Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
File:                     nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft (raw, json)
Hash identifier:          HRlzirp7Xjm0jpCSjFcwWwQLdMzyYEjHOrAaBOAH4v0=
Subject key identifier:   F4:78:1D:89:45:88:EF:22:F4:DB:61:F9:05:0D:DB:D5:BA:5A:D3:8E
Authority key identifier: 9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9
Certificate issuer:       /CN=9ce894f1d7731e9961719be1ed998468fcbabea9
Certificate serial:       01987CE57F32C54849CFC4860197B78B6B5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
Manifest number:          1602
Signing time:             Wed 06 Aug 2025 01:01:11 +0000
Manifest this update:     Wed 06 Aug 2025 01:01:11 +0000
Manifest next update:     Thu 07 Aug 2025 01:01:11 +0000
Files and hashes:         1: nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl (hash: Q1W2OcveKz7C+2IVQcpdieLhknDrwwJBXnjuOrMNSxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:e5:7f:32:c5:48:49:cf:c4:86:01:97:b7:8b:6b:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce894f1d7731e9961719be1ed998468fcbabea9
        Validity
            Not Before: Aug  6 01:01:11 2025 GMT
            Not After : Aug  7 01:01:11 2025 GMT
        Subject: CN=f4781d894588ef22f4db61f9050ddbd5ba5ad38e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:19:b8:c8:5a:1a:72:29:2c:83:d9:35:40:e1:
                    c6:a7:80:22:c1:1f:50:2d:b2:90:24:a2:db:9a:91:
                    97:8c:00:f6:83:51:02:92:6b:a1:f1:b7:b0:3f:dc:
                    73:21:88:af:3e:44:aa:d7:56:05:85:af:17:41:04:
                    ba:2f:b9:08:de:59:e4:04:66:1d:46:6b:34:2d:4f:
                    f6:39:4d:f2:3f:45:54:f9:fa:52:ba:46:41:15:7b:
                    88:c6:fd:69:b9:9a:b3:97:df:29:d3:ff:ae:d9:61:
                    c1:a7:b0:02:60:e6:61:09:de:1b:69:c9:8e:76:3f:
                    f8:35:c2:99:90:6d:18:20:33:fe:9f:af:a4:63:23:
                    98:35:40:41:fc:ff:b5:d1:70:83:95:6d:2f:dc:a1:
                    02:0d:da:4c:ad:3f:96:83:da:dd:19:04:8b:71:6e:
                    9b:16:df:ac:3a:d4:f0:e5:a4:25:3e:55:30:f4:01:
                    ff:a0:8e:25:7c:e4:29:03:a7:d3:a3:4d:25:02:e5:
                    01:cd:49:77:51:85:ce:9b:7d:d0:d5:a2:93:83:d1:
                    1f:6a:3e:ec:3c:d6:6f:42:88:51:19:0a:ce:21:1d:
                    29:34:c0:65:b6:61:43:62:07:16:28:e2:f8:13:13:
                    61:4a:ec:77:ed:87:47:d6:93:8f:4f:78:62:d7:17:
                    ba:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:78:1D:89:45:88:EF:22:F4:DB:61:F9:05:0D:DB:D5:BA:5A:D3:8E
            X509v3 Authority Key Identifier:
                keyid:9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:de:ca:30:c7:5f:55:97:0b:9d:a5:4e:01:2b:96:6d:d3:3d:
         85:4a:19:ba:ab:4b:4b:93:66:9c:0f:1b:62:18:fb:c9:cd:d8:
         4f:c0:0b:f3:fa:ba:86:46:9a:88:c1:40:c9:0f:b4:d2:e1:5a:
         f3:b0:3a:91:20:e3:4d:f2:09:66:db:b5:18:89:ed:7f:c5:84:
         ab:90:05:60:47:32:ea:f9:c2:aa:ba:b6:dc:26:ea:0a:65:6d:
         39:1e:32:f4:30:b3:2d:f6:fb:d0:1f:21:ec:14:22:51:cc:1e:
         d8:c6:47:d0:c3:f3:37:be:a6:e9:37:02:d0:e6:84:0d:f4:50:
         a4:13:9e:d7:48:04:5f:d8:ec:f4:af:a2:3a:68:48:f1:5c:e2:
         92:c8:bb:fd:c5:41:5e:c7:00:3a:0b:90:b9:34:c0:ac:30:0a:
         41:e0:95:a2:73:af:79:50:44:99:83:de:63:23:e3:8a:64:0c:
         5b:2b:c6:7d:20:0f:06:c8:e9:37:1d:39:7b:54:0d:b9:91:be:
         28:27:b2:a9:4a:80:43:75:bc:cf:b2:00:01:3a:4d:1f:b8:55:
         0c:a6:80:f4:66:b3:4f:cf:ac:ca:84:d3:14:66:5f:30:af:b8:
         2d:29:18:1c:3d:e4:7d:20:29:2f:5f:43:96:aa:92:f2:e9:e0:
         84:c2:d3:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh85X8yxUhJz8SGAZe3i2teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTg5NGYxZDc3MzFlOTk2MTcxOWJlMWVkOTk4NDY4ZmNi
YWJlYTkwHhcNMjUwODA2MDEwMTExWhcNMjUwODA3MDEwMTExWjAzMTEwLwYDVQQD
EyhmNDc4MWQ4OTQ1ODhlZjIyZjRkYjYxZjkwNTBkZGJkNWJhNWFkMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhm4yFoaciksg9k1QOHGp4AiwR9Q
LbKQJKLbmpGXjAD2g1ECkmuh8bewP9xzIYivPkSq11YFha8XQQS6L7kI3lnkBGYd
Rms0LU/2OU3yP0VU+fpSukZBFXuIxv1puZqzl98p0/+u2WHBp7ACYOZhCd4bacmO
dj/4NcKZkG0YIDP+n6+kYyOYNUBB/P+10XCDlW0v3KECDdpMrT+Wg9rdGQSLcW6b
Ft+sOtTw5aQlPlUw9AH/oI4lfOQpA6fTo00lAuUBzUl3UYXOm33Q1aKTg9Efaj7s
PNZvQohRGQrOIR0pNMBltmFDYgcWKOL4ExNhSux37YdH1pOPT3hi1xe6MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPR4HYlFiO8i9Nth+QUN29W6WtOOMB8GA1UdIwQY
MBaAFJzolPHXcx6ZYXGb4e2ZhGj8ur6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQt
ZGM3ZjBjMDk0YjM5LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQtZGM3ZjBjMDk0YjM5
LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXN7KMMdf
VZcLnaVOASuWbdM9hUoZuqtLS5NmnA8bYhj7yc3YT8AL8/q6hkaaiMFAyQ+00uFa
87A6kSDjTfIJZtu1GIntf8WEq5AFYEcy6vnCqrq23CbqCmVtOR4y9DCzLfb70B8h
7BQiUcwe2MZH0MPzN76m6TcC0OaEDfRQpBOe10gEX9js9K+iOmhI8Vziksi7/cVB
XscAOguQuTTArDAKQeCVonOveVBEmYPeYyPjimQMWyvGfSAPBsjpNx05e1QNuZG+
KCeyqUqAQ3W8z7IAATpNH7hVDKaA9GazT8+syoTTFGZfMK+4LSkYHD3kfSApL19D
lqqS8unghMLTpg==
-----END CERTIFICATE-----