Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          1hOX4sOhqX8hR+UkSfTEVe2B89osz9dW5TTJTcuvoDY=
Subject key identifier:   65:8A:6D:FC:17:1B:13:AE:4F:F9:75:53:BE:F9:6F:E8:97:2D:5C:77
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019776E5BD54F059D822B518F74FE2AB9093
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          0FF8
Signing time:             Mon 16 Jun 2025 04:00:56 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:56 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:56 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: t2wR8qCOYnKI2vSh0NReZhGZHUcbYkcYD8hjIzvUG88=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:bd:54:f0:59:d8:22:b5:18:f7:4f:e2:ab:90:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Jun 16 04:00:56 2025 GMT
            Not After : Jun 17 04:00:56 2025 GMT
        Subject: CN=658a6dfc171b13ae4ff97553bef96fe8972d5c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c9:95:68:7b:8d:17:61:ea:df:eb:31:e2:74:
                    70:53:fc:92:4e:d9:e5:82:04:13:21:e9:9b:34:7e:
                    ee:b7:1c:c2:a1:1a:24:18:c0:f8:16:c5:40:8d:b3:
                    5c:61:a2:62:15:94:05:6f:bd:81:49:28:7e:fe:0e:
                    5f:c8:f5:b2:b6:c1:3a:20:4c:32:ec:e2:73:51:5b:
                    71:dd:20:35:b7:84:7b:c5:e7:c4:61:bd:7b:dd:61:
                    a1:f1:55:d1:23:36:ec:80:74:17:5f:a8:11:ca:fa:
                    71:fb:a1:40:14:c4:f4:bc:29:a7:fa:65:4c:1a:fa:
                    e8:6f:18:c1:ab:fd:64:2f:18:a5:08:40:71:aa:7d:
                    2c:d5:32:59:af:93:32:e4:58:22:1a:38:35:fc:59:
                    af:e6:1b:c8:3b:73:90:ce:21:2a:56:71:df:86:92:
                    c3:09:9d:94:74:6e:50:29:d1:c4:50:38:dc:1f:a0:
                    72:19:f3:be:76:ee:52:91:3a:4d:e8:39:f1:fa:1c:
                    cc:0f:3e:0d:83:99:a8:d7:d0:5e:15:02:bf:40:f8:
                    c9:9a:a5:c6:ec:35:55:0c:1a:1b:2f:6a:50:c2:c0:
                    85:71:d3:c7:f7:7d:17:22:b7:20:c4:d6:cf:f3:5e:
                    f6:8b:98:5c:1c:2d:5b:9a:e7:55:b2:46:82:51:5b:
                    67:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:8A:6D:FC:17:1B:13:AE:4F:F9:75:53:BE:F9:6F:E8:97:2D:5C:77
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:5a:f6:ad:dc:a9:c1:9c:ea:2d:9b:e6:4b:91:ac:db:86:61:
         40:e7:42:83:4d:22:da:2e:2f:99:42:73:f9:f8:57:6b:cd:39:
         2c:f4:9d:c3:47:26:a3:1b:d3:f7:19:59:42:4c:2b:ce:35:0b:
         55:e2:20:15:88:04:d6:b5:0e:65:79:ab:b0:d5:fd:58:f0:67:
         e5:08:5e:dc:b9:c8:9d:c9:43:66:c3:9c:dd:f7:ce:ec:71:1c:
         a8:dc:69:cf:e3:f1:ef:ab:59:ea:91:24:94:e7:6c:35:dc:ac:
         99:43:1d:d2:56:10:25:f2:10:e1:6e:4b:6d:af:d1:65:fc:54:
         a8:fe:de:57:b6:67:87:52:4e:65:41:13:cd:a0:78:28:6e:c9:
         83:8d:87:09:d1:3d:84:d2:d6:6b:58:3f:86:91:8b:b4:4c:9b:
         4c:f8:40:4c:27:92:4b:ac:a6:76:9c:30:fb:a2:61:80:75:1d:
         64:58:e5:35:34:3b:c2:8e:fd:19:cb:e5:8c:57:ed:e0:68:69:
         54:f4:d5:b8:77:67:fe:a9:37:86:26:28:c4:f4:6c:a6:fa:20:
         b8:f5:66:11:fc:8f:ae:29:93:5e:3d:27:9f:8b:14:c6:a4:96:
         29:8e:09:86:a9:80:73:c2:ad:85:37:50:90:5b:74:2a:91:19:
         cb:1c:79:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25b1U8FnYIrUY90/iq5CTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUwNjE2MDQwMDU2WhcNMjUwNjE3MDQwMDU2WjAzMTEwLwYDVQQD
Eyg2NThhNmRmYzE3MWIxM2FlNGZmOTc1NTNiZWY5NmZlODk3MmQ1Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMmVaHuNF2Hq3+sx4nRwU/ySTtnl
ggQTIembNH7utxzCoRokGMD4FsVAjbNcYaJiFZQFb72BSSh+/g5fyPWytsE6IEwy
7OJzUVtx3SA1t4R7xefEYb173WGh8VXRIzbsgHQXX6gRyvpx+6FAFMT0vCmn+mVM
GvrobxjBq/1kLxilCEBxqn0s1TJZr5My5FgiGjg1/Fmv5hvIO3OQziEqVnHfhpLD
CZ2UdG5QKdHEUDjcH6ByGfO+du5SkTpN6Dnx+hzMDz4Ng5mo19BeFQK/QPjJmqXG
7DVVDBobL2pQwsCFcdPH930XIrcgxNbP8172i5hcHC1bmudVskaCUVtndwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWKbfwXGxOuT/l1U775b+iXLVx3MB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnlr2rdyp
wZzqLZvmS5Gs24ZhQOdCg00i2i4vmUJz+fhXa805LPSdw0cmoxvT9xlZQkwrzjUL
VeIgFYgE1rUOZXmrsNX9WPBn5Qhe3LnInclDZsOc3ffO7HEcqNxpz+Px76tZ6pEk
lOdsNdysmUMd0lYQJfIQ4W5Lba/RZfxUqP7eV7Znh1JOZUETzaB4KG7Jg42HCdE9
hNLWa1g/hpGLtEybTPhATCeSS6ymdpww+6JhgHUdZFjlNTQ7wo79GcvljFft4Ghp
VPTVuHdn/qk3hiYoxPRspvoguPVmEfyPrimTXj0nn4sUxqSWKY4JhqmAc8KthTdQ
kFt0KpEZyxx5Xg==
-----END CERTIFICATE-----