Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          lv5nA3oqzgTJobqb+TmT6qm+QqD+gyrenPeilJdQbzw=
Subject key identifier:   8F:A7:BE:97:B2:A5:1C:03:6B:DB:69:41:EC:D6:3B:50:05:19:AD:CF
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       01988B7C8F0EC76C50E3D32069AD38BC9EA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 21:00:52 +0000
Manifest this update:     Fri 08 Aug 2025 21:00:52 +0000
Manifest next update:     Sat 09 Aug 2025 21:00:52 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: 1oG3TCmHsIENtLwdYfVWmJwE3iwxt5caLBXkfQiQPmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7c:8f:0e:c7:6c:50:e3:d3:20:69:ad:38:bc:9e:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: Aug  8 21:00:52 2025 GMT
            Not After : Aug  9 21:00:52 2025 GMT
        Subject: CN=8fa7be97b2a51c036bdb6941ecd63b500519adcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:89:79:70:16:17:3f:b4:bf:27:26:8e:b3:04:
                    27:dc:3f:49:28:bb:35:ef:c7:f8:f1:51:e8:c1:56:
                    b3:f0:02:8e:67:de:fb:63:b1:2a:e7:e6:eb:43:f4:
                    d1:a4:1e:f1:56:2f:e5:f4:c1:ea:55:05:d7:83:ca:
                    ef:3b:11:7d:74:f5:8a:9d:3e:b8:e5:dc:9c:76:a3:
                    46:6b:0f:40:0f:c9:47:e9:a1:9b:74:e9:02:59:75:
                    b9:7e:ba:88:22:0f:65:06:57:4d:71:83:b1:a6:ba:
                    77:cf:e8:63:1d:0e:00:94:6b:23:5c:78:6d:2f:39:
                    95:8f:09:d3:54:ec:d2:9d:3e:33:e9:a4:35:01:c9:
                    70:e3:a3:55:a7:40:68:36:7c:e9:af:2e:83:fd:32:
                    cd:35:8c:ca:52:0f:2b:21:4b:7f:df:bb:66:aa:0c:
                    a1:2a:7b:28:68:6c:2f:95:bf:a1:c5:9e:6c:a7:e4:
                    a6:44:3b:94:7e:d1:3e:5f:f7:7a:a8:5b:80:d6:b9:
                    f4:d7:cc:d1:a5:ce:cd:d6:90:0b:30:39:f7:42:99:
                    a8:4a:d3:86:0d:bf:c9:58:6f:10:a7:ba:03:4c:59:
                    dd:d5:f2:e3:82:1c:c1:44:79:90:a9:56:2d:be:0b:
                    5b:a5:17:23:8d:83:7d:9b:d7:48:4c:9a:c7:f5:ec:
                    b0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:A7:BE:97:B2:A5:1C:03:6B:DB:69:41:EC:D6:3B:50:05:19:AD:CF
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d2:49:d2:7a:f3:d6:03:fe:72:28:8a:0b:ff:80:20:97:24:5e:
         f2:db:60:9e:57:f0:f3:d0:94:75:cc:42:30:59:c2:2d:21:78:
         c7:f7:98:c0:90:22:fc:80:8c:30:ce:2a:39:60:7f:49:5d:61:
         ec:be:c5:b7:41:8b:31:ed:94:b9:9e:4e:eb:55:fc:36:33:b0:
         38:af:33:af:13:f2:d2:d7:24:66:e4:35:90:fd:77:e4:b7:18:
         1e:7f:ce:a4:bc:42:43:57:5a:18:96:6c:7d:79:9e:f6:80:d1:
         3b:90:de:71:ff:33:49:b5:73:4a:f0:ff:f1:3c:2e:6a:cc:b6:
         69:7f:92:cb:30:51:9a:fc:33:36:bf:cc:9c:01:a1:3d:83:ec:
         94:95:9a:06:b8:1a:aa:82:8c:0e:60:25:06:fa:46:a4:85:a0:
         52:d9:20:df:17:5f:67:de:3e:77:55:f4:f0:6e:e4:19:01:67:
         07:6b:b4:f6:51:40:88:15:73:4d:46:b6:16:09:35:d6:6f:8f:
         05:f9:3e:fd:d9:92:e3:c1:38:44:0b:41:df:58:a7:9a:a0:8d:
         ef:c5:9a:dd:87:0b:8d:9e:71:b3:e4:0b:14:d8:2e:a2:27:7b:
         37:e1:08:4a:43:b8:26:75:40:c2:79:98:fa:da:a4:14:74:97:
         fb:34:0e:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfI8Ox2xQ49Mgaa04vJ6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjUwODA4MjEwMDUyWhcNMjUwODA5MjEwMDUyWjAzMTEwLwYDVQQD
Eyg4ZmE3YmU5N2IyYTUxYzAzNmJkYjY5NDFlY2Q2M2I1MDA1MTlhZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYl5cBYXP7S/JyaOswQn3D9JKLs1
78f48VHowVaz8AKOZ977Y7Eq5+brQ/TRpB7xVi/l9MHqVQXXg8rvOxF9dPWKnT64
5dycdqNGaw9AD8lH6aGbdOkCWXW5frqIIg9lBldNcYOxprp3z+hjHQ4AlGsjXHht
LzmVjwnTVOzSnT4z6aQ1Aclw46NVp0BoNnzpry6D/TLNNYzKUg8rIUt/37tmqgyh
KnsoaGwvlb+hxZ5sp+SmRDuUftE+X/d6qFuA1rn018zRpc7N1pALMDn3QpmoStOG
Db/JWG8Qp7oDTFnd1fLjghzBRHmQqVYtvgtbpRcjjYN9m9dITJrH9eywCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+nvpeypRwDa9tpQezWO1AFGa3PMB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0knSevPW
A/5yKIoL/4AglyRe8ttgnlfw89CUdcxCMFnCLSF4x/eYwJAi/ICMMM4qOWB/SV1h
7L7Ft0GLMe2UuZ5O61X8NjOwOK8zrxPy0tckZuQ1kP135LcYHn/OpLxCQ1daGJZs
fXme9oDRO5Decf8zSbVzSvD/8Twuasy2aX+SyzBRmvwzNr/MnAGhPYPslJWaBrga
qoKMDmAlBvpGpIWgUtkg3xdfZ94+d1X08G7kGQFnB2u09lFAiBVzTUa2Fgk11m+P
Bfk+/dmS48E4RAtB31inmqCN78Wa3YcLjZ5xs+QLFNguoid7N+EISkO4JnVAwnmY
+tqkFHSX+zQOzA==
-----END CERTIFICATE-----