Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          c7svrq4a4OhBEN5p/0NklFwDwt/Ev4iBrbB1ClM80gM=
Subject key identifier:   4F:A9:F8:7B:E4:95:96:46:83:50:F5:D8:3D:A7:39:8D:09:74:3D:ED
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       0198D473B35DD27B9653D7381C0B61A7F695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:03:28 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:28 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:28 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: ZjYf+p/RfJ6i3ynePSDF0UpIE052FuTTmmXNM33I4gU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:b3:5d:d2:7b:96:53:d7:38:1c:0b:61:a7:f6:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Aug 23 01:03:28 2025 GMT
            Not After : Aug 24 01:03:28 2025 GMT
        Subject: CN=4fa9f87be49596468350f5d83da7398d09743ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b3:1b:90:d8:99:bd:32:f4:e3:d0:d4:59:e0:
                    cc:30:4c:9b:90:22:e5:8d:91:67:98:8e:31:be:31:
                    10:f8:d5:8d:d8:31:1e:06:59:fb:c8:96:65:a9:38:
                    c2:f7:f0:8d:2b:f0:02:db:ee:c7:88:75:50:f8:39:
                    32:5f:c2:38:de:8a:25:97:45:5d:23:ac:fe:c0:84:
                    87:2b:8e:12:2e:b6:4e:67:45:ad:fa:64:d0:c4:e0:
                    db:89:f1:5b:10:a8:29:e2:4b:d4:f5:2f:22:45:11:
                    ef:99:89:17:7d:b5:7e:4b:e6:14:ff:f5:12:74:17:
                    a9:8b:a1:b8:8d:70:c2:bb:5d:87:c7:80:1b:fb:be:
                    3f:c9:3b:7d:60:b6:72:9b:3f:b2:a5:6f:44:32:61:
                    fa:90:30:cd:35:a1:23:2d:90:17:9f:d1:57:20:e7:
                    12:32:63:b2:3c:1e:65:31:be:66:7f:21:b8:08:b6:
                    85:d6:2b:d1:2c:bf:cb:dd:67:22:52:6e:dd:89:61:
                    b9:e3:97:c1:1e:7c:d6:bc:9c:32:f6:3d:b2:89:e5:
                    c5:23:5d:e9:1e:fa:c8:0f:9f:7d:e0:2e:f5:c4:22:
                    61:8f:7f:7b:de:b5:c1:71:a9:bf:a5:ad:80:24:a3:
                    1d:f7:97:c4:3e:8c:07:b0:9d:67:f2:4b:a0:e5:80:
                    1c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:A9:F8:7B:E4:95:96:46:83:50:F5:D8:3D:A7:39:8D:09:74:3D:ED
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:70:09:96:7b:2a:f9:ca:a2:06:f3:a8:05:75:99:49:df:e5:
         ab:83:71:28:dc:3c:38:d5:dd:69:0c:f4:9a:95:cc:18:05:73:
         d8:17:6f:56:a5:58:65:25:87:56:18:0b:eb:e6:c9:e9:af:3d:
         16:2f:97:84:81:ec:ab:21:b9:2b:0a:9e:e4:c0:61:8e:30:54:
         ef:16:76:df:a4:b9:a5:8c:00:17:43:f5:38:c8:3f:33:df:f1:
         87:92:ea:d1:69:bb:50:ef:f7:e8:7b:b3:9f:b7:4f:a7:4c:9f:
         18:18:73:d0:fb:f3:d1:0c:58:2d:82:08:54:e3:e2:79:3b:89:
         12:46:b3:ee:4a:bb:53:57:44:d9:10:a3:c6:85:24:bf:90:ab:
         04:2a:5b:97:a6:11:67:32:2c:86:52:6c:9a:05:f8:00:bd:db:
         7e:a3:8b:76:11:1f:97:e8:68:9e:b6:8e:03:ec:40:ac:60:62:
         b7:c6:87:ea:21:c2:d0:14:8e:49:ba:32:e4:6f:87:de:7f:d7:
         e9:48:c0:dd:a8:54:24:9f:15:31:4a:e0:81:1a:25:52:77:bc:
         7f:9c:93:2e:53:1b:fa:f5:1b:1a:39:f9:47:d1:77:5d:40:95:
         40:6b:ed:5e:f0:4e:15:5a:29:5b:2c:28:47:55:04:5c:6a:c5:
         de:2f:ca:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc7Nd0nuWU9c4HAthp/aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUwODIzMDEwMzI4WhcNMjUwODI0MDEwMzI4WjAzMTEwLwYDVQQD
Eyg0ZmE5Zjg3YmU0OTU5NjQ2ODM1MGY1ZDgzZGE3Mzk4ZDA5NzQzZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLMbkNiZvTL049DUWeDMMEybkCLl
jZFnmI4xvjEQ+NWN2DEeBln7yJZlqTjC9/CNK/AC2+7HiHVQ+DkyX8I43ooll0Vd
I6z+wISHK44SLrZOZ0Wt+mTQxODbifFbEKgp4kvU9S8iRRHvmYkXfbV+S+YU//US
dBepi6G4jXDCu12Hx4Ab+74/yTt9YLZymz+ypW9EMmH6kDDNNaEjLZAXn9FXIOcS
MmOyPB5lMb5mfyG4CLaF1ivRLL/L3WciUm7diWG545fBHnzWvJwy9j2yieXFI13p
HvrID5994C71xCJhj3973rXBcam/pa2AJKMd95fEPowHsJ1n8kug5YAcuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+p+HvklZZGg1D12D2nOY0JdD3tMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnAJlnsq
+cqiBvOoBXWZSd/lq4NxKNw8ONXdaQz0mpXMGAVz2BdvVqVYZSWHVhgL6+bJ6a89
Fi+XhIHsqyG5Kwqe5MBhjjBU7xZ236S5pYwAF0P1OMg/M9/xh5Lq0Wm7UO/36Huz
n7dPp0yfGBhz0Pvz0QxYLYIIVOPieTuJEkaz7kq7U1dE2RCjxoUkv5CrBCpbl6YR
ZzIshlJsmgX4AL3bfqOLdhEfl+honraOA+xArGBit8aH6iHC0BSOSboy5G+H3n/X
6UjA3ahUJJ8VMUrggRolUne8f5yTLlMb+vUbGjn5R9F3XUCVQGvtXvBOFVopWywo
R1UEXGrF3i/KNA==
-----END CERTIFICATE-----