Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.mft
File:                     m5TSR2sxUeHn8DYNzk84USXu1fs.mft (raw, json)
Hash identifier:          1D/kyarbsAMh85M03CE28dUyeT+/U+gorbBLyfBdR5g=
Subject key identifier:   AA:9A:54:AF:6C:4E:81:85:9A:0B:E5:84:0C:86:6E:B2:38:FE:F8:DF
Authority key identifier: 9B:94:D2:47:6B:31:51:E1:E7:F0:36:0D:CE:4F:38:51:25:EE:D5:FB
Certificate issuer:       /CN=9b94d2476b3151e1e7f0360dce4f385125eed5fb
Certificate serial:       0198D6CDB0E2F1E80ADFC370093F8B585F49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m5TSR2sxUeHn8DYNzk84USXu1fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.mft
Manifest number:          1649
Signing time:             Sat 23 Aug 2025 12:01:01 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:01 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:01 +0000
Files and hashes:         1: m5TSR2sxUeHn8DYNzk84USXu1fs.crl (hash: v+Y9AhQqqnspmnEtFf21DGLFSX1oYqKoEuTAsTVFo8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m5TSR2sxUeHn8DYNzk84USXu1fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:b0:e2:f1:e8:0a:df:c3:70:09:3f:8b:58:5f:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b94d2476b3151e1e7f0360dce4f385125eed5fb
        Validity
            Not Before: Aug 23 12:01:01 2025 GMT
            Not After : Aug 24 12:01:01 2025 GMT
        Subject: CN=aa9a54af6c4e81859a0be5840c866eb238fef8df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:de:1b:0c:8c:b3:f5:dc:e1:a2:4d:5f:65:aa:
                    d5:c2:9e:b2:f1:ea:0a:0c:70:32:22:0b:bd:85:3d:
                    86:06:72:2d:ef:83:bf:d7:71:8e:8e:63:a3:42:40:
                    c8:e7:f4:a6:e2:5a:f4:f9:d8:a2:ca:fe:d4:dd:f1:
                    fc:d8:a3:39:1e:39:ec:5c:a9:06:d3:46:d6:1b:4b:
                    aa:29:e0:4d:84:b8:5d:95:83:6c:5f:f5:38:76:6d:
                    f9:5c:b2:15:b8:06:a2:bf:53:bf:3c:6a:c1:24:cf:
                    d0:e5:e8:71:bc:43:ea:50:8f:d6:ef:1b:6a:34:63:
                    b9:33:45:e9:a0:fb:77:41:88:f0:80:08:8e:16:e1:
                    27:b7:d3:c9:f2:ef:f6:e9:2b:50:d5:a5:95:79:28:
                    15:00:c0:1d:53:7d:ed:4a:89:44:98:d6:2c:31:67:
                    f8:2d:10:dc:03:ec:95:98:c9:90:fe:b0:5c:67:72:
                    52:81:5a:01:7f:80:9c:ec:d1:4c:e6:5a:19:ae:0e:
                    72:12:ed:59:6d:77:4e:39:49:9d:8d:83:12:25:67:
                    3f:41:58:da:03:4c:ff:30:93:f0:58:53:7a:eb:ce:
                    b0:46:a7:29:a7:3e:ba:76:80:5b:f5:e8:55:07:e5:
                    a9:d3:76:e1:d9:cc:63:bf:b1:b2:54:e4:34:2d:93:
                    d2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:9A:54:AF:6C:4E:81:85:9A:0B:E5:84:0C:86:6E:B2:38:FE:F8:DF
            X509v3 Authority Key Identifier:
                keyid:9B:94:D2:47:6B:31:51:E1:E7:F0:36:0D:CE:4F:38:51:25:EE:D5:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5TSR2sxUeHn8DYNzk84USXu1fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3b74f0-e753-4669-85fd-822eaf0d22b0/1/m5TSR2sxUeHn8DYNzk84USXu1fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:cf:e3:ec:a9:03:bb:06:5f:dd:3d:e0:34:fd:a8:f6:ae:0e:
         e7:57:1d:18:e8:dd:6b:94:98:9b:1b:96:39:aa:be:14:09:1b:
         75:29:d3:01:a5:6a:43:59:f6:24:c3:41:03:9d:6f:b0:ec:ec:
         61:08:4e:72:64:d9:32:8a:ac:73:48:4d:03:da:a4:91:2a:72:
         df:15:c9:b0:c9:ec:1b:ab:bf:d5:8a:5b:f1:fc:8e:d3:21:50:
         4d:d2:0b:6d:07:77:8c:ba:c0:96:c6:66:e5:f2:20:90:78:79:
         d1:e1:0a:cc:ea:80:e6:72:07:7c:9e:9a:03:d2:f5:69:5b:cc:
         6a:93:dd:c1:e0:cc:ff:1f:20:5d:d2:c9:a8:84:74:2a:9c:e9:
         77:b2:63:47:27:92:40:b8:fe:22:88:af:46:81:57:83:61:24:
         07:11:26:e1:dd:a0:78:e8:8c:49:ac:01:b3:ba:34:f5:5a:66:
         62:01:32:51:87:22:33:70:80:8b:23:a9:c9:d0:f1:af:2d:b5:
         df:ad:d8:e1:7f:49:d4:30:89:b7:8a:96:09:dc:23:e3:6e:f1:
         33:4b:26:8a:56:76:f1:3e:42:8a:c7:ed:51:32:39:2a:c3:f9:
         99:1d:93:2b:a5:a8:b4:26:19:00:07:81:34:f6:c3:66:45:1b:
         34:ea:f2:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzbDi8egK38NwCT+LWF9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTRkMjQ3NmIzMTUxZTFlN2YwMzYwZGNlNGYzODUxMjVl
ZWQ1ZmIwHhcNMjUwODIzMTIwMTAxWhcNMjUwODI0MTIwMTAxWjAzMTEwLwYDVQQD
EyhhYTlhNTRhZjZjNGU4MTg1OWEwYmU1ODQwYzg2NmViMjM4ZmVmOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd4bDIyz9dzhok1fZarVwp6y8eoK
DHAyIgu9hT2GBnIt74O/13GOjmOjQkDI5/Sm4lr0+diiyv7U3fH82KM5HjnsXKkG
00bWG0uqKeBNhLhdlYNsX/U4dm35XLIVuAaiv1O/PGrBJM/Q5ehxvEPqUI/W7xtq
NGO5M0XpoPt3QYjwgAiOFuEnt9PJ8u/26StQ1aWVeSgVAMAdU33tSolEmNYsMWf4
LRDcA+yVmMmQ/rBcZ3JSgVoBf4Cc7NFM5loZrg5yEu1ZbXdOOUmdjYMSJWc/QVja
A0z/MJPwWFN6686wRqcppz66doBb9ehVB+Wp03bh2cxjv7GyVOQ0LZPSsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqaVK9sToGFmgvlhAyGbrI4/vjfMB8GA1UdIwQY
MBaAFJuU0kdrMVHh5/A2Dc5POFEl7tX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVUU1Iyc3hVZUhuOERZTnprODRVU1h1MWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zYjc0ZjAtZTc1My00NjY5LTg1ZmQt
ODIyZWFmMGQyMmIwLzEvbTVUU1Iyc3hVZUhuOERZTnprODRVU1h1MWZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zYjc0ZjAtZTc1My00NjY5LTg1ZmQtODIyZWFmMGQyMmIw
LzEvbTVUU1Iyc3hVZUhuOERZTnprODRVU1h1MWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKc/j7KkD
uwZf3T3gNP2o9q4O51cdGOjda5SYmxuWOaq+FAkbdSnTAaVqQ1n2JMNBA51vsOzs
YQhOcmTZMoqsc0hNA9qkkSpy3xXJsMnsG6u/1Ypb8fyO0yFQTdILbQd3jLrAlsZm
5fIgkHh50eEKzOqA5nIHfJ6aA9L1aVvMapPdweDM/x8gXdLJqIR0Kpzpd7JjRyeS
QLj+IoivRoFXg2EkBxEm4d2geOiMSawBs7o09VpmYgEyUYciM3CAiyOpydDxry21
363Y4X9J1DCJt4qWCdwj427xM0smilZ28T5CisftUTI5KsP5mR2TK6WotCYZAAeB
NPbDZkUbNOryfw==
-----END CERTIFICATE-----