Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          F1fDhXNPA8VLW7x19lRt8ZNacjJDUQgJRoP9yKMJEjs=
Subject key identifier:   C6:D3:BD:2B:AB:E8:EF:20:A6:A0:A9:97:C9:9F:26:AC:9E:A6:FC:1C
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       0198D6600734CEAE68F562A2B560E806BB89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          1491
Signing time:             Sat 23 Aug 2025 10:01:14 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:14 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:14 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: vJpV7bmVrVXQLg4CxujYFlj0Z+BmJ1EzSDwBheq/zm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:07:34:ce:ae:68:f5:62:a2:b5:60:e8:06:bb:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: Aug 23 10:01:14 2025 GMT
            Not After : Aug 24 10:01:14 2025 GMT
        Subject: CN=c6d3bd2babe8ef20a6a0a997c99f26ac9ea6fc1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ca:33:e6:b0:6d:50:88:22:9b:83:e1:d4:c9:
                    f6:26:58:92:df:ec:26:a5:ee:28:43:5a:57:a1:91:
                    ac:a6:db:ff:7d:73:cd:50:1f:03:f7:23:9d:63:29:
                    25:f8:a4:76:e7:1c:0d:cc:6e:2e:d5:e5:58:27:5b:
                    59:32:d6:fe:9c:cf:c2:53:65:d5:98:27:7c:e6:68:
                    2d:56:12:85:d8:ad:7f:d0:1e:e1:d2:ed:99:0f:2b:
                    7a:cd:26:ce:ba:ed:c6:be:63:ba:74:93:5e:2e:c9:
                    54:d1:f3:fa:4a:50:65:05:33:47:f5:1c:90:ed:d8:
                    32:b0:79:d0:fb:7c:d8:83:9b:b1:4e:ab:ff:27:73:
                    5a:61:de:24:ef:cf:7a:ca:7e:cd:2f:80:ff:51:bc:
                    6f:68:c5:71:0a:91:af:e7:e4:3a:a3:1c:33:d7:f4:
                    56:73:62:e0:a6:13:27:5b:9c:82:13:18:4f:1c:09:
                    89:d0:da:3e:fb:66:20:22:b9:bb:6c:c7:a1:dd:e4:
                    57:3f:91:8a:56:83:ce:9e:73:a9:4c:a6:b4:c4:dc:
                    ca:20:1e:09:f9:78:c3:a5:cd:45:c8:82:0e:dd:31:
                    28:4b:99:81:d6:e5:11:b2:aa:69:60:bb:b0:9a:2b:
                    d8:8a:51:a4:f5:ad:26:00:e5:44:79:c4:18:75:25:
                    a0:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D3:BD:2B:AB:E8:EF:20:A6:A0:A9:97:C9:9F:26:AC:9E:A6:FC:1C
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:89:dd:c6:eb:e4:76:36:43:e7:33:72:05:fc:f6:49:96:c7:
         04:a6:86:0a:fa:e8:6e:fa:32:67:00:a4:0a:00:cf:41:3c:56:
         6f:8a:26:58:b1:73:d9:6d:9e:fb:92:32:36:7f:d7:12:46:ae:
         e0:57:47:89:6b:46:67:be:c5:9b:0d:ef:5e:83:ad:ad:a6:92:
         af:ac:8e:ec:00:78:ca:9a:67:6e:8f:28:a7:77:25:f3:38:bd:
         88:be:58:e8:7a:b3:9a:2c:2e:16:95:31:3f:b1:d8:6c:7e:f8:
         12:84:38:4c:b6:91:31:fc:55:14:ca:dd:ae:2c:9b:41:4a:ce:
         ea:46:1f:dd:1d:72:d1:bd:a6:e2:73:f6:b7:69:15:40:05:7d:
         10:98:65:9a:b5:27:fa:25:ae:33:f3:2a:3f:c6:f6:3f:fa:b8:
         c7:4f:58:11:a1:a9:53:b0:43:f2:a8:6b:2c:42:55:eb:32:e2:
         b7:e6:3a:30:34:b3:e0:4c:e4:18:6c:12:cd:0f:73:82:ae:63:
         30:90:93:39:08:f0:b2:1a:fc:e3:41:38:50:b2:fc:11:11:75:
         3a:13:cb:8f:91:ee:30:a5:45:db:c1:3d:a7:be:d8:5a:4d:dd:
         ca:03:06:8f:d2:70:a6:60:4b:5c:91:59:fa:95:e1:36:d2:13:
         48:e6:76:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYAc0zq5o9WKitWDoBruJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjUwODIzMTAwMTE0WhcNMjUwODI0MTAwMTE0WjAzMTEwLwYDVQQD
EyhjNmQzYmQyYmFiZThlZjIwYTZhMGE5OTdjOTlmMjZhYzllYTZmYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsoz5rBtUIgim4Ph1Mn2JliS3+wm
pe4oQ1pXoZGsptv/fXPNUB8D9yOdYykl+KR25xwNzG4u1eVYJ1tZMtb+nM/CU2XV
mCd85mgtVhKF2K1/0B7h0u2ZDyt6zSbOuu3GvmO6dJNeLslU0fP6SlBlBTNH9RyQ
7dgysHnQ+3zYg5uxTqv/J3NaYd4k7896yn7NL4D/UbxvaMVxCpGv5+Q6oxwz1/RW
c2LgphMnW5yCExhPHAmJ0No++2YgIrm7bMeh3eRXP5GKVoPOnnOpTKa0xNzKIB4J
+XjDpc1FyIIO3TEoS5mB1uURsqppYLuwmivYilGk9a0mAOVEecQYdSWgswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbTvSur6O8gpqCpl8mfJqyepvwcMB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4ndxuvk
djZD5zNyBfz2SZbHBKaGCvrobvoyZwCkCgDPQTxWb4omWLFz2W2e+5IyNn/XEkau
4FdHiWtGZ77Fmw3vXoOtraaSr6yO7AB4yppnbo8op3cl8zi9iL5Y6HqzmiwuFpUx
P7HYbH74EoQ4TLaRMfxVFMrdriybQUrO6kYf3R1y0b2m4nP2t2kVQAV9EJhlmrUn
+iWuM/MqP8b2P/q4x09YEaGpU7BD8qhrLEJV6zLit+Y6MDSz4EzkGGwSzQ9zgq5j
MJCTOQjwshr840E4ULL8ERF1OhPLj5HuMKVF28E9p77YWk3dygMGj9JwpmBLXJFZ
+pXhNtITSOZ2bA==
-----END CERTIFICATE-----