Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          EktAdOT66gfHQA1C3S8mkUHfFU96bROMn8ext7KpPoQ=
Subject key identifier:   3E:0A:1A:99:09:A0:B2:A8:8B:13:C7:F9:7E:3D:73:6E:AF:55:F9:A3
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       0198D6CD047248C9DF7A1652D3C1677439EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          069C
Signing time:             Sat 23 Aug 2025 12:00:16 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:16 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:16 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: T8fgx8XWrlFCTzPSglkaXJ5NHaoMzttXfwGxza0rizI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:04:72:48:c9:df:7a:16:52:d3:c1:67:74:39:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Aug 23 12:00:16 2025 GMT
            Not After : Aug 24 12:00:16 2025 GMT
        Subject: CN=3e0a1a9909a0b2a88b13c7f97e3d736eaf55f9a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:71:e2:5a:93:d3:11:27:58:3e:1a:cd:98:8f:
                    74:7c:ea:a2:37:fd:03:fb:d6:a4:62:20:33:11:4c:
                    26:09:1c:38:0d:a4:4e:11:43:9f:bb:43:52:74:6a:
                    7d:31:4f:e5:18:1f:32:b0:9a:76:09:2f:4e:fa:21:
                    92:b1:24:ea:0e:0d:b8:80:dc:18:a3:2e:18:18:1a:
                    14:01:32:1d:a6:c8:98:ee:eb:1c:07:a9:ff:5b:a7:
                    52:b9:ef:bb:9c:e3:44:c6:ad:e2:c3:24:07:bb:d9:
                    58:64:a4:b6:3f:3f:21:83:5a:1a:f8:3a:ea:37:29:
                    10:da:82:7c:47:88:f2:d3:ea:b6:66:95:6d:66:3f:
                    05:95:b0:08:41:04:1a:44:b2:ff:f8:64:2c:62:b4:
                    f1:b8:88:2b:12:69:5b:71:87:40:be:52:c0:1f:fd:
                    98:71:5a:6e:38:c9:07:a7:67:96:94:55:3d:fd:04:
                    0c:0d:02:45:7a:00:75:a6:4e:7c:bd:3d:3b:06:59:
                    6f:df:39:60:c7:b6:72:5e:92:f3:0b:19:92:b2:cb:
                    1c:eb:a3:aa:33:00:63:44:06:44:81:cf:9c:a2:49:
                    2d:4d:e6:8e:91:3e:10:12:50:b4:2f:54:84:f7:e9:
                    a7:fe:a5:2e:ba:0e:ab:00:e0:d8:99:77:ed:75:1a:
                    58:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:0A:1A:99:09:A0:B2:A8:8B:13:C7:F9:7E:3D:73:6E:AF:55:F9:A3
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:80:c0:de:93:d4:bb:a4:a3:44:9a:a5:92:e6:7a:b6:86:2e:
         17:10:aa:be:ab:49:86:38:ae:2d:f1:d8:0b:0a:12:68:dd:91:
         cc:53:00:83:0a:32:f5:ab:ea:2d:20:66:55:a4:ac:70:99:6a:
         c1:8c:f3:ce:08:c4:6c:e0:9c:ab:eb:51:d4:09:cc:e8:09:e9:
         fe:18:29:2e:9c:96:fc:14:f1:45:68:14:e5:38:6d:a3:34:2c:
         4d:cc:cd:cb:98:d6:a2:2a:7d:f8:c2:6a:4b:8d:88:12:39:f7:
         a0:59:33:e8:fe:95:a2:b4:8c:68:55:12:fa:b5:da:14:0f:1d:
         51:10:87:67:c1:ff:43:0f:7f:db:71:88:2f:c6:80:ab:9a:76:
         4f:3f:6e:57:dd:96:c2:b5:9f:ac:96:85:95:68:e5:69:06:18:
         c1:82:4b:33:31:85:8a:33:0b:d0:6a:da:a9:1d:b8:f6:8f:46:
         84:9f:a4:90:2c:fe:67:29:d1:a7:ce:5f:c7:2a:78:ed:1c:a4:
         1c:1d:04:5e:b9:65:58:82:c7:7a:a7:95:5d:1f:8b:d7:a7:b1:
         12:5d:3d:6a:a2:1c:35:b3:8a:db:f0:b6:9a:c0:76:0b:bb:e3:
         79:a3:e7:3c:3e:70:49:70:b7:b6:8e:ea:32:04:c0:5c:f3:62:
         37:3b:1c:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzQRySMnfehZS08FndDnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUwODIzMTIwMDE2WhcNMjUwODI0MTIwMDE2WjAzMTEwLwYDVQQD
EygzZTBhMWE5OTA5YTBiMmE4OGIxM2M3Zjk3ZTNkNzM2ZWFmNTVmOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3HiWpPTESdYPhrNmI90fOqiN/0D
+9akYiAzEUwmCRw4DaROEUOfu0NSdGp9MU/lGB8ysJp2CS9O+iGSsSTqDg24gNwY
oy4YGBoUATIdpsiY7uscB6n/W6dSue+7nONExq3iwyQHu9lYZKS2Pz8hg1oa+Drq
NykQ2oJ8R4jy0+q2ZpVtZj8FlbAIQQQaRLL/+GQsYrTxuIgrEmlbcYdAvlLAH/2Y
cVpuOMkHp2eWlFU9/QQMDQJFegB1pk58vT07Bllv3zlgx7ZyXpLzCxmSsssc66Oq
MwBjRAZEgc+cokktTeaOkT4QElC0L1SE9+mn/qUuug6rAODYmXftdRpYbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4KGpkJoLKoixPH+X49c26vVfmjMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoDA3pPU
u6SjRJqlkuZ6toYuFxCqvqtJhjiuLfHYCwoSaN2RzFMAgwoy9avqLSBmVaSscJlq
wYzzzgjEbOCcq+tR1AnM6Anp/hgpLpyW/BTxRWgU5ThtozQsTczNy5jWoip9+MJq
S42IEjn3oFkz6P6VorSMaFUS+rXaFA8dURCHZ8H/Qw9/23GIL8aAq5p2Tz9uV92W
wrWfrJaFlWjlaQYYwYJLMzGFijML0GraqR249o9GhJ+kkCz+ZynRp85fxyp47Ryk
HB0EXrllWILHeqeVXR+L16exEl09aqIcNbOK2/C2msB2C7vjeaPnPD5wSXC3to7q
MgTAXPNiNzsc8A==
-----END CERTIFICATE-----