Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          hYTqE3AadWEXDfBB/lyuCOmXP8ktZVCLuN7B67Kx37M=
Subject key identifier:   FC:CB:9F:78:99:0D:8C:26:24:05:B1:BC:09:4B:95:21:41:CB:37:23
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       0198D7061A521EB01CCB50172EAE73ACB987
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          09EA
Signing time:             Sat 23 Aug 2025 13:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:38 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: +umlgIOmM56P8BRyyAgYczFXFyK/srLQkmzXqzJbWys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:06:1a:52:1e:b0:1c:cb:50:17:2e:ae:73:ac:b9:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Aug 23 13:02:38 2025 GMT
            Not After : Aug 24 13:02:38 2025 GMT
        Subject: CN=fccb9f78990d8c262405b1bc094b952141cb3723
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0e:c5:3a:f8:15:cb:81:1f:14:f8:54:f8:75:
                    22:c1:d4:45:1f:ce:78:45:6c:a8:d9:97:5e:b7:d5:
                    05:a9:f6:0d:bb:f4:29:38:95:85:7a:e1:1d:3a:e8:
                    05:7d:8a:ec:94:0e:97:dc:bd:3d:7a:a5:55:ff:d6:
                    9b:73:b5:b5:c3:c1:a1:b4:97:92:78:2a:00:85:c9:
                    56:02:a9:5f:ae:a5:34:48:fe:f1:3c:85:63:e4:69:
                    14:09:4e:5b:9b:aa:20:fe:10:fd:67:94:d2:ae:0a:
                    e9:41:b9:ee:e8:c5:7d:69:a0:34:f8:9a:3c:44:ec:
                    1a:c1:ae:20:0b:fc:2b:59:51:9c:d1:3a:d0:ad:2f:
                    24:25:54:65:e8:6c:b3:d5:ba:fb:b2:ba:a4:41:5c:
                    aa:a2:34:95:20:39:63:ba:70:00:f7:84:eb:2c:ea:
                    93:f6:50:f7:29:97:59:31:d1:fd:5e:bd:d3:38:f0:
                    00:d8:6c:58:30:e1:c5:3d:5a:bb:eb:db:ab:f1:e6:
                    c5:6c:a7:0e:68:68:00:7f:a2:8a:0a:63:af:14:55:
                    59:d9:e8:71:95:1d:e0:00:d3:cd:80:54:38:a5:b3:
                    55:f8:25:fc:1d:3f:f8:cc:2c:2f:f9:43:dd:7a:fe:
                    74:a3:77:18:f6:bf:be:90:bc:60:e4:c9:7e:70:00:
                    3c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:CB:9F:78:99:0D:8C:26:24:05:B1:BC:09:4B:95:21:41:CB:37:23
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c3:8d:70:91:1c:b6:c8:e7:49:4b:15:a1:f2:d6:55:43:cb:
         33:c9:d0:10:a8:76:1f:a2:aa:13:47:06:d2:4d:78:63:f0:8d:
         bb:bc:a8:ae:38:4e:7a:85:66:dd:b1:db:e2:34:d7:95:3d:52:
         de:f7:60:de:9e:a7:c7:c2:69:ef:f0:e9:e7:93:4b:ac:34:4a:
         55:91:3d:19:d9:30:fc:8e:79:a1:c1:3e:dc:36:f2:fc:42:39:
         bc:07:17:45:04:ec:31:c0:c3:05:7c:73:a8:37:fc:c2:cd:5a:
         4b:25:01:31:90:41:82:c4:b0:a0:89:93:40:f9:bc:fd:c1:cb:
         0c:59:0d:65:d9:27:68:24:bd:5a:a6:7f:f9:d7:87:fb:3f:d8:
         48:27:24:3f:b1:a3:3b:59:43:75:4b:db:79:48:aa:3b:ce:52:
         1e:72:6d:11:3b:19:1b:94:b3:61:16:08:b2:ac:29:68:0a:d6:
         9b:33:79:09:ba:05:23:b6:dd:f6:8c:53:89:a5:2b:5c:58:d0:
         91:a5:83:23:bc:32:74:cb:24:c3:d9:0d:6a:3c:e3:c0:2a:32:
         49:e1:53:01:4c:51:ad:b4:5f:2c:44:58:41:7e:fa:e4:54:18:
         f7:c5:66:4c:63:ac:3c:28:55:59:b4:e7:67:90:87:7e:31:42:
         f8:d3:30:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBhpSHrAcy1AXLq5zrLmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwODIzMTMwMjM4WhcNMjUwODI0MTMwMjM4WjAzMTEwLwYDVQQD
EyhmY2NiOWY3ODk5MGQ4YzI2MjQwNWIxYmMwOTRiOTUyMTQxY2IzNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ7FOvgVy4EfFPhU+HUiwdRFH854
RWyo2Zdet9UFqfYNu/QpOJWFeuEdOugFfYrslA6X3L09eqVV/9abc7W1w8GhtJeS
eCoAhclWAqlfrqU0SP7xPIVj5GkUCU5bm6og/hD9Z5TSrgrpQbnu6MV9aaA0+Jo8
ROwawa4gC/wrWVGc0TrQrS8kJVRl6Gyz1br7srqkQVyqojSVIDljunAA94TrLOqT
9lD3KZdZMdH9Xr3TOPAA2GxYMOHFPVq769ur8ebFbKcOaGgAf6KKCmOvFFVZ2ehx
lR3gANPNgFQ4pbNV+CX8HT/4zCwv+UPdev50o3cY9r++kLxg5Ml+cAA8YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzLn3iZDYwmJAWxvAlLlSFByzcjMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcONcJEc
tsjnSUsVofLWVUPLM8nQEKh2H6KqE0cG0k14Y/CNu7yorjhOeoVm3bHb4jTXlT1S
3vdg3p6nx8Jp7/Dp55NLrDRKVZE9Gdkw/I55ocE+3Dby/EI5vAcXRQTsMcDDBXxz
qDf8ws1aSyUBMZBBgsSwoImTQPm8/cHLDFkNZdknaCS9WqZ/+deH+z/YSCckP7Gj
O1lDdUvbeUiqO85SHnJtETsZG5SzYRYIsqwpaArWmzN5CboFI7bd9oxTiaUrXFjQ
kaWDI7wydMskw9kNajzjwCoySeFTAUxRrbRfLERYQX765FQY98VmTGOsPChVWbTn
Z5CHfjFC+NMwUQ==
-----END CERTIFICATE-----