Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          y6J/wzWiCSAiX8301TBRFIhbdFvzNIHh5gSHnLMQVZo=
Subject key identifier:   84:45:FB:A2:E6:88:55:52:58:68:65:32:A9:BE:02:79:D7:A6:92:6B
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       0198D6CD52275ED2F1E55223C4E80E21CBFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          15D6
Signing time:             Sat 23 Aug 2025 12:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:36 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: ZXeeBfp1c/EermTUWSm+0E4ab7Ib5aJifHYJR/WFI8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:52:27:5e:d2:f1:e5:52:23:c4:e8:0e:21:cb:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Aug 23 12:00:36 2025 GMT
            Not After : Aug 24 12:00:36 2025 GMT
        Subject: CN=8445fba2e688555258686532a9be0279d7a6926b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:dc:a5:bc:92:e9:e5:6d:ad:de:26:68:3b:f5:
                    99:9d:a2:2e:0b:20:73:b8:17:2a:17:af:e7:4f:0a:
                    bb:44:93:62:ce:44:d4:45:ab:6f:71:91:91:74:4d:
                    83:d4:23:c8:96:67:63:51:94:e4:c3:60:72:b9:53:
                    c8:a4:7a:9c:46:d9:37:a3:ed:f5:2c:bd:fc:b6:e5:
                    39:5b:56:0e:4d:b3:80:e2:5e:ec:53:9a:f3:5f:06:
                    ba:85:8f:55:09:79:ac:71:9c:eb:de:f7:67:ee:10:
                    9e:77:b6:7b:79:02:52:2f:44:30:18:98:9a:6c:1a:
                    3a:d8:e4:33:24:a9:32:b1:65:20:bd:be:15:ea:df:
                    64:38:55:41:49:7d:f7:11:be:ed:6e:32:53:58:64:
                    b1:5c:18:53:69:b1:f5:be:fa:6d:66:5c:66:90:d7:
                    7a:04:b6:df:f1:e7:f9:df:ec:72:ed:e6:2f:23:80:
                    2f:e3:0f:82:79:39:ba:5f:c0:f7:1d:78:66:4c:ae:
                    94:77:13:8c:ce:05:b7:01:94:6a:31:db:d1:27:56:
                    69:20:0b:f4:70:8d:0f:3c:98:d1:a4:23:87:b7:6c:
                    8c:9a:eb:63:f7:98:2b:24:12:7e:53:56:06:57:13:
                    32:ae:8d:87:c5:e4:4b:11:e6:33:b2:d2:ae:26:58:
                    4b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:45:FB:A2:E6:88:55:52:58:68:65:32:A9:BE:02:79:D7:A6:92:6B
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:46:bb:99:8b:8a:38:db:1f:9c:b5:b5:96:5d:fc:de:42:4c:
         1e:6c:87:a5:6e:3f:10:73:44:7c:5f:e1:bb:c7:aa:13:77:56:
         d7:46:be:dd:f7:f5:9a:f8:c9:e9:c1:64:d3:ed:65:1c:2c:4d:
         a2:df:38:b6:38:5c:d5:2e:0e:00:83:07:d1:2a:00:dc:8a:26:
         b3:10:ab:88:14:26:aa:a9:46:53:76:4e:94:9b:49:36:a9:7b:
         36:93:0e:2d:e7:8d:21:a6:af:93:76:26:33:84:51:7e:02:c9:
         a2:1b:a7:91:1a:80:ed:6e:7e:9c:3b:0d:29:3e:de:25:bd:94:
         fe:4b:03:48:4c:18:f3:31:de:e8:39:11:75:fb:3f:2c:67:4c:
         a2:14:6c:d6:e2:1a:bb:5d:43:c2:c2:1f:af:03:57:a8:d0:cd:
         98:78:c5:ca:52:8f:f5:7b:40:e2:c5:42:2e:b2:da:22:e3:96:
         c5:e3:7a:c1:aa:07:a1:e6:d5:94:ad:eb:f9:f4:01:44:fd:7b:
         08:bc:5a:f3:c6:a9:21:52:76:c6:1a:c4:fe:4e:c6:9a:4f:2b:
         3d:0c:d3:3e:35:10:4f:14:f1:e7:32:cc:8b:de:c4:bd:49:a0:
         ec:20:13:7c:b4:6b:d3:64:60:ee:a6:ef:bd:3d:3f:13:52:d6:
         95:35:54:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzVInXtLx5VIjxOgOIcv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUwODIzMTIwMDM2WhcNMjUwODI0MTIwMDM2WjAzMTEwLwYDVQQD
Eyg4NDQ1ZmJhMmU2ODg1NTUyNTg2ODY1MzJhOWJlMDI3OWQ3YTY5MjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tylvJLp5W2t3iZoO/WZnaIuCyBz
uBcqF6/nTwq7RJNizkTURatvcZGRdE2D1CPIlmdjUZTkw2ByuVPIpHqcRtk3o+31
LL38tuU5W1YOTbOA4l7sU5rzXwa6hY9VCXmscZzr3vdn7hCed7Z7eQJSL0QwGJia
bBo62OQzJKkysWUgvb4V6t9kOFVBSX33Eb7tbjJTWGSxXBhTabH1vvptZlxmkNd6
BLbf8ef53+xy7eYvI4Av4w+CeTm6X8D3HXhmTK6UdxOMzgW3AZRqMdvRJ1ZpIAv0
cI0PPJjRpCOHt2yMmutj95grJBJ+U1YGVxMyro2HxeRLEeYzstKuJlhLxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRF+6LmiFVSWGhlMqm+AnnXppJrMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIka7mYuK
ONsfnLW1ll383kJMHmyHpW4/EHNEfF/hu8eqE3dW10a+3ff1mvjJ6cFk0+1lHCxN
ot84tjhc1S4OAIMH0SoA3IomsxCriBQmqqlGU3ZOlJtJNql7NpMOLeeNIaavk3Ym
M4RRfgLJohunkRqA7W5+nDsNKT7eJb2U/ksDSEwY8zHe6DkRdfs/LGdMohRs1uIa
u11DwsIfrwNXqNDNmHjFylKP9XtA4sVCLrLaIuOWxeN6waoHoebVlK3r+fQBRP17
CLxa88apIVJ2xhrE/k7Gmk8rPQzTPjUQTxTx5zLMi97EvUmg7CATfLRr02Rg7qbv
vT0/E1LWlTVU8A==
-----END CERTIFICATE-----