Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          1cql458lHjEJsZ5+U/pSosSi7Mx33bhCkGe2c5IZYTA=
Subject key identifier:   36:7D:DA:78:9A:B1:A0:DB:08:A7:B1:D7:99:83:71:A5:89:FE:7E:C5
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       019921E7CEB89E7983B3C3C3E4999251BA59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          010A
Signing time:             Sun 07 Sep 2025 02:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 02:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 02:01:03 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: RU2VfZ0zeBbgFGmu4kGb9PDZ0UEPapXWBv35xWuQzZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:ce:b8:9e:79:83:b3:c3:c3:e4:99:92:51:ba:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Sep  7 02:01:03 2025 GMT
            Not After : Sep  8 02:01:03 2025 GMT
        Subject: CN=367dda789ab1a0db08a7b1d7998371a589fe7ec5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:b6:dc:17:9f:da:f0:0e:83:3f:95:74:63:87:
                    d0:23:d9:52:b6:ab:1f:12:3f:99:d6:78:3b:fe:c8:
                    18:e2:19:ea:8e:61:25:69:9e:d7:2f:7c:cc:83:5b:
                    51:89:df:44:ae:da:dc:b8:fa:07:75:d2:f2:78:35:
                    78:0b:51:4d:1c:32:ad:d9:1c:a8:be:0f:4c:c6:ec:
                    7b:b3:85:94:a6:ba:8a:f8:24:9c:3a:06:2a:31:e8:
                    5c:de:61:2e:54:75:86:0e:f2:93:27:28:e5:12:5b:
                    63:ca:ad:de:7d:c6:08:50:cd:f1:03:f2:08:8d:89:
                    c3:f5:d8:4b:86:5e:f1:9e:42:5e:7d:f3:81:e2:4e:
                    69:9e:91:fa:2a:d2:e0:d5:a9:c9:78:16:17:d9:9d:
                    e6:21:a7:a3:0e:35:11:d3:0b:86:02:d5:60:6a:79:
                    ed:e0:da:6e:68:f8:c0:fe:a4:b8:e8:ba:34:5e:03:
                    2c:3a:1b:f5:05:81:d1:31:8d:e5:e1:4d:eb:3a:97:
                    6d:e9:d2:f2:af:3e:38:cd:ba:fd:9d:f1:66:ec:53:
                    2a:c0:c2:60:17:21:af:9b:29:42:b3:55:0f:31:a6:
                    a5:ac:22:b4:3d:1b:79:df:c3:e7:cc:30:05:34:11:
                    31:6d:e5:3b:c1:64:ab:7a:fa:be:47:0b:04:ad:54:
                    a9:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:7D:DA:78:9A:B1:A0:DB:08:A7:B1:D7:99:83:71:A5:89:FE:7E:C5
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:73:0b:ad:7a:88:e9:74:e4:0a:e6:64:0d:76:43:cf:92:16:
         77:ed:41:0d:4c:49:a0:e9:c8:e4:65:68:c6:6c:ce:ce:f4:e2:
         f3:8d:29:b3:87:95:26:16:44:a0:ab:e5:9f:c2:1c:fe:48:5e:
         22:97:04:79:74:b8:d0:4b:19:e2:57:cf:0a:df:2f:06:59:5e:
         6a:b0:ff:15:f1:ea:ea:61:f4:7f:18:88:9d:13:81:bf:87:f6:
         a3:98:db:de:fe:e9:36:dc:06:2c:3e:31:5f:38:95:14:f4:54:
         c2:36:0f:6b:15:57:f6:3d:27:dd:d8:30:07:4b:1b:ba:41:61:
         35:3f:bd:af:d2:b5:7c:29:64:a6:f4:c2:ca:14:b1:ba:b1:e1:
         c2:ba:80:74:61:4f:73:05:d7:4b:7d:53:ec:ee:76:3a:b4:46:
         fe:e6:f7:8d:e6:97:30:91:ad:57:59:b1:20:b0:81:e7:6f:11:
         c2:7d:ae:68:9c:7c:e7:a9:7f:45:96:be:6c:8e:ce:9d:5b:8a:
         19:29:61:20:57:e6:1f:0b:8d:f0:ae:ef:a6:55:9c:e0:0a:ee:
         e7:2c:43:cd:c5:2c:ec:ca:96:f9:37:d1:41:44:dc:99:e5:da:
         1b:0a:1d:b1:8c:b2:71:03:b4:35:bc:62:e0:95:fb:f5:27:b9:
         8b:1a:57:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh5864nnmDs8PD5JmSUbpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUwOTA3MDIwMTAzWhcNMjUwOTA4MDIwMTAzWjAzMTEwLwYDVQQD
EygzNjdkZGE3ODlhYjFhMGRiMDhhN2IxZDc5OTgzNzFhNTg5ZmU3ZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97bcF5/a8A6DP5V0Y4fQI9lStqsf
Ej+Z1ng7/sgY4hnqjmElaZ7XL3zMg1tRid9ErtrcuPoHddLyeDV4C1FNHDKt2Ryo
vg9Mxux7s4WUprqK+CScOgYqMehc3mEuVHWGDvKTJyjlEltjyq3efcYIUM3xA/II
jYnD9dhLhl7xnkJeffOB4k5pnpH6KtLg1anJeBYX2Z3mIaejDjUR0wuGAtVgannt
4NpuaPjA/qS46Lo0XgMsOhv1BYHRMY3l4U3rOpdt6dLyrz44zbr9nfFm7FMqwMJg
FyGvmylCs1UPMaalrCK0PRt538PnzDAFNBExbeU7wWSrevq+RwsErVSpTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ92niasaDbCKex15mDcaWJ/n7FMB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnMLrXqI
6XTkCuZkDXZDz5IWd+1BDUxJoOnI5GVoxmzOzvTi840ps4eVJhZEoKvln8Ic/khe
IpcEeXS40EsZ4lfPCt8vBllearD/FfHq6mH0fxiInROBv4f2o5jb3v7pNtwGLD4x
XziVFPRUwjYPaxVX9j0n3dgwB0sbukFhNT+9r9K1fClkpvTCyhSxurHhwrqAdGFP
cwXXS31T7O52OrRG/ub3jeaXMJGtV1mxILCB528Rwn2uaJx856l/RZa+bI7OnVuK
GSlhIFfmHwuN8K7vplWc4Aru5yxDzcUs7MqW+TfRQUTcmeXaGwodsYyycQO0Nbxi
4JX79Se5ixpXGg==
-----END CERTIFICATE-----