Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
File:                     CvFmObpIfvljxWzLMm8lCNGoPv0.mft (raw, json)
Hash identifier:          PefHH1SWgvvTuN4SCLPmto+f33DnC79XEf6bvNPB1Jk=
Subject key identifier:   84:F2:48:1D:6D:47:7F:67:48:38:BD:D0:BD:29:82:90:F1:54:D5:0B
Authority key identifier: 0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD
Certificate issuer:       /CN=0af16639ba487ef963c56ccb326f2508d1a83efd
Certificate serial:       019873E33E734848C3AB7CDC6EDFEA0BE57E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
Manifest number:          0906
Signing time:             Mon 04 Aug 2025 07:02:09 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:09 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:09 +0000
Files and hashes:         1: CvFmObpIfvljxWzLMm8lCNGoPv0.crl (hash: fMbqKOHQpJOXHDjnuWtcbNuWZ4gM2mpN/19ccLLMo9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:3e:73:48:48:c3:ab:7c:dc:6e:df:ea:0b:e5:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0af16639ba487ef963c56ccb326f2508d1a83efd
        Validity
            Not Before: Aug  4 07:02:09 2025 GMT
            Not After : Aug  5 07:02:09 2025 GMT
        Subject: CN=84f2481d6d477f674838bdd0bd298290f154d50b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f9:70:8f:84:7d:6f:9c:06:1b:e4:d8:2e:e2:
                    90:eb:08:a7:4f:27:9d:3f:a3:af:07:c2:a6:b9:63:
                    36:40:98:58:94:a2:c2:ac:51:86:90:dc:57:72:2c:
                    82:8d:3d:9d:ff:e2:ff:62:d7:c0:7d:c3:73:94:3e:
                    11:33:e2:b2:fb:27:ca:38:41:e4:d1:d9:66:d2:7d:
                    d3:9f:71:cc:a3:f9:90:a9:6c:62:ad:94:27:5b:73:
                    5f:a4:9c:1a:00:48:cf:31:a6:9b:32:19:49:99:a8:
                    c5:fe:f0:06:fd:64:03:14:c3:14:8b:98:72:97:a8:
                    aa:67:9a:f5:31:8a:63:66:36:eb:19:b7:62:80:28:
                    f1:23:5e:70:f6:fe:8c:bf:a6:b8:1a:69:74:fe:c4:
                    b1:e7:74:85:25:aa:c4:9f:ae:18:c1:60:23:c3:5f:
                    8d:6b:6e:71:f8:18:02:73:6f:4d:1e:46:ee:ef:95:
                    af:45:7d:32:1b:d9:30:9e:0c:b2:7d:50:6d:8d:25:
                    71:5b:09:3e:8b:06:fe:fe:9c:81:7e:0f:6c:97:0a:
                    90:e5:15:aa:d8:13:91:25:4d:42:cb:01:82:fb:76:
                    8c:7d:51:d3:d3:97:4b:31:7f:d6:66:5c:d4:d3:fe:
                    e4:68:06:2a:f4:f3:89:35:0a:21:bd:ff:00:ec:4f:
                    df:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F2:48:1D:6D:47:7F:67:48:38:BD:D0:BD:29:82:90:F1:54:D5:0B
            X509v3 Authority Key Identifier:
                keyid:0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:99:98:be:c8:61:d7:bd:37:5e:bc:0f:d2:d1:47:df:2e:95:
         35:84:22:f6:ea:37:29:87:26:23:b2:cc:34:5a:f8:cb:37:52:
         73:7f:e2:62:77:e7:59:fc:1b:56:df:fe:bf:53:54:a1:69:0e:
         a5:59:63:9d:32:a1:e3:99:00:d9:41:f5:f4:0a:2d:92:19:e3:
         ac:84:c3:82:04:c3:c1:d0:75:ad:fe:7f:3d:94:11:ac:e2:af:
         7e:c3:7a:08:d8:5d:90:f5:ca:d4:69:b4:fd:86:de:e8:7f:be:
         f9:10:dd:40:46:a1:cc:96:29:e4:30:b1:a2:c2:1e:e3:97:ff:
         f6:87:d8:ff:fc:b3:ac:a1:9c:0f:d3:73:a7:1d:54:0a:a1:79:
         70:1e:53:97:6f:24:a6:0e:03:9c:d4:6d:81:be:b2:ef:49:45:
         4b:cb:9b:dd:c7:b2:f3:7f:dc:4a:46:d9:ed:98:26:f7:b3:d5:
         b4:76:f1:f5:86:86:f5:ab:7d:3c:93:56:c4:de:08:d1:66:45:
         46:50:32:ae:73:51:57:3e:7f:c8:35:6b:f6:82:a1:1a:85:89:
         3d:22:07:fb:f6:80:d6:53:2f:f8:df:40:34:b7:4f:93:ca:64:
         81:73:85:8c:10:0e:5c:52:63:a3:19:9c:49:db:7b:90:dd:c6:
         97:a2:2a:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4z5zSEjDq3zcbt/qC+V+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjE2NjM5YmE0ODdlZjk2M2M1NmNjYjMyNmYyNTA4ZDFh
ODNlZmQwHhcNMjUwODA0MDcwMjA5WhcNMjUwODA1MDcwMjA5WjAzMTEwLwYDVQQD
Eyg4NGYyNDgxZDZkNDc3ZjY3NDgzOGJkZDBiZDI5ODI5MGYxNTRkNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vlwj4R9b5wGG+TYLuKQ6winTyed
P6OvB8KmuWM2QJhYlKLCrFGGkNxXciyCjT2d/+L/YtfAfcNzlD4RM+Ky+yfKOEHk
0dlm0n3Tn3HMo/mQqWxirZQnW3NfpJwaAEjPMaabMhlJmajF/vAG/WQDFMMUi5hy
l6iqZ5r1MYpjZjbrGbdigCjxI15w9v6Mv6a4Gml0/sSx53SFJarEn64YwWAjw1+N
a25x+BgCc29NHkbu75WvRX0yG9kwngyyfVBtjSVxWwk+iwb+/pyBfg9slwqQ5RWq
2BORJU1CywGC+3aMfVHT05dLMX/WZlzU0/7kaAYq9POJNQohvf8A7E/fIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITySB1tR39nSDi90L0pgpDxVNULMB8GA1UdIwQY
MBaAFArxZjm6SH75Y8VsyzJvJQjRqD79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1Mjkt
M2M2Mzc2NTE1MDdkLzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1MjktM2M2Mzc2NTE1MDdk
LzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpmYvshh
1703XrwP0tFH3y6VNYQi9uo3KYcmI7LMNFr4yzdSc3/iYnfnWfwbVt/+v1NUoWkO
pVljnTKh45kA2UH19AotkhnjrITDggTDwdB1rf5/PZQRrOKvfsN6CNhdkPXK1Gm0
/Ybe6H+++RDdQEahzJYp5DCxosIe45f/9ofY//yzrKGcD9Nzpx1UCqF5cB5Tl28k
pg4DnNRtgb6y70lFS8ub3cey83/cSkbZ7Zgm97PVtHbx9YaG9at9PJNWxN4I0WZF
RlAyrnNRVz5/yDVr9oKhGoWJPSIH+/aA1lMv+N9ANLdPk8pkgXOFjBAOXFJjoxmc
Sdt7kN3Gl6Iqkg==
-----END CERTIFICATE-----