Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          Kz86XU3Cfq5r5W+8RHW28HMPHcHmIuuM6vOzE3w+47I=
Subject key identifier:   7B:CD:27:01:4C:1A:9B:F6:0C:FB:1C:63:49:F5:29:1F:24:1B:57:75
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       01989D15642D6454DF4482E599F3FC90B37A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          03D6
Signing time:             Tue 12 Aug 2025 07:01:21 +0000
Manifest this update:     Tue 12 Aug 2025 07:01:21 +0000
Manifest next update:     Wed 13 Aug 2025 07:01:21 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: gd/LQtSX7RETOOZ+5f3HCYN/HK7hJm3w4sMmtwQrg2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:15:64:2d:64:54:df:44:82:e5:99:f3:fc:90:b3:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Aug 12 07:01:21 2025 GMT
            Not After : Aug 13 07:01:21 2025 GMT
        Subject: CN=7bcd27014c1a9bf60cfb1c6349f5291f241b5775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:40:7e:b7:4e:6e:8f:ff:42:94:f6:b5:77:30:
                    b9:af:79:8a:2e:8d:fb:9e:a4:8b:b2:62:d1:68:39:
                    db:3b:31:b2:80:2c:85:3f:4b:65:55:69:b1:83:b9:
                    e3:e7:49:28:1d:86:f9:4c:61:a1:33:08:b4:94:d2:
                    1c:5f:1e:e4:41:7e:b3:24:6c:26:96:c1:06:67:68:
                    a0:23:6a:33:60:d4:4b:7b:10:79:af:e6:9d:e0:13:
                    7a:52:87:a4:b3:71:aa:16:d5:a4:b3:34:55:34:f9:
                    7c:fa:1a:3f:93:ed:d9:1c:92:0f:a0:ec:5b:4f:b7:
                    ab:34:6a:2d:a0:02:da:d2:80:95:21:72:18:96:6f:
                    64:47:4b:2f:31:75:ad:f1:60:0f:49:58:bb:10:52:
                    16:7a:dc:6a:d3:23:6a:2a:bf:94:76:97:c4:90:02:
                    71:2d:6f:17:57:f3:1f:be:0b:00:c2:9a:3c:30:d9:
                    d1:d3:15:28:21:5d:dc:49:bf:ef:57:ce:e3:11:dd:
                    16:aa:77:c5:54:08:2f:e3:aa:f7:09:c2:bd:ef:4b:
                    11:9a:cd:25:0f:0d:c9:cd:e5:c3:1c:ff:01:be:58:
                    8e:cc:c9:b5:b4:17:5d:76:08:08:c3:08:e6:1a:95:
                    e2:b8:82:57:da:2c:60:75:39:07:e5:38:53:f3:4c:
                    b2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:CD:27:01:4C:1A:9B:F6:0C:FB:1C:63:49:F5:29:1F:24:1B:57:75
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:36:ea:e0:1e:3d:58:03:7f:f8:1c:d8:46:42:94:e9:02:fd:
         67:38:db:6a:b1:db:4d:48:97:55:12:d2:c3:9c:ab:28:4f:39:
         d6:46:17:87:63:57:fa:98:37:5d:93:9e:d4:c1:9c:da:9d:a3:
         f6:8a:a1:5d:70:c4:fb:fe:b5:9b:1b:9a:68:6f:cf:0f:d4:d2:
         50:9b:13:75:58:a4:3d:05:c0:bd:ca:78:ba:65:4c:d8:8c:0c:
         ba:2a:99:0d:19:9f:83:e1:81:ff:8a:27:ac:db:ef:29:af:cd:
         39:04:13:4e:c1:ad:78:22:cb:a4:cf:32:e7:09:ba:84:83:0e:
         6f:0e:da:7d:dc:2c:db:30:d0:52:b3:8c:ee:17:82:23:fa:3b:
         af:41:8e:1b:c3:c3:d2:bd:12:db:3b:12:4f:bd:08:1b:a9:7e:
         27:bd:0c:e4:05:3c:ba:1a:e1:fb:27:38:a6:6b:aa:36:95:3e:
         e5:6c:f0:94:8f:3f:da:36:15:81:70:7d:75:27:bc:33:3e:9e:
         70:be:16:ae:4a:33:44:b4:69:4f:bd:a0:44:d5:86:c0:4d:9e:
         52:23:9d:5d:18:cb:0b:20:6d:b6:ef:23:39:e1:45:65:c4:a0:
         61:60:34:2d:42:80:1f:6e:ed:cb:21:39:c4:40:ce:4f:69:5e:
         d3:ef:6f:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZidFWQtZFTfRILlmfP8kLN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwODEyMDcwMTIxWhcNMjUwODEzMDcwMTIxWjAzMTEwLwYDVQQD
Eyg3YmNkMjcwMTRjMWE5YmY2MGNmYjFjNjM0OWY1MjkxZjI0MWI1Nzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEB+t05uj/9ClPa1dzC5r3mKLo37
nqSLsmLRaDnbOzGygCyFP0tlVWmxg7nj50koHYb5TGGhMwi0lNIcXx7kQX6zJGwm
lsEGZ2igI2ozYNRLexB5r+ad4BN6Uoeks3GqFtWkszRVNPl8+ho/k+3ZHJIPoOxb
T7erNGotoALa0oCVIXIYlm9kR0svMXWt8WAPSVi7EFIWetxq0yNqKr+UdpfEkAJx
LW8XV/MfvgsAwpo8MNnR0xUoIV3cSb/vV87jEd0WqnfFVAgv46r3CcK970sRms0l
Dw3JzeXDHP8BvliOzMm1tBdddggIwwjmGpXiuIJX2ixgdTkH5ThT80yyVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvNJwFMGpv2DPscY0n1KR8kG1d1MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjbq4B49
WAN/+BzYRkKU6QL9ZzjbarHbTUiXVRLSw5yrKE851kYXh2NX+pg3XZOe1MGc2p2j
9oqhXXDE+/61mxuaaG/PD9TSUJsTdVikPQXAvcp4umVM2IwMuiqZDRmfg+GB/4on
rNvvKa/NOQQTTsGteCLLpM8y5wm6hIMObw7afdws2zDQUrOM7heCI/o7r0GOG8PD
0r0S2zsST70IG6l+J70M5AU8uhrh+yc4pmuqNpU+5WzwlI8/2jYVgXB9dSe8Mz6e
cL4WrkozRLRpT72gRNWGwE2eUiOdXRjLCyBttu8jOeFFZcSgYWA0LUKAH27tyyE5
xEDOT2le0+9vhA==
-----END CERTIFICATE-----