Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          ZpSnRA29lOD6cwiv/EXs16wlGSvCUgmRV/KjLl0xj6g=
Subject key identifier:   10:8E:BA:24:2B:16:A6:8F:F7:E5:18:A1:5F:13:DF:F2:C9:FE:7A:21
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       0198D5BC41C91FE742107A2FE45338500D04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          073E
Signing time:             Sat 23 Aug 2025 07:02:21 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:21 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:21 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: BAX1a7D9Mk+gX1d4Hff2ub6U901O0LNNCcJ5Hzxm9K8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:41:c9:1f:e7:42:10:7a:2f:e4:53:38:50:0d:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Aug 23 07:02:21 2025 GMT
            Not After : Aug 24 07:02:21 2025 GMT
        Subject: CN=108eba242b16a68ff7e518a15f13dff2c9fe7a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:57:b4:2a:00:18:8e:23:e3:55:c0:1e:54:e1:
                    18:b8:90:51:4e:e0:93:e5:73:5b:63:54:4c:23:10:
                    ef:1c:0e:e7:73:3b:9c:ed:48:88:c5:6c:e3:35:24:
                    66:9c:52:62:1c:d5:96:12:1d:52:84:0a:49:0e:07:
                    cf:d3:1b:19:8e:e5:38:4c:2d:3c:d0:ce:96:c1:58:
                    bf:0e:10:67:d6:ce:58:c4:07:80:c3:6a:d5:a0:c7:
                    4e:16:2e:cd:f9:1c:ef:e0:59:e5:16:4c:5d:90:0e:
                    96:83:71:d5:a7:18:d1:d8:f8:18:d6:ab:15:e0:ab:
                    ce:1a:46:02:71:82:d4:2b:9a:ed:78:89:c8:3e:79:
                    b2:02:0e:12:f7:b0:4f:9d:50:84:3a:57:e4:d3:b5:
                    8c:80:79:69:90:bb:a3:53:29:ee:44:67:04:b8:ee:
                    4d:32:f4:1f:17:2f:4e:75:70:df:85:70:d8:c0:65:
                    4a:a6:d8:c0:5a:67:4e:4c:82:c3:85:bb:ae:73:a8:
                    c1:03:14:f6:32:90:2d:20:8b:85:93:80:0a:d0:3a:
                    ba:82:44:fc:57:13:ca:f5:0a:b0:be:04:8b:5f:f4:
                    94:dc:19:6d:5f:f8:b8:4c:af:8e:12:e0:8b:b3:0a:
                    63:bd:b7:dc:9f:11:f5:22:09:9d:26:3d:1b:76:c6:
                    10:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8E:BA:24:2B:16:A6:8F:F7:E5:18:A1:5F:13:DF:F2:C9:FE:7A:21
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:ee:6b:40:02:ab:ed:ad:b1:85:c7:e3:8e:5c:3c:ce:2c:db:
         87:51:75:ea:f6:bc:b9:dc:10:6a:18:c7:89:f6:3d:63:9a:3d:
         15:ae:21:0e:f9:96:b0:63:01:36:b9:5a:47:72:d0:d1:6c:3e:
         7e:8f:f1:a2:6a:cf:37:2d:b8:33:c1:17:d7:8a:21:71:db:b9:
         df:ea:e4:05:b0:f0:8c:48:6b:33:ea:66:83:1a:52:65:0f:0a:
         5b:ed:08:96:4f:ee:1e:0e:bb:82:5e:90:61:fa:f0:d0:64:5f:
         a9:f6:52:77:34:85:7b:8a:95:88:9c:25:ee:92:13:50:df:0f:
         97:bf:77:bb:47:2e:e1:5a:f6:c2:46:db:84:c7:6e:9d:42:db:
         f2:79:4b:cc:c6:1f:b4:87:44:db:45:9c:75:f4:08:8b:54:37:
         03:e5:36:f1:10:9a:d9:2b:1c:ac:fe:a4:11:55:8d:01:d2:46:
         72:50:2c:7a:17:49:8d:0e:d6:de:eb:d0:63:57:d2:3d:c0:32:
         f0:dc:78:8b:f2:67:a2:55:bc:1b:28:d4:b4:0a:19:6d:36:4f:
         ca:d5:c3:3d:a1:42:2c:0b:cf:fa:0e:ee:83:7f:0e:3e:81:61:
         9f:68:4e:61:d8:ad:30:12:6c:f2:c9:5d:c9:a7:e1:97:df:95:
         9c:13:73:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvEHJH+dCEHov5FM4UA0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUwODIzMDcwMjIxWhcNMjUwODI0MDcwMjIxWjAzMTEwLwYDVQQD
EygxMDhlYmEyNDJiMTZhNjhmZjdlNTE4YTE1ZjEzZGZmMmM5ZmU3YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Fe0KgAYjiPjVcAeVOEYuJBRTuCT
5XNbY1RMIxDvHA7nczuc7UiIxWzjNSRmnFJiHNWWEh1ShApJDgfP0xsZjuU4TC08
0M6WwVi/DhBn1s5YxAeAw2rVoMdOFi7N+Rzv4FnlFkxdkA6Wg3HVpxjR2PgY1qsV
4KvOGkYCcYLUK5rteInIPnmyAg4S97BPnVCEOlfk07WMgHlpkLujUynuRGcEuO5N
MvQfFy9OdXDfhXDYwGVKptjAWmdOTILDhbuuc6jBAxT2MpAtIIuFk4AK0Dq6gkT8
VxPK9QqwvgSLX/SU3BltX/i4TK+OEuCLswpjvbfcnxH1IgmdJj0bdsYQrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCOuiQrFqaP9+UYoV8T3/LJ/nohMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+5rQAKr
7a2xhcfjjlw8zizbh1F16va8udwQahjHifY9Y5o9Fa4hDvmWsGMBNrlaR3LQ0Ww+
fo/xomrPNy24M8EX14ohcdu53+rkBbDwjEhrM+pmgxpSZQ8KW+0Ilk/uHg67gl6Q
Yfrw0GRfqfZSdzSFe4qViJwl7pITUN8Pl793u0cu4Vr2wkbbhMdunULb8nlLzMYf
tIdE20WcdfQIi1Q3A+U28RCa2SscrP6kEVWNAdJGclAsehdJjQ7W3uvQY1fSPcAy
8Nx4i/JnolW8GyjUtAoZbTZPytXDPaFCLAvP+g7ug38OPoFhn2hOYditMBJs8sld
yafhl9+VnBNzpw==
-----END CERTIFICATE-----