Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File:                     clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier:          RL05wSSOu5cbYWRwQTCMkKyJlqKNuwPEOEHmggx9Tjw=
Subject key identifier:   EF:6D:9E:78:91:85:90:91:C0:73:92:39:52:15:04:68:7E:32:20:E2
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer:       /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial:       019874502014FE1428D831C0658E1558565E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number:          08EF
Signing time:             Mon 04 Aug 2025 09:01:04 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:04 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:04 +0000
Files and hashes:         1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: 0yeEUFuVyVS727K77m4qSnK9xLQ+srlDkL88EjsXliw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:20:14:fe:14:28:d8:31:c0:65:8e:15:58:56:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
        Validity
            Not Before: Aug  4 09:01:04 2025 GMT
            Not After : Aug  5 09:01:04 2025 GMT
        Subject: CN=ef6d9e7891859091c0739239521504687e3220e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:46:c6:40:4a:f3:a1:9f:b1:95:61:e1:0b:
                    c4:e4:91:86:3a:87:17:d7:e1:43:a6:7f:68:3d:ae:
                    8e:72:23:66:b0:b0:3e:d7:8e:93:54:6d:a1:66:76:
                    ad:38:b8:3e:f8:8c:39:b7:ff:c7:e3:21:74:a2:92:
                    ab:a0:9c:3f:c1:91:c6:04:d4:50:f0:ba:54:33:bb:
                    79:63:13:e0:74:4e:58:4a:59:42:59:7a:1a:2f:16:
                    04:66:b3:87:18:02:d0:da:26:41:b6:bd:a2:d7:9d:
                    0e:01:41:89:b4:5f:ab:af:e9:12:b8:cc:11:ad:81:
                    e4:59:bf:28:b0:92:55:aa:f6:f3:f8:2e:70:30:a7:
                    bb:9d:96:3e:58:00:e7:e7:30:96:27:02:35:0f:77:
                    a2:65:6e:fb:82:42:ab:5b:d2:1b:b6:31:88:79:7b:
                    c3:7b:9a:66:c8:11:bc:38:7a:53:0a:31:6a:42:e7:
                    75:14:b4:5d:05:67:c3:de:7f:b2:25:6e:74:5f:dd:
                    6b:64:e4:a2:15:30:95:31:ea:98:33:5f:35:62:91:
                    36:f1:ec:6c:10:98:e1:d6:6e:3f:70:05:23:88:2f:
                    0a:5b:0c:42:6a:d7:1a:c0:01:f0:c7:fe:05:1a:66:
                    fa:85:3f:5f:d7:bb:b2:1b:96:07:73:9b:82:c8:1e:
                    f2:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:6D:9E:78:91:85:90:91:C0:73:92:39:52:15:04:68:7E:32:20:E2
            X509v3 Authority Key Identifier:
                keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:34:e9:09:36:31:65:68:26:34:03:35:36:be:74:54:c1:f1:
         c9:de:a1:00:27:1b:de:c8:15:a2:d3:99:84:59:33:70:26:80:
         90:1a:bb:24:2e:1c:3e:b6:8f:aa:fc:11:a1:c9:9b:64:b1:45:
         92:c4:d4:55:f6:e0:bb:85:b8:03:ac:3e:e0:23:56:26:9a:f4:
         0e:02:94:3a:96:aa:02:b9:bd:c8:58:0e:e6:22:88:95:4a:a2:
         aa:dc:fb:5c:97:7a:26:b8:a4:cc:20:14:9e:f1:91:0d:bf:74:
         b5:4d:20:18:3f:81:d7:ee:30:b8:cf:e1:6a:fa:49:b8:44:40:
         a7:d6:11:14:41:2c:bb:32:05:ba:58:79:81:42:87:9a:b0:1a:
         bf:5e:5b:84:97:68:d8:32:a0:59:03:33:d2:77:77:e2:3f:b9:
         d3:48:5a:33:f8:6e:82:4a:70:7e:be:82:0c:9e:cb:12:66:60:
         93:4d:0a:22:52:b0:c2:dc:dc:b5:0c:d6:96:44:d0:9d:da:4d:
         1c:0f:02:e5:44:c1:33:83:a0:7e:80:43:09:da:1b:c5:98:67:
         bd:3e:69:90:d0:54:18:08:50:31:8b:ee:77:29:c7:85:24:75:
         6f:3e:62:7a:e5:b8:89:48:7f:57:f1:68:64:ce:4b:cd:cf:5b:
         cf:a6:c9:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UCAU/hQo2DHAZY4VWFZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjUwODA0MDkwMTA0WhcNMjUwODA1MDkwMTA0WjAzMTEwLwYDVQQD
EyhlZjZkOWU3ODkxODU5MDkxYzA3MzkyMzk1MjE1MDQ2ODdlMzIyMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRGxkBK86GfsZVh4QvE5JGGOocX
1+FDpn9oPa6OciNmsLA+146TVG2hZnatOLg++Iw5t//H4yF0opKroJw/wZHGBNRQ
8LpUM7t5YxPgdE5YSllCWXoaLxYEZrOHGALQ2iZBtr2i150OAUGJtF+rr+kSuMwR
rYHkWb8osJJVqvbz+C5wMKe7nZY+WADn5zCWJwI1D3eiZW77gkKrW9IbtjGIeXvD
e5pmyBG8OHpTCjFqQud1FLRdBWfD3n+yJW50X91rZOSiFTCVMeqYM181YpE28exs
EJjh1m4/cAUjiC8KWwxCatcawAHwx/4FGmb6hT9f17uyG5YHc5uCyB7y5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9tnniRhZCRwHOSOVIVBGh+MiDiMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArjTpCTYx
ZWgmNAM1Nr50VMHxyd6hACcb3sgVotOZhFkzcCaAkBq7JC4cPraPqvwRocmbZLFF
ksTUVfbgu4W4A6w+4CNWJpr0DgKUOpaqArm9yFgO5iKIlUqiqtz7XJd6JrikzCAU
nvGRDb90tU0gGD+B1+4wuM/havpJuERAp9YRFEEsuzIFulh5gUKHmrAav15bhJdo
2DKgWQMz0nd34j+500haM/hugkpwfr6CDJ7LEmZgk00KIlKwwtzctQzWlkTQndpN
HA8C5UTBM4OgfoBDCdobxZhnvT5pkNBUGAhQMYvudynHhSR1bz5ieuW4iUh/V/Fo
ZM5Lzc9bz6bJ3A==
-----END CERTIFICATE-----