Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          InSIdqiaPIL6p27z8JXFUgVDxmsBqmB6AijsYIQPs8M=
Subject key identifier:   9F:45:C2:0B:DE:A1:30:3F:00:18:77:88:7C:3A:E6:5C:AF:17:A2:63
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0199239FBEF15BA8A8E45A05528DB96D5B6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          037E
Signing time:             Sun 07 Sep 2025 10:01:35 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:35 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:35 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: 75ihdiKUORK4UiT20uxIwzoFSDnmJe/K+eTwxKaJ+Cc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:be:f1:5b:a8:a8:e4:5a:05:52:8d:b9:6d:5b:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Sep  7 10:01:35 2025 GMT
            Not After : Sep  8 10:01:35 2025 GMT
        Subject: CN=9f45c20bdea1303f001877887c3ae65caf17a263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:df:f5:ef:39:72:98:e6:b2:67:a6:34:f1:9d:
                    44:8d:da:0c:2d:a2:98:14:6b:50:40:8f:07:58:dc:
                    f5:f9:b3:6e:61:9f:6e:0a:ca:fb:21:80:7a:84:6c:
                    cb:af:05:ba:5f:0a:4e:71:78:70:cb:e1:26:53:9b:
                    a9:ac:83:a7:48:49:2c:d1:0c:d6:54:bd:d8:5d:6c:
                    3c:41:f1:55:0c:e0:24:1d:69:c7:16:63:f7:eb:66:
                    1b:b5:83:a6:ad:59:26:d5:d8:e4:21:3a:03:1c:a1:
                    e2:7d:cf:67:50:17:94:b2:45:e5:54:8b:a1:22:49:
                    f1:6a:7e:fb:a3:9b:f5:bf:06:43:a2:21:56:b0:d0:
                    ed:1f:ac:60:d9:5c:c2:a0:a5:2f:4b:23:4a:ec:42:
                    34:65:5c:b8:18:1a:20:e0:08:33:a4:ba:cd:9b:96:
                    42:41:e4:85:d4:6b:7c:41:67:74:bb:05:bc:0b:77:
                    35:1e:e7:73:31:d1:33:62:b8:e4:5f:97:64:03:e1:
                    65:95:d2:c9:c6:bd:0d:aa:8b:36:a2:18:6d:c2:72:
                    29:d2:12:75:e2:4a:ea:c1:5c:a5:fe:a0:7b:ce:40:
                    00:a4:94:5a:bc:a8:65:9c:f9:38:48:2c:e8:e6:61:
                    45:d7:74:de:2d:0c:b5:c9:d0:38:24:ae:c5:ec:16:
                    7a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:45:C2:0B:DE:A1:30:3F:00:18:77:88:7C:3A:E6:5C:AF:17:A2:63
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:6c:59:34:15:e4:ec:66:46:f9:79:e7:ef:d9:e0:fb:95:0f:
         e2:41:5d:9e:7d:2c:b1:fe:cb:a4:cc:c3:88:a5:e6:84:8d:e2:
         46:07:07:5a:66:9d:8d:ea:05:2c:5f:2a:7a:25:73:2c:b4:9c:
         57:66:b6:06:6a:bd:a9:ee:0d:36:a9:d4:12:c8:b8:b7:79:b7:
         8a:97:04:cf:02:a3:3a:a4:dd:43:0c:57:42:71:ab:0c:24:b7:
         43:b7:86:bc:14:fe:14:26:06:23:a4:18:ea:ec:8e:3b:3f:b0:
         10:58:fc:e3:24:12:43:f9:d8:cb:8d:c5:ce:a1:8e:ae:22:2e:
         08:cb:d7:5d:c8:87:ab:36:1f:aa:42:71:cc:4e:71:da:74:94:
         02:12:02:52:74:c6:d7:1f:6d:e8:71:ab:9d:76:bb:b4:61:ce:
         bd:04:ef:e1:3b:a9:de:5c:75:8e:dc:fc:99:b8:ee:6a:29:7b:
         0f:26:8a:1e:d2:4f:08:be:cd:ae:cc:06:67:82:32:be:ad:b4:
         18:7e:3f:e8:3f:1c:5c:7a:08:e8:c6:0c:5f:e9:8e:5c:4c:cc:
         5f:0f:3f:61:a9:a3:be:bb:54:0f:e7:38:7f:d1:4f:ff:67:1f:
         2f:f0:d9:80:3e:31:4a:7c:72:5c:db:a8:e4:70:2f:46:72:c5:
         0c:00:4c:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn77xW6io5FoFUo25bVtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUwOTA3MTAwMTM1WhcNMjUwOTA4MTAwMTM1WjAzMTEwLwYDVQQD
Eyg5ZjQ1YzIwYmRlYTEzMDNmMDAxODc3ODg3YzNhZTY1Y2FmMTdhMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9/17zlymOayZ6Y08Z1EjdoMLaKY
FGtQQI8HWNz1+bNuYZ9uCsr7IYB6hGzLrwW6XwpOcXhwy+EmU5uprIOnSEks0QzW
VL3YXWw8QfFVDOAkHWnHFmP362YbtYOmrVkm1djkIToDHKHifc9nUBeUskXlVIuh
Iknxan77o5v1vwZDoiFWsNDtH6xg2VzCoKUvSyNK7EI0ZVy4GBog4AgzpLrNm5ZC
QeSF1Gt8QWd0uwW8C3c1HudzMdEzYrjkX5dkA+FlldLJxr0Nqos2ohhtwnIp0hJ1
4krqwVyl/qB7zkAApJRavKhlnPk4SCzo5mFF13TeLQy1ydA4JK7F7BZ6gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9FwgveoTA/ABh3iHw65lyvF6JjMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGxZNBXk
7GZG+Xnn79ng+5UP4kFdnn0ssf7LpMzDiKXmhI3iRgcHWmadjeoFLF8qeiVzLLSc
V2a2Bmq9qe4NNqnUEsi4t3m3ipcEzwKjOqTdQwxXQnGrDCS3Q7eGvBT+FCYGI6QY
6uyOOz+wEFj84yQSQ/nYy43FzqGOriIuCMvXXciHqzYfqkJxzE5x2nSUAhICUnTG
1x9t6HGrnXa7tGHOvQTv4Tup3lx1jtz8mbjuail7DyaKHtJPCL7NrswGZ4Iyvq20
GH4/6D8cXHoI6MYMX+mOXEzMXw8/YamjvrtUD+c4f9FP/2cfL/DZgD4xSnxyXNuo
5HAvRnLFDABMvw==
-----END CERTIFICATE-----