Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          2PsPxV1LOKWH9LbZZMfwLFWpTWNLppt4N88p/VhcyQ8=
Subject key identifier:   EC:91:D0:A4:76:C3:A7:4D:59:00:92:9B:9C:FC:A0:32:06:88:5E:74
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       019922C357ED03856F1722EC638F5A40EAAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0C20
Signing time:             Sun 07 Sep 2025 06:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:51 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: ih7THafUqqQ8k/4Y9F+MQwYEJVMlhCz04hJWRNmWhaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:57:ed:03:85:6f:17:22:ec:63:8f:5a:40:ea:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Sep  7 06:00:51 2025 GMT
            Not After : Sep  8 06:00:51 2025 GMT
        Subject: CN=ec91d0a476c3a74d5900929b9cfca03206885e74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8c:98:ca:2a:3a:cc:98:bf:83:cd:68:c4:40:
                    ec:fa:0d:d7:71:8e:b5:be:4f:67:94:c0:ae:ef:a6:
                    0d:1c:31:cf:92:1e:3e:d8:54:fe:b0:f4:6c:39:f4:
                    29:c6:e1:78:ec:4f:77:f5:e2:63:74:93:d3:9d:9b:
                    4c:9a:ee:8f:5d:74:f3:45:bf:46:6a:7b:df:ab:7b:
                    b8:5b:69:35:ea:af:bd:f9:32:ce:0a:e4:b4:bf:e3:
                    07:ab:54:d6:be:0c:60:9f:91:c5:6e:96:3b:c0:e9:
                    97:1c:6f:d4:f3:fa:3e:46:aa:e1:ec:1a:a0:52:5d:
                    f1:e4:30:8c:df:54:ff:a8:76:61:d0:04:ed:90:b8:
                    51:09:e5:ed:a2:99:3b:fc:13:ce:33:41:30:0b:27:
                    c5:01:91:8e:ef:3f:b0:81:57:ca:22:72:b7:03:dc:
                    88:b7:c9:a9:0c:2e:33:32:28:86:21:49:bd:38:00:
                    da:8a:ac:97:f9:e8:a0:a1:32:14:13:4c:86:08:48:
                    8c:2c:49:9f:00:8d:36:fe:c2:79:a3:74:72:01:e6:
                    58:ba:af:f3:ff:83:08:92:e2:b6:f7:96:76:17:bc:
                    9c:45:a6:5c:3a:11:0f:5b:39:94:b8:23:a7:0e:19:
                    b3:c0:15:9d:c0:7b:0c:6a:82:ad:a6:28:4b:7c:74:
                    20:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:91:D0:A4:76:C3:A7:4D:59:00:92:9B:9C:FC:A0:32:06:88:5E:74
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:bd:83:2b:2e:69:e3:29:d9:14:6c:cf:a8:e7:d4:90:c8:7f:
         87:02:65:23:bc:99:9e:23:a1:b6:92:8f:5c:06:92:16:79:96:
         e1:21:cb:c4:18:10:7d:1f:63:e3:6c:5d:50:a3:43:2d:00:52:
         5a:20:d8:fb:84:84:bb:69:26:d4:0f:d4:9d:52:9d:83:f4:e0:
         19:5e:a3:09:24:0d:a2:68:22:74:83:69:b5:58:0e:be:60:57:
         62:6d:54:8c:7c:f6:2e:07:e7:c7:2a:38:65:56:c1:b9:d8:54:
         45:c8:4c:f5:36:67:e5:63:ac:19:74:0c:15:41:86:a0:fa:50:
         12:a2:a9:f6:e4:4e:4d:4f:78:45:b7:e4:48:c8:c9:71:70:5d:
         69:1f:4d:00:75:48:58:c7:f3:d1:5e:ae:64:87:43:31:60:99:
         52:5a:b2:0d:61:f9:dc:c5:ed:9c:d7:a1:2b:ac:97:5f:77:d9:
         6e:59:b3:4f:60:d8:fc:7e:de:05:6b:2e:8b:21:1e:2b:b9:92:
         75:10:0a:e9:b1:86:8a:94:ae:ab:be:19:ce:a6:0a:92:e8:2e:
         26:39:0a:5c:89:9c:34:73:86:80:ec:dd:d9:17:48:63:85:53:
         ea:80:49:eb:d2:24:b5:9a:0e:ef:3c:37:80:11:37:58:8e:9a:
         15:30:cd:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw1ftA4VvFyLsY49aQOqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjUwOTA3MDYwMDUxWhcNMjUwOTA4MDYwMDUxWjAzMTEwLwYDVQQD
EyhlYzkxZDBhNDc2YzNhNzRkNTkwMDkyOWI5Y2ZjYTAzMjA2ODg1ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IyYyio6zJi/g81oxEDs+g3XcY61
vk9nlMCu76YNHDHPkh4+2FT+sPRsOfQpxuF47E939eJjdJPTnZtMmu6PXXTzRb9G
anvfq3u4W2k16q+9+TLOCuS0v+MHq1TWvgxgn5HFbpY7wOmXHG/U8/o+Rqrh7Bqg
Ul3x5DCM31T/qHZh0ATtkLhRCeXtopk7/BPOM0EwCyfFAZGO7z+wgVfKInK3A9yI
t8mpDC4zMiiGIUm9OADaiqyX+eigoTIUE0yGCEiMLEmfAI02/sJ5o3RyAeZYuq/z
/4MIkuK295Z2F7ycRaZcOhEPWzmUuCOnDhmzwBWdwHsMaoKtpihLfHQgjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyR0KR2w6dNWQCSm5z8oDIGiF50MB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeb2DKy5p
4ynZFGzPqOfUkMh/hwJlI7yZniOhtpKPXAaSFnmW4SHLxBgQfR9j42xdUKNDLQBS
WiDY+4SEu2km1A/UnVKdg/TgGV6jCSQNomgidINptVgOvmBXYm1UjHz2Lgfnxyo4
ZVbBudhURchM9TZn5WOsGXQMFUGGoPpQEqKp9uROTU94RbfkSMjJcXBdaR9NAHVI
WMfz0V6uZIdDMWCZUlqyDWH53MXtnNehK6yXX3fZblmzT2DY/H7eBWsuiyEeK7mS
dRAK6bGGipSuq74ZzqYKkuguJjkKXImcNHOGgOzd2RdIY4VT6oBJ69IktZoO7zw3
gBE3WI6aFTDNjg==
-----END CERTIFICATE-----