Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          xGvpLVcrxmLyJTb4n1+yliHD0JG/1QF8gqEL8AzIGqw=
Subject key identifier:   76:71:1A:88:01:48:4F:24:B7:F3:E6:47:8E:3F:A6:61:79:6D:EB:B9
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       0198D6611E7121967629A8C4ADCEDBD86A51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:02:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:25 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: 4CVdf0F+0KMfQAh1x6PWnB3vRgQL9sZDBD6jmshpKWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1e:71:21:96:76:29:a8:c4:ad:ce:db:d8:6a:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Aug 23 10:02:25 2025 GMT
            Not After : Aug 24 10:02:25 2025 GMT
        Subject: CN=76711a8801484f24b7f3e6478e3fa661796debb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b5:d1:d7:ae:12:6b:73:7b:78:fd:d0:5a:c3:
                    e6:95:dc:a1:08:ab:66:0e:55:7b:ad:16:58:af:44:
                    c6:b3:24:6d:0e:0d:5b:9d:fe:65:26:6c:28:94:bc:
                    2e:90:d1:e4:e4:02:4a:59:71:cd:da:f1:7b:eb:e8:
                    0d:44:6e:43:c3:85:d4:e6:a5:1d:f6:44:7c:91:9f:
                    48:b7:18:ff:e5:9a:41:6c:f2:fe:7d:8c:a0:9c:7b:
                    ac:3b:6a:7e:18:12:4c:ad:60:03:e0:0c:58:60:6b:
                    71:1d:d3:f2:24:d9:15:a2:6b:35:a3:7c:86:44:ad:
                    7a:59:73:e8:df:8d:ad:b2:bb:46:55:63:0b:6e:31:
                    02:87:52:63:86:f9:02:b2:12:d7:73:35:f0:2a:2b:
                    80:16:3b:0b:68:70:04:5d:00:b3:74:56:32:e1:fa:
                    9e:b6:78:1a:cb:4f:7f:b4:a4:49:c4:2d:71:e6:78:
                    9c:05:d3:8a:49:8a:c4:d4:61:55:1f:cf:f1:ab:dc:
                    d9:a9:ea:0c:fb:1d:e0:b2:c4:81:79:12:f5:a2:bc:
                    15:f8:26:50:13:97:08:bf:73:52:6b:0e:f4:b2:d0:
                    ee:c3:5d:c9:1b:3d:85:62:fe:12:15:27:90:e4:fa:
                    cb:01:50:32:f1:cc:0b:d9:b8:e1:c7:9f:64:b5:82:
                    65:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:71:1A:88:01:48:4F:24:B7:F3:E6:47:8E:3F:A6:61:79:6D:EB:B9
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:ef:9b:df:44:5c:75:eb:1e:a6:7c:31:52:1d:d4:92:d8:96:
         96:8b:bb:24:d4:71:5d:1e:92:16:4c:ea:ca:12:fb:7e:ed:03:
         50:38:da:12:10:94:94:45:fc:41:f9:7c:b2:40:0a:90:58:bd:
         8b:5d:49:ab:c5:4d:a8:13:c5:e4:58:b8:bf:fc:c1:63:88:ce:
         c0:25:a1:80:39:57:79:4e:48:68:4a:ce:cc:76:ef:79:7c:c4:
         eb:86:e7:9a:fc:b7:39:59:3c:e8:06:7f:3a:77:96:de:3d:63:
         72:98:48:ce:b8:f1:06:8c:68:99:92:a3:77:32:3b:ff:9f:18:
         10:75:1b:33:0b:51:8f:7d:a4:e7:8b:53:ff:f4:05:e8:64:3a:
         f6:a3:b7:c9:04:92:ef:73:6c:f7:b2:5d:a6:31:fb:73:0f:68:
         ec:a8:cc:aa:42:a4:0f:7b:ff:8b:10:64:62:6c:fa:f2:0a:62:
         ba:9c:46:c1:a2:a2:65:db:d6:4f:ec:de:93:f3:96:6b:d0:6c:
         2a:98:88:86:7f:23:aa:b0:93:1a:a0:be:f8:c4:cb:44:0e:5f:
         3e:90:ce:27:fe:f5:f9:8a:8f:71:90:8c:09:45:04:bf:4b:aa:
         7a:12:5b:20:4c:63:ac:6b:7f:52:f1:f7:78:5d:55:dd:5d:91:
         f4:85:92:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYR5xIZZ2KajErc7b2GpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwODIzMTAwMjI1WhcNMjUwODI0MTAwMjI1WjAzMTEwLwYDVQQD
Eyg3NjcxMWE4ODAxNDg0ZjI0YjdmM2U2NDc4ZTNmYTY2MTc5NmRlYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbXR164Sa3N7eP3QWsPmldyhCKtm
DlV7rRZYr0TGsyRtDg1bnf5lJmwolLwukNHk5AJKWXHN2vF76+gNRG5Dw4XU5qUd
9kR8kZ9Itxj/5ZpBbPL+fYygnHusO2p+GBJMrWAD4AxYYGtxHdPyJNkVoms1o3yG
RK16WXPo342tsrtGVWMLbjECh1JjhvkCshLXczXwKiuAFjsLaHAEXQCzdFYy4fqe
tngay09/tKRJxC1x5nicBdOKSYrE1GFVH8/xq9zZqeoM+x3gssSBeRL1orwV+CZQ
E5cIv3NSaw70stDuw13JGz2FYv4SFSeQ5PrLAVAy8cwL2bjhx59ktYJl3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZxGogBSE8kt/PmR44/pmF5beu5MB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK++b30Rc
desepnwxUh3UktiWlou7JNRxXR6SFkzqyhL7fu0DUDjaEhCUlEX8Qfl8skAKkFi9
i11Jq8VNqBPF5Fi4v/zBY4jOwCWhgDlXeU5IaErOzHbveXzE64bnmvy3OVk86AZ/
OneW3j1jcphIzrjxBoxomZKjdzI7/58YEHUbMwtRj32k54tT//QF6GQ69qO3yQSS
73Ns97JdpjH7cw9o7KjMqkKkD3v/ixBkYmz68gpiupxGwaKiZdvWT+zek/OWa9Bs
KpiIhn8jqrCTGqC++MTLRA5fPpDOJ/71+YqPcZCMCUUEv0uqehJbIExjrGt/UvH3
eF1V3V2R9IWSXQ==
-----END CERTIFICATE-----