Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          bwCfBYnF3lmvzxKxC9xKMZ/BT7tqrabvzqa9ryz5AaU=
Subject key identifier:   E7:C5:87:C8:E2:39:0E:BA:1B:68:27:1F:4E:9C:46:BE:24:A4:B4:EA
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       01989600B2366DB183A0FF405F815645685F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          071D
Signing time:             Sun 10 Aug 2025 22:01:24 +0000
Manifest this update:     Sun 10 Aug 2025 22:01:24 +0000
Manifest next update:     Mon 11 Aug 2025 22:01:24 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: WYXK9Nw5zv+OSesyhvXAD4kDDpzUY9oLh264CbRn8x4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:00:b2:36:6d:b1:83:a0:ff:40:5f:81:56:45:68:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Aug 10 22:01:24 2025 GMT
            Not After : Aug 11 22:01:24 2025 GMT
        Subject: CN=e7c587c8e2390eba1b68271f4e9c46be24a4b4ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:35:8a:c7:47:9b:73:91:f6:4a:83:0b:0a:6b:
                    52:9f:9d:bf:fb:91:48:a7:fd:98:23:c3:79:c3:50:
                    b9:20:54:72:e2:2d:38:71:61:2a:0b:ed:40:85:91:
                    b0:a5:70:d2:91:89:0c:f1:f7:89:ee:8d:19:0a:92:
                    74:4f:4d:1b:61:d2:82:86:b5:9c:48:03:e8:ab:1c:
                    8f:70:0a:bb:8f:f7:0b:8c:49:7c:04:bc:8b:bc:31:
                    fc:b7:fa:de:b9:df:4f:84:78:de:8c:38:fb:e3:97:
                    79:0b:f3:ad:eb:3b:97:7b:44:7f:33:77:a9:4a:7f:
                    d0:a3:8a:8b:2c:dc:7c:14:6c:95:47:8a:22:39:75:
                    d0:d0:16:24:f0:93:06:0d:9c:c0:d7:95:7f:a4:f4:
                    7e:ae:40:32:ac:82:d2:97:a7:c7:79:14:4c:6d:51:
                    db:ee:c7:e7:19:09:2a:58:d1:1d:3f:0d:99:96:3e:
                    8f:03:b8:db:03:94:65:70:89:e8:50:ee:f6:36:63:
                    c5:48:a4:1b:3f:9b:19:39:e0:2a:b1:88:f1:f9:a4:
                    9f:2f:20:8b:e9:4d:b1:cc:43:27:4b:b1:3d:0f:6b:
                    cc:38:8d:eb:4e:47:ff:70:d2:db:6f:ea:69:2c:2b:
                    fd:97:63:de:f0:4d:d0:85:38:14:ef:37:cb:fb:af:
                    3e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:C5:87:C8:E2:39:0E:BA:1B:68:27:1F:4E:9C:46:BE:24:A4:B4:EA
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:ab:8d:ec:87:56:d8:20:94:90:82:41:ae:89:e3:4d:2f:c6:
         6a:f7:7d:8a:2f:2d:d3:cf:78:6b:b0:a0:2c:3a:a4:f6:fd:23:
         dc:da:16:9f:fa:86:d1:a6:8c:88:75:03:6f:b8:a4:84:36:37:
         2d:02:12:65:13:a4:a6:40:46:d8:be:54:8f:fc:26:d1:29:2b:
         c9:7d:11:cb:b9:b4:e5:f6:2a:0b:cd:6a:5e:b8:df:7f:1e:83:
         cc:6a:b2:20:91:d3:33:13:2f:3d:d3:c4:a5:83:8f:1a:ea:67:
         44:cb:37:85:69:50:e5:05:0b:9a:50:4b:88:4b:c4:ff:ce:e4:
         18:de:ba:34:a8:d1:1c:e9:89:2b:4e:cb:62:39:ab:ab:b4:b2:
         d9:99:7e:04:a3:8a:2d:10:7b:5c:56:36:9b:52:b8:fc:00:bc:
         a4:33:22:2f:0a:69:5f:1f:f7:a1:39:d5:19:81:41:9a:f3:64:
         9c:45:b0:e7:d9:c1:21:2b:0f:a0:14:11:36:e1:37:e4:ef:f6:
         ca:22:74:2d:cf:36:4d:72:10:c9:20:39:5a:5b:b9:0d:13:02:
         74:e5:a5:10:1d:55:73:ba:e8:59:86:75:1b:1f:dc:d8:20:bd:
         b0:c8:64:47:1b:56:43:e2:87:6d:8f:50:1f:cc:47:02:43:68:
         a8:7f:bb:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWALI2bbGDoP9AX4FWRWhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUwODEwMjIwMTI0WhcNMjUwODExMjIwMTI0WjAzMTEwLwYDVQQD
EyhlN2M1ODdjOGUyMzkwZWJhMWI2ODI3MWY0ZTljNDZiZTI0YTRiNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjWKx0ebc5H2SoMLCmtSn52/+5FI
p/2YI8N5w1C5IFRy4i04cWEqC+1AhZGwpXDSkYkM8feJ7o0ZCpJ0T00bYdKChrWc
SAPoqxyPcAq7j/cLjEl8BLyLvDH8t/reud9PhHjejDj745d5C/Ot6zuXe0R/M3ep
Sn/Qo4qLLNx8FGyVR4oiOXXQ0BYk8JMGDZzA15V/pPR+rkAyrILSl6fHeRRMbVHb
7sfnGQkqWNEdPw2Zlj6PA7jbA5RlcInoUO72NmPFSKQbP5sZOeAqsYjx+aSfLyCL
6U2xzEMnS7E9D2vMOI3rTkf/cNLbb+ppLCv9l2Pe8E3QhTgU7zfL+68+GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfFh8jiOQ66G2gnH06cRr4kpLTqMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6uN7IdW
2CCUkIJBronjTS/Gavd9ii8t0894a7CgLDqk9v0j3NoWn/qG0aaMiHUDb7ikhDY3
LQISZROkpkBG2L5Uj/wm0SkryX0Ry7m05fYqC81qXrjffx6DzGqyIJHTMxMvPdPE
pYOPGupnRMs3hWlQ5QULmlBLiEvE/87kGN66NKjRHOmJK07LYjmrq7Sy2Zl+BKOK
LRB7XFY2m1K4/AC8pDMiLwppXx/3oTnVGYFBmvNknEWw59nBISsPoBQRNuE35O/2
yiJ0Lc82TXIQySA5Wlu5DRMCdOWlEB1Vc7roWYZ1Gx/c2CC9sMhkRxtWQ+KHbY9Q
H8xHAkNoqH+7gA==
-----END CERTIFICATE-----