Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
File:                     pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json)
Hash identifier:          nDBxDpjLB8eq5EtVie6QclpGtWH4zZtv+ucNIcCLzBk=
Subject key identifier:   DC:9A:FC:58:00:2A:AF:64:F3:51:B2:2C:93:57:31:2B:BF:04:B4:A7
Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0
Certificate issuer:       /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
Certificate serial:       0198D5F133037E1B5C2B217B0CF2B5E406F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
Manifest number:          52
Signing time:             Sat 23 Aug 2025 08:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:10 +0000
Files and hashes:         1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: /ojZgwRkJ8unrawfdz9DWL3BzMybn1WkHNmFtOYrg1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:33:03:7e:1b:5c:2b:21:7b:0c:f2:b5:e4:06:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
        Validity
            Not Before: Aug 23 08:00:10 2025 GMT
            Not After : Aug 24 08:00:10 2025 GMT
        Subject: CN=dc9afc58002aaf64f351b22c9357312bbf04b4a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f4:5d:53:f7:b6:3b:5a:d1:7d:ca:79:58:f6:
                    32:31:bc:6f:05:0b:13:93:2b:e0:fd:d4:a1:ee:5d:
                    74:ac:6a:d7:1c:ec:c7:a5:5f:88:6d:d5:7f:7c:0f:
                    27:f6:26:57:3e:2d:86:20:de:8b:d0:0c:8e:f9:e4:
                    45:88:95:20:bf:f9:0f:42:e3:71:ea:07:46:1e:a6:
                    6a:92:0a:51:d4:9b:54:7b:1b:20:49:c6:b5:0e:70:
                    4b:01:56:99:80:34:6a:dc:1f:67:54:cf:ea:e2:f2:
                    c5:3a:ae:0f:37:a7:a3:d7:0d:33:90:8f:c8:27:99:
                    03:75:80:6f:71:4a:ca:80:7c:43:f6:7f:c1:77:b8:
                    f9:90:50:44:1a:ff:42:57:83:b2:7d:4a:62:33:09:
                    98:f0:7d:27:14:c7:a9:8f:ae:48:70:b5:cc:29:31:
                    27:f8:16:9f:2c:22:04:5c:a5:37:bf:8c:8b:7b:91:
                    26:04:97:07:b0:08:60:b2:c6:4a:34:e2:1b:81:81:
                    0d:35:c9:5c:4f:27:41:43:9c:43:51:1e:4e:91:a8:
                    6f:26:4d:fc:2e:b5:f2:95:95:2d:7f:9f:d3:a5:ee:
                    cd:68:af:94:60:b4:f9:12:5c:98:b7:8b:8e:70:06:
                    14:f3:28:eb:80:13:76:f7:49:78:32:53:25:8d:a2:
                    7e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9A:FC:58:00:2A:AF:64:F3:51:B2:2C:93:57:31:2B:BF:04:B4:A7
            X509v3 Authority Key Identifier:
                keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:5d:48:86:35:3a:72:0f:58:d4:73:a2:41:2a:bc:21:a2:05:
         ce:bf:cb:64:30:cd:08:43:64:92:eb:61:a6:74:ee:eb:01:59:
         0d:bc:27:eb:7a:1c:3e:b5:ea:e4:c2:99:69:27:44:2f:1d:05:
         15:04:6c:0b:89:5e:de:bf:d8:86:41:98:0a:ce:6a:55:a5:bf:
         5d:4c:e7:03:d2:98:61:79:e3:c3:03:d1:d9:b3:75:a8:29:df:
         c2:46:fc:39:25:d0:72:5a:9a:c0:4e:0d:f0:0a:37:68:ad:7d:
         88:ce:f8:e1:c6:8a:cc:2e:d0:76:f6:f5:98:de:9d:fb:44:8e:
         4e:7d:6e:45:6f:7c:a3:14:f4:d0:80:b4:47:83:0d:55:9a:7b:
         0c:b1:46:ad:24:f2:4a:34:b0:47:91:48:c4:5f:f6:91:7c:97:
         2a:70:d7:fa:9d:09:14:25:34:36:a2:8f:9a:a0:d3:3c:32:0e:
         9f:a9:ce:1e:25:2e:90:31:f8:90:07:22:f2:17:3c:ac:c1:1e:
         b1:d8:7a:79:fa:1d:48:dc:16:94:bd:ea:14:be:60:52:f1:b4:
         27:2f:43:30:a1:55:87:06:e6:4d:bc:e6:a4:6b:e0:03:6c:67:
         68:43:9b:dc:72:7f:86:a6:4d:4f:2d:33:de:fc:94:f4:3b:55:
         0f:d8:a3:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8TMDfhtcKyF7DPK15Ab1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5
ZDQ4ZTAwHhcNMjUwODIzMDgwMDEwWhcNMjUwODI0MDgwMDEwWjAzMTEwLwYDVQQD
EyhkYzlhZmM1ODAwMmFhZjY0ZjM1MWIyMmM5MzU3MzEyYmJmMDRiNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivRdU/e2O1rRfcp5WPYyMbxvBQsT
kyvg/dSh7l10rGrXHOzHpV+IbdV/fA8n9iZXPi2GIN6L0AyO+eRFiJUgv/kPQuNx
6gdGHqZqkgpR1JtUexsgSca1DnBLAVaZgDRq3B9nVM/q4vLFOq4PN6ej1w0zkI/I
J5kDdYBvcUrKgHxD9n/Bd7j5kFBEGv9CV4OyfUpiMwmY8H0nFMepj65IcLXMKTEn
+BafLCIEXKU3v4yLe5EmBJcHsAhgssZKNOIbgYENNclcTydBQ5xDUR5OkahvJk38
LrXylZUtf5/Tpe7NaK+UYLT5ElyYt4uOcAYU8yjrgBN290l4MlMljaJ+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNya/FgAKq9k81GyLJNXMSu/BLSnMB8GA1UdIwQY
MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et
OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3
LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUV1IhjU6
cg9Y1HOiQSq8IaIFzr/LZDDNCENkkuthpnTu6wFZDbwn63ocPrXq5MKZaSdELx0F
FQRsC4le3r/YhkGYCs5qVaW/XUznA9KYYXnjwwPR2bN1qCnfwkb8OSXQclqawE4N
8Ao3aK19iM744caKzC7Qdvb1mN6d+0SOTn1uRW98oxT00IC0R4MNVZp7DLFGrSTy
SjSwR5FIxF/2kXyXKnDX+p0JFCU0NqKPmqDTPDIOn6nOHiUukDH4kAci8hc8rMEe
sdh6efodSNwWlL3qFL5gUvG0Jy9DMKFVhwbmTbzmpGvgA2xnaEOb3HJ/hqZNTy0z
3vyU9DtVD9ijmg==
-----END CERTIFICATE-----