Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
File:                     kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json)
Hash identifier:          +X0fLblp2kxQNujjUjpDIg4DvMxsT/yIX6d/IiL+saU=
Subject key identifier:   2C:B3:E6:F3:28:7C:5D:A9:A4:F2:8A:A3:50:53:13:E8:7C:A9:8A:BE
Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
Certificate issuer:       /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Certificate serial:       0199239F425AE4892E8DDC54952C5D6F536C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
Manifest number:          07C2
Signing time:             Sun 07 Sep 2025 10:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:03 +0000
Files and hashes:         1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: nKZUVL7c9/YZVulBR35LoV7eA7Ydsc6O/wbvGzscSwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:42:5a:e4:89:2e:8d:dc:54:95:2c:5d:6f:53:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
        Validity
            Not Before: Sep  7 10:01:03 2025 GMT
            Not After : Sep  8 10:01:03 2025 GMT
        Subject: CN=2cb3e6f3287c5da9a4f28aa3505313e87ca98abe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:80:24:fa:fc:fc:6f:04:7d:63:33:7f:c1:6a:
                    19:06:c3:e5:9a:4c:1f:9b:df:87:02:f0:7d:42:60:
                    e7:cd:a3:30:22:fc:5b:06:e1:0f:fa:1a:11:6d:5a:
                    0d:a9:f8:fa:39:9a:de:fb:f1:09:f2:1c:00:ef:41:
                    33:00:60:9b:b2:74:3f:7b:b5:65:c7:bd:1e:d2:df:
                    96:1b:5a:c3:4c:c7:7c:85:13:ae:2f:48:b4:45:ee:
                    d5:04:70:db:42:11:d7:d4:98:24:78:b6:62:ea:65:
                    57:3d:99:40:81:49:6b:c0:1c:d6:bb:85:ad:f5:06:
                    4d:9c:ae:7a:3f:9f:5c:bb:a1:b3:42:2c:53:a2:a0:
                    fd:36:3d:51:60:17:cd:33:86:4d:d3:f1:74:75:3f:
                    0c:94:a1:82:e2:64:d3:3b:51:f5:4e:ce:6f:39:ed:
                    60:2c:c5:da:9a:9f:f1:80:91:ec:1b:73:b9:19:c3:
                    66:39:be:39:2a:95:2d:b5:92:ed:9f:a2:71:f3:bf:
                    16:d2:55:c6:8a:b3:c1:84:27:4f:74:b8:37:a5:c9:
                    ba:7c:2d:0a:a6:9e:0b:26:9d:d8:e0:95:ce:f4:6f:
                    e3:63:53:5f:51:a6:9d:d3:73:65:32:7d:63:4c:60:
                    08:7a:bf:65:4f:83:0d:6c:68:1c:aa:e8:f0:fe:92:
                    a3:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:B3:E6:F3:28:7C:5D:A9:A4:F2:8A:A3:50:53:13:E8:7C:A9:8A:BE
            X509v3 Authority Key Identifier:
                keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:c6:6e:d7:6a:6f:8d:1e:66:6c:03:c3:e5:dc:33:29:81:fa:
         41:53:e2:17:47:d2:14:64:c0:48:84:7c:d4:b4:b7:a6:cd:ab:
         c8:50:cc:bc:f8:61:a1:32:b6:d7:4e:b5:ac:be:82:89:13:bd:
         d5:3d:9b:69:98:69:c4:4b:59:d8:11:32:e4:db:c4:eb:f5:85:
         e4:c5:a4:24:d4:e9:4a:6a:9b:81:c5:12:8c:78:0c:e7:ab:ae:
         11:03:03:07:c1:0d:48:5d:5a:f4:a0:bf:e8:56:38:c2:60:6e:
         a0:90:62:54:1a:b3:7e:8a:85:0b:29:a4:da:78:43:11:3e:ea:
         50:f1:0f:05:88:bb:b9:3b:87:51:71:2c:c7:67:f6:33:9a:c9:
         32:5f:ad:26:5f:7b:eb:53:a3:90:e5:f7:de:52:03:8e:da:1f:
         11:93:eb:3f:48:5b:bf:ff:0c:b2:a5:cd:da:bd:2e:c9:80:79:
         68:48:fd:80:0a:2f:0f:39:0b:a7:34:98:d3:26:07:d6:cb:e9:
         c7:39:d8:6a:78:6f:b7:84:58:c0:9a:44:09:b5:61:45:d1:e9:
         26:d5:f6:3a:44:99:fa:ad:95:3c:1b:75:26:32:54:77:6c:c9:
         7e:85:82:22:9b:80:da:0f:aa:25:63:0e:7b:89:10:0b:31:a7:
         4b:63:64:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn0Ja5IkujdxUlSxdb1NsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk
MmU4NWQwHhcNMjUwOTA3MTAwMTAzWhcNMjUwOTA4MTAwMTAzWjAzMTEwLwYDVQQD
EygyY2IzZTZmMzI4N2M1ZGE5YTRmMjhhYTM1MDUzMTNlODdjYTk4YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Ak+vz8bwR9YzN/wWoZBsPlmkwf
m9+HAvB9QmDnzaMwIvxbBuEP+hoRbVoNqfj6OZre+/EJ8hwA70EzAGCbsnQ/e7Vl
x70e0t+WG1rDTMd8hROuL0i0Re7VBHDbQhHX1JgkeLZi6mVXPZlAgUlrwBzWu4Wt
9QZNnK56P59cu6GzQixToqD9Nj1RYBfNM4ZN0/F0dT8MlKGC4mTTO1H1Ts5vOe1g
LMXamp/xgJHsG3O5GcNmOb45KpUttZLtn6Jx878W0lXGirPBhCdPdLg3pcm6fC0K
pp4LJp3Y4JXO9G/jY1NfUaad03NlMn1jTGAIer9lT4MNbGgcqujw/pKjeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyz5vMofF2ppPKKo1BTE+h8qYq+MB8GA1UdIwQY
MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt
MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz
LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApsZu12pv
jR5mbAPD5dwzKYH6QVPiF0fSFGTASIR81LS3ps2ryFDMvPhhoTK21061rL6CiRO9
1T2baZhpxEtZ2BEy5NvE6/WF5MWkJNTpSmqbgcUSjHgM56uuEQMDB8ENSF1a9KC/
6FY4wmBuoJBiVBqzfoqFCymk2nhDET7qUPEPBYi7uTuHUXEsx2f2M5rJMl+tJl97
61OjkOX33lIDjtofEZPrP0hbv/8MsqXN2r0uyYB5aEj9gAovDzkLpzSY0yYH1svp
xznYanhvt4RYwJpECbVhRdHpJtX2OkSZ+q2VPBt1JjJUd2zJfoWCIpuA2g+qJWMO
e4kQCzGnS2NkZA==
-----END CERTIFICATE-----