Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
File:                     fPxZzhNuPpOobeVfBdSaWeFcu78.mft (raw, json)
Hash identifier:          nnjztbrFFgB2xaO25vi3AA6fcx/jG+G9O/HqypRUlfo=
Subject key identifier:   4B:5E:AD:57:87:F0:F9:1F:AB:03:C4:02:B9:10:F9:C7:47:FA:E7:E4
Authority key identifier: 7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF
Certificate issuer:       /CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
Certificate serial:       019895FFC8E0BBA667C5E12D5E8E832A5CFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
Manifest number:          09C5
Signing time:             Sun 10 Aug 2025 22:00:24 +0000
Manifest this update:     Sun 10 Aug 2025 22:00:24 +0000
Manifest next update:     Mon 11 Aug 2025 22:00:24 +0000
Files and hashes:         1: fPxZzhNuPpOobeVfBdSaWeFcu78.crl (hash: RXPQLfDhIC0usn3hyS+ZSVhcmvqv/vHu8Lj4htZH/Wc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:ff:c8:e0:bb:a6:67:c5:e1:2d:5e:8e:83:2a:5c:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
        Validity
            Not Before: Aug 10 22:00:24 2025 GMT
            Not After : Aug 11 22:00:24 2025 GMT
        Subject: CN=4b5ead5787f0f91fab03c402b910f9c747fae7e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:67:7c:89:aa:8b:f8:ae:39:41:6a:a0:43:02:
                    90:e0:fc:ca:24:a8:b6:a7:6c:d6:1c:f0:56:22:68:
                    9c:1f:69:1b:b9:35:a1:30:12:8f:71:ab:90:3a:ee:
                    2f:98:93:3d:08:e0:d6:a2:32:53:e8:72:dc:9b:ac:
                    0a:fd:ba:6c:c6:d9:cd:f1:6e:51:32:77:5f:86:c2:
                    e0:be:37:94:82:2c:b7:2a:02:60:26:44:7f:fc:8f:
                    66:7e:32:d6:ce:48:fc:73:b9:90:c6:93:97:d7:7f:
                    7d:1c:49:00:2d:c7:ad:c8:6c:a4:0b:50:06:3a:74:
                    46:40:8c:8b:d5:39:8e:29:01:ea:7f:b3:61:90:1e:
                    b3:6b:23:71:95:aa:5b:9f:73:2a:4c:33:2e:8a:cb:
                    5c:37:66:82:c4:cc:76:73:51:d1:59:39:5c:fd:16:
                    25:f9:9a:3a:a6:47:1a:ba:10:b3:c1:ad:dd:b2:da:
                    0d:05:50:5c:54:d4:97:84:16:42:ab:89:a7:e1:66:
                    ff:be:99:7d:43:fc:9d:c1:a2:ed:dc:a1:46:d1:dd:
                    dc:b2:6f:dd:eb:4b:16:7d:0d:c4:35:e2:7b:2b:95:
                    eb:34:52:20:0c:0e:fe:88:2d:1d:b8:0e:74:05:3f:
                    10:f0:3b:dc:79:db:ff:a1:a7:8f:fd:3d:f0:36:93:
                    df:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:5E:AD:57:87:F0:F9:1F:AB:03:C4:02:B9:10:F9:C7:47:FA:E7:E4
            X509v3 Authority Key Identifier:
                keyid:7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:6e:41:2b:b6:57:61:e9:9b:b0:04:28:6d:43:f9:c9:59:77:
         45:bf:58:75:5c:2d:a5:36:20:32:19:e4:44:f9:44:b2:32:47:
         55:f4:e3:bb:fb:87:4c:c5:b0:11:92:fb:65:5f:5f:b6:2d:0b:
         92:08:ef:1e:ff:4e:ec:7b:7f:51:b4:ae:83:85:38:81:63:17:
         88:8f:44:c1:8c:29:87:3a:05:85:2f:f4:59:2c:95:2a:93:1e:
         a7:a3:d9:d7:08:8b:e8:43:45:51:40:c6:98:a2:e4:bd:df:1a:
         72:c0:a4:aa:3f:6c:58:4c:77:53:eb:a8:f1:70:b3:46:3b:13:
         f1:ef:39:99:f7:df:91:4f:b7:c1:ca:eb:71:90:d0:4d:23:76:
         b0:ff:a0:96:2c:a8:79:32:fb:a8:39:c3:e9:a5:36:38:20:d6:
         22:69:a6:7c:36:33:9f:a8:16:90:91:f7:7c:71:6e:f7:70:d2:
         b5:6d:99:ec:52:45:ae:47:ea:da:68:df:8f:73:f6:c5:7e:e3:
         5f:ba:01:fa:db:df:9c:c4:e5:75:6f:28:76:30:89:df:29:d1:
         60:38:fa:ed:62:ca:5b:5b:93:21:df:ee:6c:b7:89:b5:d9:44:
         30:a1:2e:44:da:0f:c4:f7:26:38:de:ba:6c:47:d0:b2:80:48:
         fe:10:77:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiV/8jgu6ZnxeEtXo6DKlz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZmM1OWNlMTM2ZTNlOTNhODZkZTU1ZjA1ZDQ5YTU5ZTE1
Y2JiYmYwHhcNMjUwODEwMjIwMDI0WhcNMjUwODExMjIwMDI0WjAzMTEwLwYDVQQD
Eyg0YjVlYWQ1Nzg3ZjBmOTFmYWIwM2M0MDJiOTEwZjljNzQ3ZmFlN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWd8iaqL+K45QWqgQwKQ4PzKJKi2
p2zWHPBWImicH2kbuTWhMBKPcauQOu4vmJM9CODWojJT6HLcm6wK/bpsxtnN8W5R
MndfhsLgvjeUgiy3KgJgJkR//I9mfjLWzkj8c7mQxpOX1399HEkALcetyGykC1AG
OnRGQIyL1TmOKQHqf7NhkB6zayNxlapbn3MqTDMuistcN2aCxMx2c1HRWTlc/RYl
+Zo6pkcauhCzwa3dstoNBVBcVNSXhBZCq4mn4Wb/vpl9Q/ydwaLt3KFG0d3csm/d
60sWfQ3ENeJ7K5XrNFIgDA7+iC0duA50BT8Q8Dvcedv/oaeP/T3wNpPf5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEterVeH8PkfqwPEArkQ+cdH+ufkMB8GA1UdIwQY
MBaAFHz8Wc4Tbj6TqG3lXwXUmlnhXLu/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2Mt
ODA4OTVmODhmNWQ1LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2MtODA4OTVmODhmNWQ1
LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZW5BK7ZX
YembsAQobUP5yVl3Rb9YdVwtpTYgMhnkRPlEsjJHVfTju/uHTMWwEZL7ZV9fti0L
kgjvHv9O7Ht/UbSug4U4gWMXiI9EwYwphzoFhS/0WSyVKpMep6PZ1wiL6ENFUUDG
mKLkvd8acsCkqj9sWEx3U+uo8XCzRjsT8e85mfffkU+3wcrrcZDQTSN2sP+gliyo
eTL7qDnD6aU2OCDWImmmfDYzn6gWkJH3fHFu93DStW2Z7FJFrkfq2mjfj3P2xX7j
X7oB+tvfnMTldW8odjCJ3ynRYDj67WLKW1uTId/ubLeJtdlEMKEuRNoPxPcmON66
bEfQsoBI/hB3mA==
-----END CERTIFICATE-----