Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          rJcDaOgvlfbD7r2+d2pkjVHsOHJA2TxJ2fYhhkXPIps=
Subject key identifier:   70:4A:99:01:C1:92:45:B7:F2:DD:AC:A8:72:C8:A9:40:1A:81:46:10
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019896A6FD6A8E56794654E8612C26BC929B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          1624
Signing time:             Mon 11 Aug 2025 01:03:02 +0000
Manifest this update:     Mon 11 Aug 2025 01:03:02 +0000
Manifest next update:     Tue 12 Aug 2025 01:03:02 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: bY4OtMXRmuP+rVbdL78zytBF42cgtpfKP2J4zFRIKn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:03:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:fd:6a:8e:56:79:46:54:e8:61:2c:26:bc:92:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Aug 11 01:03:02 2025 GMT
            Not After : Aug 12 01:03:02 2025 GMT
        Subject: CN=704a9901c19245b7f2ddaca872c8a9401a814610
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:b0:7b:cf:59:98:0b:45:79:1e:06:a5:ca:03:
                    e5:b5:a7:a9:ee:39:84:99:7a:c4:b1:ec:4e:c8:58:
                    07:5f:ba:51:45:f3:e4:db:87:86:f4:c0:a4:b3:61:
                    15:ca:f7:03:cf:09:e2:44:41:af:da:06:30:c8:b9:
                    23:32:9d:aa:02:5a:6a:b7:5d:cd:89:91:54:b1:a3:
                    a4:6e:2f:5d:15:b2:93:35:df:a3:aa:da:87:bc:42:
                    2a:c0:21:da:e6:89:6d:9f:0f:90:81:56:d0:b4:9a:
                    62:e2:72:fb:7b:8b:14:d1:2d:de:fe:27:43:80:6d:
                    f9:db:f6:82:9c:2f:1c:a7:cd:43:8f:ed:58:00:31:
                    47:e6:ef:cb:f2:0d:ff:82:cf:eb:c7:14:11:96:3d:
                    dc:fb:ee:04:d5:1f:6f:46:1c:c7:5b:79:4a:59:94:
                    49:45:d3:a5:d3:9f:cb:f3:c8:af:1c:5e:c2:76:c6:
                    42:c8:fa:27:db:db:da:0e:b7:17:69:1a:de:1d:c0:
                    0a:aa:0f:ff:0e:8c:c4:ac:71:9b:fd:cf:84:3c:ed:
                    59:cc:63:bb:a5:e9:d3:cd:b6:61:73:68:45:2a:db:
                    98:9d:74:87:ae:41:52:77:0c:94:7f:4a:78:d7:e5:
                    65:c8:a5:e0:d1:72:b9:3d:87:13:2f:7d:b3:fa:e4:
                    4e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:4A:99:01:C1:92:45:B7:F2:DD:AC:A8:72:C8:A9:40:1A:81:46:10
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:ef:67:ea:4e:2a:dc:c3:e3:2a:d2:48:80:d7:6a:c4:92:c2:
         82:41:18:05:23:2d:d8:64:c5:b3:89:46:9d:b1:ec:6b:87:a8:
         d6:a4:5e:eb:70:71:c1:89:32:1b:55:36:8a:9f:d9:8d:7a:25:
         03:a9:82:f4:97:ed:60:71:fa:ee:cc:39:1b:c0:1b:b2:7f:06:
         ce:1c:22:34:56:e7:e5:b7:3a:f5:09:1e:8f:02:45:13:27:8e:
         04:9f:4e:de:bc:68:84:b2:62:c7:31:0f:a0:71:67:0c:6f:8c:
         65:21:6a:5b:9e:63:d8:1d:d5:20:10:df:82:21:59:3a:b7:7f:
         1b:77:a3:8d:fa:89:90:85:a2:17:36:bd:4e:de:b5:87:f1:15:
         6f:9c:f8:b0:fb:8e:de:99:a6:8b:a8:b1:39:73:51:a8:a6:90:
         df:43:f6:27:25:c0:e1:9a:bb:bc:0e:1d:20:f5:87:e8:8f:20:
         ea:e6:dd:f1:49:46:4a:24:bd:a6:1b:82:7e:92:d8:d4:ec:c5:
         74:8a:e3:ab:02:70:f9:9e:8e:95:00:65:3f:c3:10:af:d3:21:
         5d:1e:8d:18:7b:f6:70:c0:93:20:fa:45:4e:a1:93:ff:fd:77:
         48:bd:db:7b:4b:fe:4c:75:f6:fb:72:cb:f3:f5:2e:57:1d:5a:
         77:29:4f:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpv1qjlZ5RlToYSwmvJKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUwODExMDEwMzAyWhcNMjUwODEyMDEwMzAyWjAzMTEwLwYDVQQD
Eyg3MDRhOTkwMWMxOTI0NWI3ZjJkZGFjYTg3MmM4YTk0MDFhODE0NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bB7z1mYC0V5HgalygPltaep7jmE
mXrEsexOyFgHX7pRRfPk24eG9MCks2EVyvcDzwniREGv2gYwyLkjMp2qAlpqt13N
iZFUsaOkbi9dFbKTNd+jqtqHvEIqwCHa5oltnw+QgVbQtJpi4nL7e4sU0S3e/idD
gG352/aCnC8cp81Dj+1YADFH5u/L8g3/gs/rxxQRlj3c++4E1R9vRhzHW3lKWZRJ
RdOl05/L88ivHF7CdsZCyPon29vaDrcXaRreHcAKqg//DozErHGb/c+EPO1ZzGO7
penTzbZhc2hFKtuYnXSHrkFSdwyUf0p41+VlyKXg0XK5PYcTL32z+uROxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBKmQHBkkW38t2sqHLIqUAagUYQMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEe9n6k4q
3MPjKtJIgNdqxJLCgkEYBSMt2GTFs4lGnbHsa4eo1qRe63BxwYkyG1U2ip/ZjXol
A6mC9JftYHH67sw5G8Absn8GzhwiNFbn5bc69QkejwJFEyeOBJ9O3rxohLJixzEP
oHFnDG+MZSFqW55j2B3VIBDfgiFZOrd/G3ejjfqJkIWiFza9Tt61h/EVb5z4sPuO
3pmmi6ixOXNRqKaQ30P2JyXA4Zq7vA4dIPWH6I8g6ubd8UlGSiS9phuCfpLY1OzF
dIrjqwJw+Z6OlQBlP8MQr9MhXR6NGHv2cMCTIPpFTqGT//13SL3be0v+THX2+3LL
8/UuVx1adylP1Q==
-----END CERTIFICATE-----