Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          +QWOwt5opVcK6ZMsY2BOX5jOoPaJuFqq8dMh7lrnNqQ=
Subject key identifier:   9D:9A:5A:41:95:21:C6:FB:3F:0A:51:AF:E6:C4:C4:94:69:A0:D7:E5
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       0199239EDEBF073031F7DCAD39BA4A120310
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0277
Signing time:             Sun 07 Sep 2025 10:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:38 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: Ad3w0D4OvGBmaPxd0fWVcHDOr6Yj8Yh2iX3MAsDcM0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:de:bf:07:30:31:f7:dc:ad:39:ba:4a:12:03:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Sep  7 10:00:38 2025 GMT
            Not After : Sep  8 10:00:38 2025 GMT
        Subject: CN=9d9a5a419521c6fb3f0a51afe6c4c49469a0d7e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:33:d8:11:c0:05:db:06:c6:14:61:8b:f8:00:
                    4a:98:a2:95:85:3f:d1:0f:9a:d5:88:b3:5c:c9:46:
                    4c:c8:b5:b3:61:4e:e6:88:ae:d9:f0:ac:c4:e5:a4:
                    6f:01:84:b7:42:47:5d:50:28:b2:a9:5c:38:20:c5:
                    7b:74:da:d3:fe:4d:b0:82:87:46:06:5d:6f:9d:9a:
                    f9:80:41:99:67:4a:c9:e1:f2:c2:4f:68:e4:8d:cf:
                    5c:c2:4c:27:06:44:b3:22:c4:4b:ed:af:32:1b:62:
                    6e:3a:b9:da:58:49:b4:57:a5:90:41:69:05:07:6b:
                    d0:5a:97:ac:40:e1:f5:36:d4:3e:b9:dd:45:a0:12:
                    b1:48:59:89:3b:58:49:18:bf:d0:ab:d4:88:e2:f1:
                    0b:8a:a8:9f:e4:68:a4:98:15:65:a7:a1:f2:fd:7f:
                    a5:6e:e6:5e:c4:ba:7f:8a:a1:1a:b1:4f:04:80:ec:
                    94:95:24:61:a5:de:7d:75:41:a6:5a:95:a2:cc:d3:
                    00:33:b3:f5:3b:e4:70:22:45:66:74:24:32:72:37:
                    62:6f:8d:95:18:e5:37:b7:f2:a6:52:69:e7:ca:3e:
                    cc:b2:37:67:74:61:67:43:a0:32:3e:28:02:9f:36:
                    3d:76:99:5d:05:87:a8:af:9b:ac:8e:52:d2:6f:e3:
                    6d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:9A:5A:41:95:21:C6:FB:3F:0A:51:AF:E6:C4:C4:94:69:A0:D7:E5
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:63:62:76:e0:f4:aa:9b:1f:f0:b8:8d:98:cb:18:45:14:0e:
         e5:0f:b9:2f:2f:e6:fd:2c:0f:4e:80:d8:e5:51:6e:34:a1:a1:
         9f:d2:56:48:df:71:ba:2e:98:bb:c4:38:7c:fc:c0:ea:d7:3e:
         fc:e8:d3:d7:e1:e2:42:18:d3:dc:9f:42:96:43:28:65:b7:1f:
         ad:56:b3:a2:2d:1b:2e:58:4e:d3:e2:37:c1:0a:46:8e:59:6f:
         fa:81:36:b3:a4:a0:74:e4:2a:44:d4:45:85:2f:f8:bc:95:7d:
         af:b0:6a:35:3c:ef:0e:c9:60:79:19:23:ca:5f:c5:1a:a0:10:
         2b:f2:60:bb:9b:45:a3:f9:2c:c9:2e:da:70:a8:66:1c:5f:5d:
         5b:a7:5e:86:29:2a:49:95:aa:96:1e:b8:6b:1c:79:56:b1:8a:
         0a:ab:1c:e1:e8:2c:c9:6e:6a:eb:17:53:3c:a8:96:a6:06:28:
         df:1d:63:5c:ec:1b:d7:a5:37:8e:89:7c:1a:67:22:91:b1:b4:
         1a:ac:56:a1:7a:ef:b4:ec:b3:35:b4:d9:50:28:60:17:b1:97:
         2c:0b:6f:3c:05:d0:eb:d1:c2:1a:8c:66:f0:36:74:87:46:ad:
         02:66:71:95:43:f1:05:da:e7:02:58:9a:16:60:86:30:e0:ab:
         d3:41:55:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnt6/BzAx99ytObpKEgMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUwOTA3MTAwMDM4WhcNMjUwOTA4MTAwMDM4WjAzMTEwLwYDVQQD
Eyg5ZDlhNWE0MTk1MjFjNmZiM2YwYTUxYWZlNmM0YzQ5NDY5YTBkN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTPYEcAF2wbGFGGL+ABKmKKVhT/R
D5rViLNcyUZMyLWzYU7miK7Z8KzE5aRvAYS3QkddUCiyqVw4IMV7dNrT/k2wgodG
Bl1vnZr5gEGZZ0rJ4fLCT2jkjc9cwkwnBkSzIsRL7a8yG2JuOrnaWEm0V6WQQWkF
B2vQWpesQOH1NtQ+ud1FoBKxSFmJO1hJGL/Qq9SI4vELiqif5GikmBVlp6Hy/X+l
buZexLp/iqEasU8EgOyUlSRhpd59dUGmWpWizNMAM7P1O+RwIkVmdCQycjdib42V
GOU3t/KmUmnnyj7MsjdndGFnQ6AyPigCnzY9dpldBYeor5usjlLSb+NtBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2aWkGVIcb7PwpRr+bExJRpoNflMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGNiduD0
qpsf8LiNmMsYRRQO5Q+5Ly/m/SwPToDY5VFuNKGhn9JWSN9xui6Yu8Q4fPzA6tc+
/OjT1+HiQhjT3J9ClkMoZbcfrVazoi0bLlhO0+I3wQpGjllv+oE2s6SgdOQqRNRF
hS/4vJV9r7BqNTzvDslgeRkjyl/FGqAQK/Jgu5tFo/ksyS7acKhmHF9dW6dehikq
SZWqlh64axx5VrGKCqsc4egsyW5q6xdTPKiWpgYo3x1jXOwb16U3jol8GmcikbG0
GqxWoXrvtOyzNbTZUChgF7GXLAtvPAXQ69HCGoxm8DZ0h0atAmZxlUPxBdrnAlia
FmCGMOCr00FV2g==
-----END CERTIFICATE-----