Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          i56OXhmkDk1E2PZSmqDEIAjKM6mhvzEk+jP8yY6FDs8=
Subject key identifier:   E1:0E:2D:D7:AD:DC:35:0B:78:8D:82:9B:47:01:FE:E9:BA:1E:68:EA
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       0198D65FC27851D35B520750F50FDCF1DE92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          15D9
Signing time:             Sat 23 Aug 2025 10:00:56 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:56 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:56 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: h1QcLtw+DVvC4wwSiYaW3NDO2MjHkJGpeBI7bfcwwoY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:c2:78:51:d3:5b:52:07:50:f5:0f:dc:f1:de:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Aug 23 10:00:56 2025 GMT
            Not After : Aug 24 10:00:56 2025 GMT
        Subject: CN=e10e2dd7addc350b788d829b4701fee9ba1e68ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:83:25:9b:46:84:89:bb:5d:22:48:84:b5:de:
                    e7:ab:c0:9c:2c:aa:d4:73:e6:eb:44:b5:a7:7e:03:
                    53:76:d9:a1:ca:34:a0:9c:7e:b0:e8:ac:1a:b4:bc:
                    6d:de:b5:00:fe:42:d6:ac:69:35:31:85:b0:63:c4:
                    01:09:e4:c0:1f:d2:bf:24:7f:98:db:03:19:bf:4c:
                    3e:de:75:53:a0:57:48:02:05:41:92:77:99:a4:76:
                    62:69:5c:8d:85:97:eb:e8:c9:6b:c4:81:58:92:17:
                    b3:2d:06:28:ff:79:22:94:6a:0e:1f:53:9b:f7:8f:
                    2f:34:39:0b:b4:95:57:83:27:60:c7:0d:57:73:95:
                    93:c7:8e:05:f2:51:2b:84:76:fc:b2:51:df:f0:b5:
                    eb:85:31:28:5a:fd:c4:d9:b0:b0:50:43:f3:0e:cb:
                    2d:0c:8d:2e:2d:1e:13:0b:be:b2:e0:3d:d2:04:a1:
                    4b:6a:5b:ed:4f:b2:03:74:da:bf:ff:a9:f1:48:e3:
                    1d:c3:10:ca:8e:42:aa:43:0b:98:fd:ba:04:b3:6a:
                    b9:8c:02:fe:80:da:6c:4d:ad:df:c0:2d:90:24:b4:
                    3d:5a:88:0a:34:31:60:74:ac:d2:0c:17:14:c0:a5:
                    94:22:ca:71:c3:9d:b1:e1:53:a5:da:67:08:5a:f1:
                    3a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:0E:2D:D7:AD:DC:35:0B:78:8D:82:9B:47:01:FE:E9:BA:1E:68:EA
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:2d:6e:06:93:83:a0:c3:c4:a5:1c:c7:10:2e:98:49:66:51:
         06:c4:70:fc:ea:d9:26:24:f8:f1:10:0e:d0:f5:ee:94:6b:a5:
         13:cd:8e:e0:69:c6:4e:9a:99:da:47:af:3c:6f:a2:46:18:6e:
         db:9a:0e:41:ad:66:29:3e:17:96:c6:13:43:c0:d2:24:91:bc:
         3b:07:2f:98:ca:d3:ac:fb:d0:ff:8b:c9:41:2f:c8:f6:d2:66:
         ec:8e:6a:93:8d:6e:c5:92:6c:21:2d:ae:c3:8a:a7:a7:6a:ca:
         32:24:b0:54:10:98:cf:fc:54:c4:2d:82:c7:85:f8:25:12:b4:
         1d:dd:e9:e2:ca:50:ff:a8:fd:4d:47:bc:3a:e1:f7:be:77:34:
         0f:a8:e4:54:be:54:42:db:07:f7:38:8d:6d:8e:5d:4c:c2:ed:
         0a:d2:a8:f2:fd:36:e4:d3:18:99:09:4c:ea:6b:46:cc:d7:8c:
         b4:76:23:11:74:c6:38:0c:63:ea:4a:ae:bd:34:08:34:b6:c3:
         45:cf:53:6c:44:e7:ca:bd:bf:2f:5f:d4:0f:e2:6b:98:55:2f:
         a6:00:65:2c:e8:66:da:d7:d3:76:2b:cf:69:38:5e:b2:0c:86:
         39:ab:31:4d:5b:5c:bd:e2:72:f7:d1:dc:59:f6:87:a9:d0:b0:
         1b:78:21:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX8J4UdNbUgdQ9Q/c8d6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwODIzMTAwMDU2WhcNMjUwODI0MTAwMDU2WjAzMTEwLwYDVQQD
EyhlMTBlMmRkN2FkZGMzNTBiNzg4ZDgyOWI0NzAxZmVlOWJhMWU2OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoMlm0aEibtdIkiEtd7nq8CcLKrU
c+brRLWnfgNTdtmhyjSgnH6w6KwatLxt3rUA/kLWrGk1MYWwY8QBCeTAH9K/JH+Y
2wMZv0w+3nVToFdIAgVBkneZpHZiaVyNhZfr6MlrxIFYkhezLQYo/3kilGoOH1Ob
948vNDkLtJVXgydgxw1Xc5WTx44F8lErhHb8slHf8LXrhTEoWv3E2bCwUEPzDsst
DI0uLR4TC76y4D3SBKFLalvtT7IDdNq//6nxSOMdwxDKjkKqQwuY/boEs2q5jAL+
gNpsTa3fwC2QJLQ9WogKNDFgdKzSDBcUwKWUIspxw52x4VOl2mcIWvE6kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEOLdet3DULeI2Cm0cB/um6HmjqMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALy1uBpOD
oMPEpRzHEC6YSWZRBsRw/OrZJiT48RAO0PXulGulE82O4GnGTpqZ2kevPG+iRhhu
25oOQa1mKT4XlsYTQ8DSJJG8OwcvmMrTrPvQ/4vJQS/I9tJm7I5qk41uxZJsIS2u
w4qnp2rKMiSwVBCYz/xUxC2Cx4X4JRK0Hd3p4spQ/6j9TUe8OuH3vnc0D6jkVL5U
QtsH9ziNbY5dTMLtCtKo8v025NMYmQlM6mtGzNeMtHYjEXTGOAxj6kquvTQINLbD
Rc9TbETnyr2/L1/UD+JrmFUvpgBlLOhm2tfTdivPaThesgyGOasxTVtcveJy99Hc
WfaHqdCwG3ghqg==
-----END CERTIFICATE-----