Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
File:                     nwAKfifXFIcphPrjeIda9lvkBWw.mft (raw, json)
Hash identifier:          nRN8WLAkB8piCxF1fbSkwVxV7IAwegEDpkKXzTx0HAY=
Subject key identifier:   91:12:0D:1C:B9:69:CF:A8:6C:D5:CE:5F:5B:EC:69:A6:1C:BE:14:EE
Authority key identifier: 9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
Certificate issuer:       /CN=9f000a7e27d714872984fae378875af65be4056c
Certificate serial:       0198D6984E443E853F0F876D82A062B425C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
Manifest number:          9E
Signing time:             Sat 23 Aug 2025 11:02:42 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:42 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:42 +0000
Files and hashes:         1: nwAKfifXFIcphPrjeIda9lvkBWw.crl (hash: Yavam5PFRYBUy+wIEeadkvB50wrdl4t5AvRJYJPS5w4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 11:02:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:4e:44:3e:85:3f:0f:87:6d:82:a0:62:b4:25:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f000a7e27d714872984fae378875af65be4056c
        Validity
            Not Before: Aug 23 11:02:42 2025 GMT
            Not After : Aug 24 11:02:42 2025 GMT
        Subject: CN=91120d1cb969cfa86cd5ce5f5bec69a61cbe14ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:25:8f:86:21:77:e8:3d:39:3c:8d:be:96:88:
                    d1:bf:4f:e7:23:40:79:98:94:20:fb:b3:cb:97:67:
                    59:fd:90:49:df:d1:ff:48:5a:22:90:8a:7e:94:e3:
                    7b:65:60:8a:6d:46:4f:55:a2:f7:f6:1b:95:cf:8d:
                    a8:31:f7:f4:dd:c6:84:9c:d2:60:bd:78:c0:e7:af:
                    6d:a2:dc:04:0e:bf:c5:c7:2b:30:e0:b9:dd:48:dd:
                    8c:59:d3:21:ef:18:1e:3c:ec:ae:10:18:e0:69:eb:
                    0f:36:fc:c1:9f:96:1b:48:e8:dd:66:83:1d:4e:46:
                    93:9a:7b:c5:f8:46:0b:7f:02:5d:e5:57:91:4f:cd:
                    62:83:ac:bb:f4:cd:fb:d0:77:63:41:19:9c:36:40:
                    dc:dc:9e:ca:c9:5b:41:17:51:57:a5:0c:7f:48:0e:
                    c3:bb:db:17:7b:b2:e2:73:36:2e:d0:2f:26:e0:c1:
                    f0:59:2f:ab:59:67:17:d9:70:ef:61:e3:1a:2e:c3:
                    48:04:52:11:15:f4:fe:03:94:58:c4:a3:c4:81:9e:
                    32:13:a2:27:17:53:f0:b5:b0:6d:34:c3:1f:03:5b:
                    e4:3b:9b:b4:ed:ac:18:95:60:f7:9a:2c:f8:12:63:
                    cb:cf:8f:d4:ec:95:9b:36:26:2a:10:4e:12:c0:8d:
                    6f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:12:0D:1C:B9:69:CF:A8:6C:D5:CE:5F:5B:EC:69:A6:1C:BE:14:EE
            X509v3 Authority Key Identifier:
                keyid:9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:be:09:84:0a:66:09:ec:d2:8b:85:73:69:b1:2a:95:b5:b3:
         ff:a6:81:1a:9a:bb:e2:3e:f6:b4:18:6a:4b:61:42:4e:97:eb:
         90:59:52:4a:eb:f7:5a:47:9f:8c:c0:c9:e1:3b:6c:45:d8:27:
         64:ab:91:08:7f:a7:4d:8d:7c:c2:b4:f9:42:a6:21:ef:37:3a:
         c8:a6:c2:a5:1d:49:c9:18:c4:07:1d:26:9c:96:07:9f:05:de:
         54:ad:0c:a9:81:e3:79:f0:fa:7b:be:c5:a4:cb:43:d7:0c:13:
         db:c2:8b:2b:3d:87:14:7a:f4:e4:f7:0f:8e:07:f7:64:54:63:
         5a:62:05:55:5e:bb:97:41:1c:b8:1b:6a:6f:68:1b:99:8e:54:
         91:ac:d1:52:bc:7a:26:52:48:1f:04:94:2b:e7:2a:3f:72:7a:
         94:1d:73:74:ef:f8:0a:6d:3c:55:0f:fd:d1:7b:f1:b0:47:73:
         af:0a:df:77:4d:79:5f:e7:97:c0:bf:2c:7e:90:44:0a:89:68:
         9c:2f:43:e2:ad:13:c5:18:89:84:77:e9:f6:f4:6a:20:6a:10:
         a2:90:d5:75:03:aa:55:be:28:d0:df:07:c4:87:b4:92:45:41:
         68:d3:83:5d:06:fd:94:45:bd:05:49:98:69:3f:e3:45:41:2b:
         b2:f5:a7:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmE5EPoU/D4dtgqBitCXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDAwYTdlMjdkNzE0ODcyOTg0ZmFlMzc4ODc1YWY2NWJl
NDA1NmMwHhcNMjUwODIzMTEwMjQyWhcNMjUwODI0MTEwMjQyWjAzMTEwLwYDVQQD
Eyg5MTEyMGQxY2I5NjljZmE4NmNkNWNlNWY1YmVjNjlhNjFjYmUxNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiWPhiF36D05PI2+lojRv0/nI0B5
mJQg+7PLl2dZ/ZBJ39H/SFoikIp+lON7ZWCKbUZPVaL39huVz42oMff03caEnNJg
vXjA569totwEDr/Fxysw4LndSN2MWdMh7xgePOyuEBjgaesPNvzBn5YbSOjdZoMd
TkaTmnvF+EYLfwJd5VeRT81ig6y79M370HdjQRmcNkDc3J7KyVtBF1FXpQx/SA7D
u9sXe7LiczYu0C8m4MHwWS+rWWcX2XDvYeMaLsNIBFIRFfT+A5RYxKPEgZ4yE6In
F1PwtbBtNMMfA1vkO5u07awYlWD3miz4EmPLz4/U7JWbNiYqEE4SwI1v0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJESDRy5ac+obNXOX1vsaaYcvhTuMB8GA1UdIwQY
MBaAFJ8ACn4n1xSHKYT643iHWvZb5AVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQt
YTAzODkyZmMzNDBiLzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQtYTAzODkyZmMzNDBi
LzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAL4JhApm
CezSi4VzabEqlbWz/6aBGpq74j72tBhqS2FCTpfrkFlSSuv3WkefjMDJ4TtsRdgn
ZKuRCH+nTY18wrT5QqYh7zc6yKbCpR1JyRjEBx0mnJYHnwXeVK0MqYHjefD6e77F
pMtD1wwT28KLKz2HFHr05PcPjgf3ZFRjWmIFVV67l0EcuBtqb2gbmY5UkazRUrx6
JlJIHwSUK+cqP3J6lB1zdO/4Cm08VQ/90XvxsEdzrwrfd015X+eXwL8sfpBEColo
nC9D4q0TxRiJhHfp9vRqIGoQopDVdQOqVb4o0N8HxIe0kkVBaNODXQb9lEW9BUmY
aT/jRUErsvWniw==
-----END CERTIFICATE-----