Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft
File:                     rjRcTQnm4iTh2vRmV9PHEYewIjY.mft (raw, json)
Hash identifier:          cUMgzEMnfDAwVuReSUwvzug9V0Ew7i7i7w9aiu3xyrw=
Subject key identifier:   6F:76:A3:7A:2A:CF:6F:F1:4D:90:8A:44:C7:B2:65:74:84:4B:9E:EA
Authority key identifier: AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36
Certificate issuer:       /CN=ae345c4d09e6e224e1daf46657d3c71187b02236
Certificate serial:       019922C39E0F9A23586B9A6BA528F3C0212A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft
Manifest number:          05BB
Signing time:             Sun 07 Sep 2025 06:01:09 +0000
Manifest this update:     Sun 07 Sep 2025 06:01:09 +0000
Manifest next update:     Mon 08 Sep 2025 06:01:09 +0000
Files and hashes:         1: rjRcTQnm4iTh2vRmV9PHEYewIjY.crl (hash: e8ZthPL39P5kGhFokLMcKVgS9wrKmWF6wMtWsRvApKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:9e:0f:9a:23:58:6b:9a:6b:a5:28:f3:c0:21:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae345c4d09e6e224e1daf46657d3c71187b02236
        Validity
            Not Before: Sep  7 06:01:09 2025 GMT
            Not After : Sep  8 06:01:09 2025 GMT
        Subject: CN=6f76a37a2acf6ff14d908a44c7b26574844b9eea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:99:fb:55:1e:4e:d1:82:2c:cd:24:f2:01:34:
                    0e:0e:62:c9:6d:50:e9:54:15:2d:f9:1e:14:8c:7e:
                    48:a1:3a:b6:77:43:54:26:60:27:54:6d:f4:42:72:
                    82:02:28:f1:b4:ec:23:8e:f7:2a:bb:07:41:6e:4e:
                    ae:1f:87:5c:45:19:25:77:db:6d:eb:18:b3:8a:4f:
                    84:ca:3e:e3:2f:c6:6d:df:cb:8e:9a:06:dc:1d:93:
                    97:ad:81:73:c1:5b:16:12:49:bd:4b:13:c4:39:9f:
                    4a:b8:f0:90:02:f9:ef:ce:98:93:b0:15:1e:c9:06:
                    5a:b7:59:98:d7:d5:f7:40:1b:a1:4c:71:73:12:06:
                    4f:26:cc:69:fc:c8:65:aa:47:55:84:ba:28:96:88:
                    f0:20:66:94:47:73:6c:be:10:97:bb:c4:46:f5:56:
                    06:a9:7d:7e:1c:00:47:b4:19:72:26:0f:9f:4d:c8:
                    ae:a4:8e:e0:6f:cb:7e:14:01:74:5a:e9:46:0e:c8:
                    e4:69:24:b7:1d:2e:58:1a:59:11:77:e5:5a:d4:f0:
                    70:0b:83:41:01:db:ca:81:04:29:51:85:33:61:38:
                    39:04:a8:fd:04:79:7b:e9:45:71:c8:d1:eb:e4:03:
                    e8:1f:2e:77:c9:52:e5:22:cc:d7:bf:ab:8d:db:ae:
                    27:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:76:A3:7A:2A:CF:6F:F1:4D:90:8A:44:C7:B2:65:74:84:4B:9E:EA
            X509v3 Authority Key Identifier:
                keyid:AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:b8:c1:7d:70:72:a1:4d:a6:9c:f1:00:9c:f1:1e:04:94:cb:
         ad:f8:75:dd:3a:ab:3c:a4:65:4b:2e:5b:a3:4e:e0:65:ca:8d:
         e3:de:73:9c:41:e0:c3:04:d0:5e:03:ca:67:ab:59:c9:1e:19:
         98:6c:da:2b:dd:94:b0:9b:cd:7a:75:b3:6d:c7:23:e1:2f:b0:
         f6:09:9f:74:89:fb:1c:4b:09:22:f2:52:69:88:e3:03:a0:c9:
         0b:ca:ed:17:ca:bb:84:03:60:fc:d0:51:bb:aa:57:60:9e:48:
         0c:66:bf:fe:b7:86:74:01:31:ec:77:07:ba:b7:83:f4:7f:8c:
         c2:cd:db:48:dc:09:e4:22:e8:16:74:8d:e3:3e:b7:82:e5:9f:
         42:fe:0b:44:ad:17:bd:3b:43:99:65:d5:d8:ff:8c:02:b0:00:
         a5:42:d4:da:dd:d4:66:53:47:f0:dc:26:a0:c8:fc:cd:71:f0:
         d4:94:a7:a0:c9:38:c0:49:80:ca:6e:e9:d0:10:29:91:2f:1c:
         df:d8:ec:a9:07:e5:b3:05:2d:0b:d6:5a:a0:e6:42:6d:fa:52:
         59:34:60:1f:54:47:ff:95:ac:56:e3:63:8d:5e:df:b9:3c:5e:
         99:ca:36:bd:d8:54:1d:9f:1a:32:49:99:04:ee:ee:04:e3:6a:
         e0:32:07:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw54PmiNYa5prpSjzwCEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMzQ1YzRkMDllNmUyMjRlMWRhZjQ2NjU3ZDNjNzExODdi
MDIyMzYwHhcNMjUwOTA3MDYwMTA5WhcNMjUwOTA4MDYwMTA5WjAzMTEwLwYDVQQD
Eyg2Zjc2YTM3YTJhY2Y2ZmYxNGQ5MDhhNDRjN2IyNjU3NDg0NGI5ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJn7VR5O0YIszSTyATQODmLJbVDp
VBUt+R4UjH5IoTq2d0NUJmAnVG30QnKCAijxtOwjjvcquwdBbk6uH4dcRRkld9tt
6xizik+Eyj7jL8Zt38uOmgbcHZOXrYFzwVsWEkm9SxPEOZ9KuPCQAvnvzpiTsBUe
yQZat1mY19X3QBuhTHFzEgZPJsxp/MhlqkdVhLoolojwIGaUR3NsvhCXu8RG9VYG
qX1+HABHtBlyJg+fTciupI7gb8t+FAF0WulGDsjkaSS3HS5YGlkRd+Va1PBwC4NB
AdvKgQQpUYUzYTg5BKj9BHl76UVxyNHr5APoHy53yVLlIszXv6uN264nHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG92o3oqz2/xTZCKRMeyZXSES57qMB8GA1UdIwQY
MBaAFK40XE0J5uIk4dr0ZlfTxxGHsCI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDkt
M2JmNjE3NzlkZGM3LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDktM2JmNjE3NzlkZGM3
LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLjBfXBy
oU2mnPEAnPEeBJTLrfh13TqrPKRlSy5bo07gZcqN495znEHgwwTQXgPKZ6tZyR4Z
mGzaK92UsJvNenWzbccj4S+w9gmfdIn7HEsJIvJSaYjjA6DJC8rtF8q7hANg/NBR
u6pXYJ5IDGa//reGdAEx7HcHureD9H+Mws3bSNwJ5CLoFnSN4z63guWfQv4LRK0X
vTtDmWXV2P+MArAApULU2t3UZlNH8NwmoMj8zXHw1JSnoMk4wEmAym7p0BApkS8c
39jsqQflswUtC9ZaoOZCbfpSWTRgH1RH/5WsVuNjjV7fuTxemco2vdhUHZ8aMkmZ
BO7uBONq4DIHtw==
-----END CERTIFICATE-----