Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          Cu0mGatZslYkWgk9hWLns9lnQ0brulE1Grkl2HZB9dA=
Subject key identifier:   BD:95:14:B1:BA:7D:28:78:94:00:41:19:32:20:45:D3:79:87:9E:2A
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       0198D6CD4133AB51D6BE230B82DB9FDCABE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          0109
Signing time:             Sat 23 Aug 2025 12:00:32 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:32 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:32 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: B/I8b8q32N9TQ5zb68VZ7Nxubeu32zZGeT2q6HbIsC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:41:33:ab:51:d6:be:23:0b:82:db:9f:dc:ab:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Aug 23 12:00:32 2025 GMT
            Not After : Aug 24 12:00:32 2025 GMT
        Subject: CN=bd9514b1ba7d287894004119322045d379879e2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5e:b6:6e:23:05:cd:62:b0:2e:8d:1c:c4:d9:
                    16:c0:ae:d8:3c:52:68:10:4e:bd:22:c7:fe:4d:26:
                    31:94:0c:10:fe:87:70:29:d6:58:d9:9b:85:44:57:
                    55:c8:44:6c:e1:cf:b9:88:b1:ca:84:6b:94:df:f6:
                    d5:30:6f:cc:15:a3:2c:44:19:16:a3:2a:b1:bd:db:
                    fb:8a:6e:82:cc:e8:81:6c:a8:1f:45:32:94:4b:66:
                    60:d8:46:48:35:29:92:07:db:c2:99:a1:08:13:7e:
                    10:16:95:98:e4:cd:08:d9:8a:73:8c:e7:87:bb:dd:
                    75:9c:ee:0b:4d:b4:cc:6b:7b:31:88:ed:42:14:c3:
                    54:12:9b:08:b5:03:8a:a2:bd:97:01:b6:65:d8:0c:
                    a6:73:05:29:fd:66:d2:82:59:81:ba:e0:ff:76:0c:
                    15:e5:3e:19:70:07:9b:32:d9:ab:cd:d7:9d:25:3e:
                    da:ea:06:82:cd:c1:4f:ab:a5:cd:d6:87:80:2c:6a:
                    2a:a2:9f:7c:c6:eb:ea:d2:f1:e3:a9:03:21:71:c7:
                    50:02:a4:a3:f1:a3:0b:5a:7e:4c:6b:8d:42:43:90:
                    18:11:49:95:40:40:9c:cd:17:f2:0a:95:4a:c1:d4:
                    21:ce:2b:d5:52:82:b4:10:ee:95:68:14:cf:4b:88:
                    f8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:95:14:B1:BA:7D:28:78:94:00:41:19:32:20:45:D3:79:87:9E:2A
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:af:56:8f:7d:08:98:0d:5e:c7:e8:82:af:99:d1:86:87:d2:
         9e:8f:7c:15:e5:a8:a9:e4:ae:49:4e:34:3d:c0:ba:54:fe:6e:
         d0:c1:2a:f5:77:de:07:c3:3a:da:48:18:25:49:cb:75:a4:03:
         8c:19:e8:c2:f2:d8:fd:20:dc:92:49:d9:ad:29:66:f0:9b:be:
         b1:63:bd:18:05:1e:a3:d1:71:00:9f:c7:1e:aa:77:bb:ea:e0:
         84:68:22:79:30:07:53:76:71:c9:f5:e7:01:c9:70:73:51:46:
         1b:6e:a0:83:6d:da:fc:71:bc:b6:39:9a:4c:fe:14:a8:49:ae:
         6b:70:52:6b:ab:24:2f:f3:9e:cb:f5:02:fe:33:0f:4f:a9:67:
         45:0e:64:de:48:96:8d:e7:16:43:56:43:83:8f:77:b3:ef:73:
         5f:96:2d:45:59:56:92:83:ec:9f:20:bb:60:a4:0c:a8:73:c5:
         c9:a6:f2:7d:ba:df:37:74:73:e4:6f:40:1b:29:61:86:9b:f0:
         19:6e:a1:94:c8:5a:c5:a6:6f:b9:b7:aa:d6:a1:ab:d9:77:ef:
         69:d4:8b:6d:b8:e0:28:23:d8:f0:42:d4:d4:b2:49:1e:1c:fb:
         11:f4:b5:3e:2a:cb:cf:01:00:d7:03:d9:8d:9c:c0:08:f6:a2:
         5a:5f:f5:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzUEzq1HWviMLgtuf3KvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUwODIzMTIwMDMyWhcNMjUwODI0MTIwMDMyWjAzMTEwLwYDVQQD
EyhiZDk1MTRiMWJhN2QyODc4OTQwMDQxMTkzMjIwNDVkMzc5ODc5ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l62biMFzWKwLo0cxNkWwK7YPFJo
EE69Isf+TSYxlAwQ/odwKdZY2ZuFRFdVyERs4c+5iLHKhGuU3/bVMG/MFaMsRBkW
oyqxvdv7im6CzOiBbKgfRTKUS2Zg2EZINSmSB9vCmaEIE34QFpWY5M0I2YpzjOeH
u911nO4LTbTMa3sxiO1CFMNUEpsItQOKor2XAbZl2AymcwUp/WbSglmBuuD/dgwV
5T4ZcAebMtmrzdedJT7a6gaCzcFPq6XN1oeALGoqop98xuvq0vHjqQMhccdQAqSj
8aMLWn5Ma41CQ5AYEUmVQECczRfyCpVKwdQhzivVUoK0EO6VaBTPS4j4oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2VFLG6fSh4lABBGTIgRdN5h54qMB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGa9Wj30I
mA1ex+iCr5nRhofSno98FeWoqeSuSU40PcC6VP5u0MEq9XfeB8M62kgYJUnLdaQD
jBnowvLY/SDckknZrSlm8Ju+sWO9GAUeo9FxAJ/HHqp3u+rghGgieTAHU3ZxyfXn
Aclwc1FGG26gg23a/HG8tjmaTP4UqEmua3BSa6skL/Oey/UC/jMPT6lnRQ5k3kiW
jecWQ1ZDg493s+9zX5YtRVlWkoPsnyC7YKQMqHPFyabyfbrfN3Rz5G9AGylhhpvw
GW6hlMhaxaZvubeq1qGr2XfvadSLbbjgKCPY8ELU1LJJHhz7EfS1PirLzwEA1wPZ
jZzACPaiWl/1Wg==
-----END CERTIFICATE-----