Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
File:                     D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft (raw, json)
Hash identifier:          UVWdh9+dzFbU3/WdZJUQFjjiIYoZWHneaVWCvUOB3hs=
Subject key identifier:   68:31:6B:F7:A7:BD:F3:60:F7:90:C6:05:04:2A:63:12:7E:2B:CC:92
Authority key identifier: 0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77
Certificate issuer:       /CN=0f79760520b7c15c2e4260308272b849f88ed677
Certificate serial:       0199240DA06CAECB27B86847EAE23E072867
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
Manifest number:          1671
Signing time:             Sun 07 Sep 2025 12:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:36 +0000
Files and hashes:         1: D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl (hash: uR23Yy35tLyp1ECjSKCUc5jOJvPjvSXT7XzJTnsxPeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:a0:6c:ae:cb:27:b8:68:47:ea:e2:3e:07:28:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f79760520b7c15c2e4260308272b849f88ed677
        Validity
            Not Before: Sep  7 12:01:36 2025 GMT
            Not After : Sep  8 12:01:36 2025 GMT
        Subject: CN=68316bf7a7bdf360f790c605042a63127e2bcc92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9c:c9:ff:1f:b6:dd:7e:08:ee:b8:23:37:b0:
                    2a:a8:41:98:a6:91:4b:f4:57:87:21:93:0a:fc:25:
                    f8:98:6f:25:11:c6:75:bd:67:6e:65:a2:f3:f4:dc:
                    17:3c:7d:df:8a:84:98:e4:3e:c2:a9:24:e8:a3:4b:
                    93:14:2e:a5:16:d1:e8:ef:c4:1f:7a:99:f3:d3:fb:
                    2c:95:d1:18:5d:6f:a8:ae:55:26:1a:1d:ab:be:7d:
                    0e:b5:c1:91:c0:ec:43:c0:89:73:e8:7d:32:35:b7:
                    7c:67:d3:a0:a6:4f:66:14:54:5d:8f:6c:46:d5:94:
                    9c:9b:60:ee:26:fb:15:c7:bd:f0:7d:5a:b8:65:e5:
                    be:b2:30:9c:5d:48:ca:1f:19:5f:58:ba:25:46:e9:
                    70:0d:30:82:21:26:7f:44:13:b0:56:9d:14:c6:b6:
                    c5:16:a6:12:4a:d6:90:76:6a:cc:cc:b9:cf:a2:f9:
                    50:43:f5:2c:43:a7:4e:22:ae:8c:dd:3b:3e:22:6a:
                    33:63:92:8f:7b:fa:fe:09:a1:3e:4c:b1:c9:30:2d:
                    4f:de:61:c5:93:b9:6f:28:f7:75:9a:75:e7:d2:04:
                    20:a6:40:d2:48:78:51:18:1d:c7:cd:17:3a:4d:11:
                    03:20:b9:27:18:e3:69:7e:5c:1e:ce:6e:52:8f:7a:
                    0c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:31:6B:F7:A7:BD:F3:60:F7:90:C6:05:04:2A:63:12:7E:2B:CC:92
            X509v3 Authority Key Identifier:
                keyid:0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:34:91:cb:62:ef:f0:d0:ea:0c:a1:68:8d:dc:e4:34:89:0c:
         ac:9a:44:1d:31:36:f0:dc:72:8e:90:54:b5:63:ca:68:a0:3f:
         dc:8f:61:8f:2b:95:f3:6e:51:f5:f1:8d:95:49:62:a9:41:5f:
         6f:0b:fe:a9:9e:00:41:bc:65:b5:82:3a:12:ed:1d:cc:99:c5:
         a6:0f:1d:11:44:78:c9:a7:da:34:d8:3e:b5:b4:79:98:d3:b5:
         45:1c:e7:53:cd:d0:a0:38:f4:57:9b:ae:ed:04:26:70:7e:fd:
         17:15:01:a9:07:0a:7e:3c:c5:aa:f2:6e:17:93:3e:26:64:b3:
         d3:a0:f9:02:b3:a0:60:ab:bc:23:39:c6:73:22:f5:ff:3b:42:
         04:a6:df:b6:01:84:fe:29:b4:50:48:d3:9f:7b:60:c3:88:9f:
         08:33:30:2d:05:31:31:f1:db:19:88:99:b3:08:ea:b0:06:3a:
         e3:0d:cd:0c:52:a9:6f:c5:7c:85:bf:bd:da:37:54:19:97:65:
         d3:1b:0c:e8:4d:9b:1b:1a:9d:55:5e:e5:0c:d8:b8:1f:23:6a:
         bd:9e:53:9b:79:e2:2d:3c:28:43:8a:d4:37:c0:04:67:99:57:
         22:29:b8:1a:bc:8e:0b:5c:00:7b:cf:4d:a5:3f:1c:19:4f:6d:
         97:86:ec:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDaBsrssnuGhH6uI+ByhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzk3NjA1MjBiN2MxNWMyZTQyNjAzMDgyNzJiODQ5Zjg4
ZWQ2NzcwHhcNMjUwOTA3MTIwMTM2WhcNMjUwOTA4MTIwMTM2WjAzMTEwLwYDVQQD
Eyg2ODMxNmJmN2E3YmRmMzYwZjc5MGM2MDUwNDJhNjMxMjdlMmJjYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJzJ/x+23X4I7rgjN7AqqEGYppFL
9FeHIZMK/CX4mG8lEcZ1vWduZaLz9NwXPH3fioSY5D7CqSToo0uTFC6lFtHo78Qf
epnz0/ssldEYXW+orlUmGh2rvn0OtcGRwOxDwIlz6H0yNbd8Z9Ogpk9mFFRdj2xG
1ZScm2DuJvsVx73wfVq4ZeW+sjCcXUjKHxlfWLolRulwDTCCISZ/RBOwVp0UxrbF
FqYSStaQdmrMzLnPovlQQ/UsQ6dOIq6M3Ts+ImozY5KPe/r+CaE+TLHJMC1P3mHF
k7lvKPd1mnXn0gQgpkDSSHhRGB3HzRc6TREDILknGONpflwezm5Sj3oMRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgxa/envfNg95DGBQQqYxJ+K8ySMB8GA1UdIwQY
MBaAFA95dgUgt8FcLkJgMIJyuEn4jtZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUt
MDA0MjQyNWJhYjFhLzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUtMDA0MjQyNWJhYjFh
LzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0zSRy2Lv
8NDqDKFojdzkNIkMrJpEHTE28NxyjpBUtWPKaKA/3I9hjyuV825R9fGNlUliqUFf
bwv+qZ4AQbxltYI6Eu0dzJnFpg8dEUR4yafaNNg+tbR5mNO1RRznU83QoDj0V5uu
7QQmcH79FxUBqQcKfjzFqvJuF5M+JmSz06D5ArOgYKu8IznGcyL1/ztCBKbftgGE
/im0UEjTn3tgw4ifCDMwLQUxMfHbGYiZswjqsAY64w3NDFKpb8V8hb+92jdUGZdl
0xsM6E2bGxqdVV7lDNi4HyNqvZ5Tm3niLTwoQ4rUN8AEZ5lXIim4GryOC1wAe89N
pT8cGU9tl4bsGQ==
-----END CERTIFICATE-----