Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          yaOOKqT/Z6Wq6nmPzR268KmgWsGYSXK22zvz980XcJM=
Subject key identifier:   4A:8A:30:E3:97:CC:FB:86:9B:94:90:5D:6A:76:B8:38:95:B1:4E:BE
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       01988EEB6B5BA4EFDA3F96F647647F1E4D30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          02C7
Signing time:             Sat 09 Aug 2025 13:00:49 +0000
Manifest this update:     Sat 09 Aug 2025 13:00:49 +0000
Manifest next update:     Sun 10 Aug 2025 13:00:49 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: CxZ35wQMtIV3GuDzhvU8E0r3SgX3NWTbK2U3MV1VO0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:eb:6b:5b:a4:ef:da:3f:96:f6:47:64:7f:1e:4d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: Aug  9 13:00:49 2025 GMT
            Not After : Aug 10 13:00:49 2025 GMT
        Subject: CN=4a8a30e397ccfb869b94905d6a76b83895b14ebe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fa:0b:ee:91:67:b8:b0:8d:5e:ed:b3:2e:b6:
                    c2:9d:6b:73:68:2f:23:36:65:1b:d5:e5:df:dc:0c:
                    82:d3:24:4a:60:6b:8a:fe:4e:5b:e7:37:26:50:6c:
                    bb:81:2c:77:93:85:72:78:f4:64:3f:71:3c:cf:c7:
                    ed:08:70:83:e5:16:88:c7:20:18:84:22:5f:8f:68:
                    f6:6e:66:37:6c:48:ec:91:9b:7c:40:88:70:13:66:
                    f0:4e:cf:38:e1:9d:bb:c1:e8:bf:66:7f:b2:6b:44:
                    39:4c:92:c3:3a:ba:26:f7:65:cf:57:b7:e5:f5:90:
                    5e:bc:7e:76:ba:53:66:e6:37:81:6c:7b:fb:4c:8c:
                    d1:b4:e2:2d:af:49:2d:61:a6:a0:ee:1d:76:8f:82:
                    ee:9e:c1:a8:a3:d8:ff:58:8b:3f:26:c2:07:5f:04:
                    6c:0f:cd:26:80:93:9a:cb:c0:e4:0a:ee:83:fb:05:
                    55:6a:b4:dc:4a:0f:04:7b:a4:d4:4c:0d:8a:c4:14:
                    fc:58:4b:ed:dc:b4:d8:91:f1:dc:d4:60:d3:01:13:
                    fd:a5:ad:45:62:80:9f:c1:40:fb:57:10:4e:28:75:
                    e0:75:d3:8d:3d:71:89:45:ac:ee:16:56:2b:c6:ab:
                    ce:e9:22:7b:ff:0d:67:ae:2f:dd:3a:a9:61:a7:43:
                    e0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:8A:30:E3:97:CC:FB:86:9B:94:90:5D:6A:76:B8:38:95:B1:4E:BE
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ba:7d:55:5e:e4:43:81:d8:2d:29:99:a4:ba:de:5c:4f:d4:
         62:22:5a:05:f2:70:92:e2:cc:c5:e6:38:a9:68:90:fb:37:93:
         ab:09:ee:f7:60:45:2b:9d:5e:8d:07:05:de:e7:ed:27:43:9c:
         86:ba:6f:29:23:01:b7:34:fc:1a:d8:ce:9b:0d:2c:01:6e:df:
         ef:5f:55:48:88:3d:a5:73:87:fb:c8:b6:08:ae:82:25:35:c2:
         7b:10:ba:39:3c:f0:5a:f5:8d:6c:65:28:53:c1:d8:67:09:fd:
         d3:ce:54:ad:de:bc:40:43:60:a0:47:7f:71:b1:b4:e4:4e:a5:
         7f:ff:45:39:e9:2f:38:ea:89:6c:46:27:76:57:51:03:7f:8c:
         47:ce:47:9e:94:6b:f0:17:3b:8e:76:86:93:2d:2d:64:0c:44:
         e6:94:bc:c6:c3:2e:ef:e3:16:3b:0e:e5:af:53:da:9e:f1:82:
         79:2c:72:0f:7d:78:8e:63:bc:d1:18:5e:54:4d:13:6d:0a:cf:
         8d:67:62:69:8f:34:fc:41:f0:e4:62:66:fa:f4:c8:bc:46:67:
         d3:ef:cf:ea:50:a4:77:2a:57:5f:02:73:0d:2d:ff:4f:04:32:
         30:f9:56:14:b7:6b:ec:ee:fb:5a:a1:04:b6:eb:90:7a:b3:17:
         a6:2a:17:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO62tbpO/aP5b2R2R/Hk0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjUwODA5MTMwMDQ5WhcNMjUwODEwMTMwMDQ5WjAzMTEwLwYDVQQD
Eyg0YThhMzBlMzk3Y2NmYjg2OWI5NDkwNWQ2YTc2YjgzODk1YjE0ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfoL7pFnuLCNXu2zLrbCnWtzaC8j
NmUb1eXf3AyC0yRKYGuK/k5b5zcmUGy7gSx3k4VyePRkP3E8z8ftCHCD5RaIxyAY
hCJfj2j2bmY3bEjskZt8QIhwE2bwTs844Z27wei/Zn+ya0Q5TJLDOrom92XPV7fl
9ZBevH52ulNm5jeBbHv7TIzRtOItr0ktYaag7h12j4LunsGoo9j/WIs/JsIHXwRs
D80mgJOay8DkCu6D+wVVarTcSg8Ee6TUTA2KxBT8WEvt3LTYkfHc1GDTARP9pa1F
YoCfwUD7VxBOKHXgddONPXGJRazuFlYrxqvO6SJ7/w1nri/dOqlhp0PgWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqKMOOXzPuGm5SQXWp2uDiVsU6+MB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc7p9VV7k
Q4HYLSmZpLreXE/UYiJaBfJwkuLMxeY4qWiQ+zeTqwnu92BFK51ejQcF3uftJ0Oc
hrpvKSMBtzT8GtjOmw0sAW7f719VSIg9pXOH+8i2CK6CJTXCexC6OTzwWvWNbGUo
U8HYZwn9085Urd68QENgoEd/cbG05E6lf/9FOekvOOqJbEYndldRA3+MR85HnpRr
8Bc7jnaGky0tZAxE5pS8xsMu7+MWOw7lr1PanvGCeSxyD314jmO80RheVE0TbQrP
jWdiaY80/EHw5GJm+vTIvEZn0+/P6lCkdypXXwJzDS3/TwQyMPlWFLdr7O77WqEE
tuuQerMXpioXgQ==
-----END CERTIFICATE-----