Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          O1AhKCaLKhDs6wPyaDaBzor0fGwOwx4UxkXvfX1M2Y8=
Subject key identifier:   2A:9C:2A:11:C1:4E:89:F8:D7:2E:3B:A9:C6:0E:53:1A:BB:78:59:CE
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019922FA120412BC07012001D9FBF12E3CA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          0591
Signing time:             Sun 07 Sep 2025 07:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:37 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: TMzJKd4da1F1h0PIf7wKcDsk1lUBKKzYLdUtJp2l7v8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:12:04:12:bc:07:01:20:01:d9:fb:f1:2e:3c:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Sep  7 07:00:37 2025 GMT
            Not After : Sep  8 07:00:37 2025 GMT
        Subject: CN=2a9c2a11c14e89f8d72e3ba9c60e531abb7859ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f9:ae:a4:69:d4:a2:62:71:9e:22:12:8c:f4:
                    26:d3:81:fe:4f:cd:cf:d7:21:0f:dc:66:ec:70:a9:
                    e1:03:31:d2:0c:a2:1e:52:65:87:26:c2:99:cf:5e:
                    76:31:f8:f8:08:b5:95:50:34:e5:7e:b0:5f:06:fe:
                    29:65:15:27:8d:1f:78:ec:32:5a:7e:df:90:de:3e:
                    12:97:b8:da:c5:70:03:3f:ca:bf:5d:73:8a:e3:2a:
                    7b:0f:1e:b8:07:4c:64:75:a8:ec:0f:0d:99:b1:28:
                    5d:b4:38:1b:4d:76:5b:75:0d:a4:fe:59:07:dd:da:
                    9a:d5:3a:10:af:0f:5d:5a:4d:50:ee:71:98:05:31:
                    25:e6:e5:da:d4:76:9d:e4:b5:77:16:4c:46:04:ec:
                    d9:00:30:46:4e:5c:ae:6f:a6:f6:ef:b4:5d:3d:8a:
                    3e:11:45:04:5e:80:f8:4e:e2:75:ef:10:fd:1d:a8:
                    4f:a7:42:6d:19:e3:50:5a:7c:4f:f1:df:6d:17:d2:
                    84:53:b0:10:22:5e:3d:38:bc:46:ac:a8:60:6a:a0:
                    0a:a0:11:e5:0b:a7:21:84:6d:b0:5c:51:df:9b:5b:
                    7a:61:8b:6a:08:b3:51:36:e1:79:fa:b9:97:71:79:
                    35:3a:e2:a8:1c:bd:f3:1c:f1:a8:b6:bf:76:04:12:
                    46:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9C:2A:11:C1:4E:89:F8:D7:2E:3B:A9:C6:0E:53:1A:BB:78:59:CE
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:31:80:87:52:37:d1:ee:df:e7:1b:2e:c1:b4:4c:c8:c3:5a:
         9f:99:9d:69:4e:0f:94:cf:56:1c:3f:69:56:e2:86:95:6d:4c:
         52:67:8a:7b:b5:0c:ea:f6:fd:ee:34:61:79:a3:63:4b:9a:b2:
         4d:c2:41:3e:bf:ec:45:74:45:c0:89:17:f4:b4:b1:07:8f:0a:
         85:68:d5:b6:29:47:1c:fd:72:31:04:6c:d8:c3:0b:5a:73:b2:
         25:15:78:dc:29:d6:d5:42:32:44:52:09:c7:51:c2:9e:af:a0:
         fa:2c:bd:dc:ef:7a:e1:56:9f:99:73:81:b7:20:9c:24:0b:43:
         72:8f:68:e5:5e:69:ae:e6:36:38:bf:92:f1:6b:06:b9:aa:b0:
         05:61:ae:cd:9c:88:3c:bf:b4:36:60:dd:2a:70:bf:68:20:8a:
         bd:5d:f4:77:f9:20:a0:a1:bd:0e:3d:08:e9:59:8b:0b:19:4e:
         2b:d8:ec:f9:d8:72:7a:20:de:f5:d7:32:14:1a:86:c9:e6:fd:
         49:e7:31:80:b8:29:54:60:f1:d1:34:77:1a:8e:9a:fe:df:c4:
         e5:36:b4:ca:19:fe:7c:59:d7:19:18:13:7a:79:46:0c:97:1b:
         1d:e2:0e:2b:0f:50:0c:de:8e:fc:31:d9:41:ad:89:15:e7:db:
         f7:c4:6a:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+hIEErwHASAB2fvxLjymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUwOTA3MDcwMDM3WhcNMjUwOTA4MDcwMDM3WjAzMTEwLwYDVQQD
EygyYTljMmExMWMxNGU4OWY4ZDcyZTNiYTljNjBlNTMxYWJiNzg1OWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/mupGnUomJxniISjPQm04H+T83P
1yEP3GbscKnhAzHSDKIeUmWHJsKZz152Mfj4CLWVUDTlfrBfBv4pZRUnjR947DJa
ft+Q3j4Sl7jaxXADP8q/XXOK4yp7Dx64B0xkdajsDw2ZsShdtDgbTXZbdQ2k/lkH
3dqa1ToQrw9dWk1Q7nGYBTEl5uXa1Had5LV3FkxGBOzZADBGTlyub6b277RdPYo+
EUUEXoD4TuJ17xD9HahPp0JtGeNQWnxP8d9tF9KEU7AQIl49OLxGrKhgaqAKoBHl
C6chhG2wXFHfm1t6YYtqCLNRNuF5+rmXcXk1OuKoHL3zHPGotr92BBJGBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqcKhHBTon41y47qcYOUxq7eFnOMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4TGAh1I3
0e7f5xsuwbRMyMNan5mdaU4PlM9WHD9pVuKGlW1MUmeKe7UM6vb97jRheaNjS5qy
TcJBPr/sRXRFwIkX9LSxB48KhWjVtilHHP1yMQRs2MMLWnOyJRV43CnW1UIyRFIJ
x1HCnq+g+iy93O964VafmXOBtyCcJAtDco9o5V5pruY2OL+S8WsGuaqwBWGuzZyI
PL+0NmDdKnC/aCCKvV30d/kgoKG9Dj0I6VmLCxlOK9js+dhyeiDe9dcyFBqGyeb9
SecxgLgpVGDx0TR3Go6a/t/E5Ta0yhn+fFnXGRgTenlGDJcbHeIOKw9QDN6O/DHZ
Qa2JFefb98RqHA==
-----END CERTIFICATE-----