Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
File:                     INaBg9YBj1BMXm-uIo4bNQxvD-8.mft (raw, json)
Hash identifier:          SFc8ZJFEF0ed700IAyPzvvyYwv+yJjGhWZzCfoQk3iY=
Subject key identifier:   5F:9C:A4:EE:B4:CE:C7:49:95:9E:B8:16:AF:BF:E6:05:AF:4B:51:B1
Authority key identifier: 20:D6:81:83:D6:01:8F:50:4C:5E:6F:AE:22:8E:1B:35:0C:6F:0F:EF
Certificate issuer:       /CN=20d68183d6018f504c5e6fae228e1b350c6f0fef
Certificate serial:       0199172D0D2CABC5AFC56F1EE2AD61270546
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
Manifest number:          045F
Signing time:             Fri 05 Sep 2025 00:00:52 +0000
Manifest this update:     Fri 05 Sep 2025 00:00:52 +0000
Manifest next update:     Sat 06 Sep 2025 00:00:52 +0000
Files and hashes:         1: INaBg9YBj1BMXm-uIo4bNQxvD-8.crl (hash: mqmL/qdRcaVAlP7ZeOhAK99J3GzhCdLRsZpV7/YPTT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:2d:0d:2c:ab:c5:af:c5:6f:1e:e2:ad:61:27:05:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20d68183d6018f504c5e6fae228e1b350c6f0fef
        Validity
            Not Before: Sep  5 00:00:52 2025 GMT
            Not After : Sep  6 00:00:52 2025 GMT
        Subject: CN=5f9ca4eeb4cec749959eb816afbfe605af4b51b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:6a:ab:f9:ef:96:45:0b:ed:da:76:1e:b6:b9:
                    bb:0f:4b:98:6c:12:b3:d1:72:be:a7:57:1e:23:f9:
                    8a:af:4f:1d:ec:d0:5d:bc:c0:7f:40:c8:dc:83:ef:
                    c5:16:b2:96:d5:61:45:f0:76:eb:65:f5:36:ca:ea:
                    8f:3d:9a:99:68:8f:5f:b4:94:d6:44:a7:94:ee:05:
                    e0:11:f3:62:1a:17:79:14:01:72:7f:44:dc:66:0d:
                    8c:ab:e6:34:98:1b:1b:47:e5:45:5d:a3:92:bb:32:
                    c9:77:d4:5d:9e:16:ba:02:8f:97:7e:52:0e:19:de:
                    78:72:aa:0c:fe:b7:77:b3:ac:96:aa:de:4f:fe:42:
                    27:a2:6b:5d:40:63:19:6d:04:a8:e0:e1:4e:1c:2c:
                    8a:0b:92:c5:9e:65:31:3c:f0:38:24:8b:94:f3:e7:
                    90:5a:db:de:dd:48:25:11:ea:73:f2:63:23:90:7f:
                    e3:33:8c:de:a8:f9:2f:92:0c:a8:81:87:98:33:29:
                    5e:a9:43:d1:c4:9b:8d:d1:5b:d8:84:1d:d3:19:f3:
                    12:f6:a6:c3:c5:fa:58:bb:7a:ca:94:92:66:ad:de:
                    ee:05:1f:fa:c4:b9:d1:11:1b:99:c7:0a:72:66:3b:
                    45:d3:d7:1a:25:62:3f:db:67:c0:01:28:14:02:61:
                    6f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:9C:A4:EE:B4:CE:C7:49:95:9E:B8:16:AF:BF:E6:05:AF:4B:51:B1
            X509v3 Authority Key Identifier:
                keyid:20:D6:81:83:D6:01:8F:50:4C:5E:6F:AE:22:8E:1B:35:0C:6F:0F:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:32:3b:0c:19:3a:ce:5e:2e:00:e6:c8:46:0a:9c:14:75:67:
         a8:47:ec:f4:12:4d:09:51:17:a7:d2:b6:0b:b9:61:33:a0:82:
         9f:ed:43:6d:bf:ab:85:28:46:9d:20:eb:43:d2:a0:dd:5c:ba:
         11:16:bf:46:1a:a1:af:71:39:8a:f7:11:d6:b9:df:e4:d7:d9:
         3f:54:4f:f1:b1:86:8a:ef:98:ce:21:2e:55:b3:4a:ed:01:f3:
         74:e5:c7:10:7e:6a:4c:59:00:c1:90:e7:db:61:30:15:61:15:
         de:07:ee:ef:64:ad:65:23:7c:4c:b0:a5:38:a6:c3:a9:78:b0:
         60:13:42:6c:a6:10:2b:df:0d:42:34:11:2b:8d:1b:6e:8b:f5:
         69:a9:e4:26:48:58:4e:8b:ee:d5:02:44:02:b3:c6:ba:1d:2c:
         c6:66:f4:4a:7a:5c:87:26:45:4a:73:02:36:72:17:17:74:8a:
         99:e4:1e:cf:e1:5d:fa:5d:1a:c3:9c:f1:d6:ba:0c:9e:34:f0:
         f2:b9:39:77:71:04:bb:02:a2:50:83:54:e7:9c:06:16:90:64:
         6c:a0:61:c4:fe:dc:2a:d4:78:f4:ed:7e:f0:fe:1b:38:5e:e6:
         87:4c:70:49:f5:e3:c2:93:eb:6d:14:20:bb:1a:17:21:fa:1a:
         5f:c7:46:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLQ0sq8WvxW8e4q1hJwVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDY4MTgzZDYwMThmNTA0YzVlNmZhZTIyOGUxYjM1MGM2
ZjBmZWYwHhcNMjUwOTA1MDAwMDUyWhcNMjUwOTA2MDAwMDUyWjAzMTEwLwYDVQQD
Eyg1ZjljYTRlZWI0Y2VjNzQ5OTU5ZWI4MTZhZmJmZTYwNWFmNGI1MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymqr+e+WRQvt2nYetrm7D0uYbBKz
0XK+p1ceI/mKr08d7NBdvMB/QMjcg+/FFrKW1WFF8HbrZfU2yuqPPZqZaI9ftJTW
RKeU7gXgEfNiGhd5FAFyf0TcZg2Mq+Y0mBsbR+VFXaOSuzLJd9Rdnha6Ao+XflIO
Gd54cqoM/rd3s6yWqt5P/kInomtdQGMZbQSo4OFOHCyKC5LFnmUxPPA4JIuU8+eQ
Wtve3UglEepz8mMjkH/jM4zeqPkvkgyogYeYMyleqUPRxJuN0VvYhB3TGfMS9qbD
xfpYu3rKlJJmrd7uBR/6xLnRERuZxwpyZjtF09caJWI/22fAASgUAmFvzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+cpO60zsdJlZ64Fq+/5gWvS1GxMB8GA1UdIwQY
MBaAFCDWgYPWAY9QTF5vriKOGzUMbw/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82ZWZkOWMtNjRjMy00MmI2LTkyZmQt
YWI3ODgxYjBkZjJiLzEvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82ZWZkOWMtNjRjMy00MmI2LTkyZmQtYWI3ODgxYjBkZjJi
LzEvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDI7DBk6
zl4uAObIRgqcFHVnqEfs9BJNCVEXp9K2C7lhM6CCn+1Dbb+rhShGnSDrQ9Kg3Vy6
ERa/Rhqhr3E5ivcR1rnf5NfZP1RP8bGGiu+YziEuVbNK7QHzdOXHEH5qTFkAwZDn
22EwFWEV3gfu72StZSN8TLClOKbDqXiwYBNCbKYQK98NQjQRK40bbov1aankJkhY
Tovu1QJEArPGuh0sxmb0SnpchyZFSnMCNnIXF3SKmeQez+Fd+l0aw5zx1roMnjTw
8rk5d3EEuwKiUINU55wGFpBkbKBhxP7cKtR49O1+8P4bOF7mh0xwSfXjwpPrbRQg
uxoXIfoaX8dGlA==
-----END CERTIFICATE-----