/Biof05k2TeM4DB8Jnak62LJ1M7YCd3YCz1
PPzs3Ve0V8BbfS4gPZtUVsNO+TVwLwPuF/4QLKtUJ59FS2FAiBMlCMcAX/2hwluH
OarwTXyD/aGPRQ==
-----END CERTIFICATE-----