Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          2HGMVwsE2m1y4yeRN8zJssg8AELw5KO62uUjsXXsSo4=
Subject key identifier:   61:FA:7C:B0:8F:74:81:6A:E5:63:88:96:6E:D8:62:3A:9B:47:45:B6
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019873E3D514E783202797051D309249FE85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          15A6
Signing time:             Mon 04 Aug 2025 07:02:47 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:47 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:47 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: bjHLsZvR+JcStUw2Z/nplpHk0m+ihGtrb9iRE1cLBk8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:d5:14:e7:83:20:27:97:05:1d:30:92:49:fe:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Aug  4 07:02:47 2025 GMT
            Not After : Aug  5 07:02:47 2025 GMT
        Subject: CN=61fa7cb08f74816ae56388966ed8623a9b4745b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8e:d2:54:a4:d6:1a:9e:63:f4:9c:70:2e:33:
                    e3:21:0a:6e:7e:74:d8:0a:1c:f3:48:73:5e:76:92:
                    ff:35:bb:d4:8c:35:09:f1:2a:f7:89:5e:7b:9a:4a:
                    cc:44:64:93:4e:b1:81:71:8a:37:36:9f:f7:48:40:
                    31:1a:59:42:61:df:1d:30:ac:7a:5e:17:f0:8c:88:
                    4b:33:c4:0e:d6:6f:15:4e:f1:ad:4c:a3:fd:dd:d7:
                    ec:bf:19:1e:25:32:da:e6:f0:73:1f:46:b4:d2:95:
                    f3:16:89:5b:cb:ef:2d:48:b9:c4:84:57:2d:f5:51:
                    06:3f:0b:77:9f:4e:67:64:88:bb:2b:2d:f5:98:3f:
                    b2:d9:59:4f:61:c6:00:03:2e:2e:9c:e6:c4:cc:0c:
                    20:53:2f:60:e1:3a:af:b8:0c:04:53:7c:e3:58:1c:
                    a6:d6:1f:4f:af:00:e4:14:02:b9:5d:89:20:62:03:
                    50:f3:59:8c:6e:c4:a9:c5:e5:ab:74:a7:4a:d1:49:
                    79:c3:86:21:cf:d7:14:06:e0:b6:79:2b:2a:71:4b:
                    50:0b:b6:9c:ba:f8:33:f0:4f:e9:23:0f:03:68:2c:
                    96:73:da:3a:a0:6c:7c:b7:b8:7e:af:81:80:69:4f:
                    04:c1:88:86:8c:d7:b9:d8:67:9b:ac:34:1d:86:4d:
                    30:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FA:7C:B0:8F:74:81:6A:E5:63:88:96:6E:D8:62:3A:9B:47:45:B6
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:3e:1d:e9:a3:b8:79:e7:ca:38:3d:d8:86:32:3b:d1:2b:a4:
         90:c7:a0:8b:ec:96:5b:c1:e8:14:9a:4a:d1:83:20:5f:25:85:
         07:4c:f5:33:3b:34:29:06:a3:62:49:67:9b:f8:9e:11:53:c6:
         11:68:43:5d:2f:55:a3:68:5a:ed:73:38:72:18:d7:91:98:40:
         4c:e7:be:6c:4e:8a:81:94:68:1d:c5:17:de:44:24:ae:83:9c:
         94:a9:15:11:db:13:99:b7:ff:16:e0:76:c0:99:44:c3:6b:0c:
         0e:2e:d5:83:c1:91:90:4c:ad:a6:e1:43:5f:cd:c9:52:78:a8:
         6e:ca:1c:e1:2d:8c:5b:17:1e:cf:64:92:70:39:d0:4f:35:7a:
         4e:65:48:f9:e1:2a:62:35:f5:c9:ae:56:62:70:09:18:84:02:
         e6:88:3c:06:a9:da:f2:3b:df:f4:7f:0f:18:72:56:d0:a4:dc:
         ba:20:bb:e5:7f:a1:ac:bb:be:99:0a:34:03:e8:13:40:43:b3:
         de:39:97:0c:74:b5:df:f1:49:97:6b:ed:d4:32:55:8e:82:82:
         cd:61:30:02:66:f3:6d:ed:8e:aa:96:39:3d:73:e7:f5:b6:2b:
         4e:13:ec:a5:d0:ed:49:c6:eb:8a:ae:ff:8e:22:23:37:76:e5:
         70:a9:21:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz49UU54MgJ5cFHTCSSf6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwODA0MDcwMjQ3WhcNMjUwODA1MDcwMjQ3WjAzMTEwLwYDVQQD
Eyg2MWZhN2NiMDhmNzQ4MTZhZTU2Mzg4OTY2ZWQ4NjIzYTliNDc0NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn47SVKTWGp5j9JxwLjPjIQpufnTY
ChzzSHNedpL/NbvUjDUJ8Sr3iV57mkrMRGSTTrGBcYo3Np/3SEAxGllCYd8dMKx6
XhfwjIhLM8QO1m8VTvGtTKP93dfsvxkeJTLa5vBzH0a00pXzFolby+8tSLnEhFct
9VEGPwt3n05nZIi7Ky31mD+y2VlPYcYAAy4unObEzAwgUy9g4TqvuAwEU3zjWBym
1h9PrwDkFAK5XYkgYgNQ81mMbsSpxeWrdKdK0Ul5w4Yhz9cUBuC2eSsqcUtQC7ac
uvgz8E/pIw8DaCyWc9o6oGx8t7h+r4GAaU8EwYiGjNe52GebrDQdhk0wvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGH6fLCPdIFq5WOIlm7YYjqbR0W2MB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIT4d6aO4
eefKOD3YhjI70SukkMegi+yWW8HoFJpK0YMgXyWFB0z1Mzs0KQajYklnm/ieEVPG
EWhDXS9Vo2ha7XM4chjXkZhATOe+bE6KgZRoHcUX3kQkroOclKkVEdsTmbf/FuB2
wJlEw2sMDi7Vg8GRkEytpuFDX83JUniobsoc4S2MWxcez2SScDnQTzV6TmVI+eEq
YjX1ya5WYnAJGIQC5og8Bqna8jvf9H8PGHJW0KTcuiC75X+hrLu+mQo0A+gTQEOz
3jmXDHS13/FJl2vt1DJVjoKCzWEwAmbzbe2OqpY5PXPn9bYrThPspdDtScbriq7/
jiIjN3blcKkhPA==
-----END CERTIFICATE-----