Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
File:                     9l95H50M9str44nJRWjId0BeUUQ.mft (raw, json)
Hash identifier:          h4qJCOVEzACRBN0XSUaabB3LyWtDVEHA56fCTJeNpzQ=
Subject key identifier:   A4:68:D7:AC:F8:47:09:75:6E:BF:5F:5F:61:B5:75:DF:3E:94:B7:22
Authority key identifier: F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44
Certificate issuer:       /CN=f65f791f9d0cf6cb6be389c94568c877405e5144
Certificate serial:       0198D4E05C900213693B1558D12CA7AEA68C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
Manifest number:          05B3
Signing time:             Sat 23 Aug 2025 03:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:10 +0000
Files and hashes:         1: 9l95H50M9str44nJRWjId0BeUUQ.crl (hash: PZIRSzvI6QaSqt6iu6dFJ2649V55PlSXTqpLwkoSfRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:5c:90:02:13:69:3b:15:58:d1:2c:a7:ae:a6:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f65f791f9d0cf6cb6be389c94568c877405e5144
        Validity
            Not Before: Aug 23 03:02:10 2025 GMT
            Not After : Aug 24 03:02:10 2025 GMT
        Subject: CN=a468d7acf84709756ebf5f5f61b575df3e94b722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2f:0e:07:82:3c:b9:12:70:5f:45:8d:8c:64:
                    b3:c9:e8:79:12:a7:ab:5e:7c:3b:07:4b:01:9c:b0:
                    6a:f0:99:a5:ef:89:1f:d4:f1:ab:36:dc:9d:fe:47:
                    52:f7:ca:aa:57:0a:50:a9:fa:ad:9c:cc:e4:e5:e8:
                    72:ed:6d:3a:3c:0d:c2:e1:b5:0b:7f:e6:c4:18:5d:
                    45:bb:77:02:ad:31:c3:34:9a:71:78:15:fc:f2:75:
                    77:c1:08:97:97:f6:55:7e:f2:a4:e4:ef:ae:8a:89:
                    97:18:33:48:b1:92:b8:6f:27:20:a0:74:2d:f8:5f:
                    3c:d7:e0:c2:ac:79:19:6e:36:8b:86:dc:58:a8:19:
                    ca:ee:ec:1e:7f:1f:ef:cc:cf:a8:40:5a:d0:a0:42:
                    db:d1:f8:c8:ed:69:e8:85:54:37:69:69:7c:f5:c9:
                    23:e6:34:d1:23:2b:e5:15:92:fe:64:e4:5e:95:9a:
                    37:43:a7:ba:0a:c1:f7:27:0e:c8:4d:71:20:88:02:
                    43:d2:bf:b8:0c:22:00:21:89:96:7d:1a:46:fd:56:
                    19:9a:00:d0:50:13:44:41:23:93:83:b5:e3:1b:e6:
                    68:59:96:cb:aa:55:2c:ca:ee:3e:be:95:52:22:b6:
                    a0:a7:b0:07:d3:a7:1f:0e:85:9a:5d:ca:eb:a2:f3:
                    38:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:68:D7:AC:F8:47:09:75:6E:BF:5F:5F:61:B5:75:DF:3E:94:B7:22
            X509v3 Authority Key Identifier:
                keyid:F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:15:f7:64:63:b5:2e:fc:3c:2f:b3:5d:31:b5:2c:51:1c:f9:
         71:2f:79:be:ce:f6:b9:28:44:01:e4:b8:a3:ea:10:fc:44:90:
         9b:95:19:20:66:a0:b6:ea:52:2d:68:47:1e:e8:b0:64:6d:fc:
         39:e6:20:85:eb:2e:b9:30:02:c1:94:35:09:6d:a5:8d:b8:d1:
         80:a1:91:3b:24:bf:0c:f8:ba:01:53:6a:4e:f9:4b:f2:85:9c:
         1b:95:bb:e1:ed:f8:64:36:cd:01:22:72:df:9c:30:11:b0:6d:
         f7:4e:b7:51:cf:20:c7:89:a3:8a:2f:e6:64:b5:9f:dc:98:e5:
         12:9b:21:9f:59:d1:fd:01:95:c9:70:34:52:d9:7c:36:a7:12:
         98:e8:86:54:4a:bd:6b:ed:3f:03:38:f7:03:f1:b6:06:d3:d5:
         18:cd:ac:14:db:d0:8a:6c:39:ae:f7:7a:3a:0b:07:d3:3e:3a:
         4f:ba:23:77:ea:1b:55:b0:f8:e6:53:df:e9:f9:19:ba:f2:dd:
         a0:4b:fc:1a:86:0b:48:b0:54:2a:a4:7c:0b:b6:af:ec:49:b2:
         0a:ec:88:56:a3:78:b3:8c:9f:c0:65:be:37:1a:16:26:98:1e:
         2b:d1:94:b0:51:12:da:0e:f4:27:64:32:13:d8:3e:8c:dc:30:
         ac:86:28:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4FyQAhNpOxVY0SynrqaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NWY3OTFmOWQwY2Y2Y2I2YmUzODljOTQ1NjhjODc3NDA1
ZTUxNDQwHhcNMjUwODIzMDMwMjEwWhcNMjUwODI0MDMwMjEwWjAzMTEwLwYDVQQD
EyhhNDY4ZDdhY2Y4NDcwOTc1NmViZjVmNWY2MWI1NzVkZjNlOTRiNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy8OB4I8uRJwX0WNjGSzyeh5Eqer
Xnw7B0sBnLBq8Jml74kf1PGrNtyd/kdS98qqVwpQqfqtnMzk5ehy7W06PA3C4bUL
f+bEGF1Fu3cCrTHDNJpxeBX88nV3wQiXl/ZVfvKk5O+uiomXGDNIsZK4bycgoHQt
+F881+DCrHkZbjaLhtxYqBnK7uwefx/vzM+oQFrQoELb0fjI7WnohVQ3aWl89ckj
5jTRIyvlFZL+ZORelZo3Q6e6CsH3Jw7ITXEgiAJD0r+4DCIAIYmWfRpG/VYZmgDQ
UBNEQSOTg7XjG+ZoWZbLqlUsyu4+vpVSIragp7AH06cfDoWaXcrrovM4XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRo16z4Rwl1br9fX2G1dd8+lLciMB8GA1UdIwQY
MBaAFPZfeR+dDPbLa+OJyUVoyHdAXlFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAt
Y2QwMzc0MWQyNmI1LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAtY2QwMzc0MWQyNmI1
LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASxX3ZGO1
Lvw8L7NdMbUsURz5cS95vs72uShEAeS4o+oQ/ESQm5UZIGagtupSLWhHHuiwZG38
OeYghesuuTACwZQ1CW2ljbjRgKGROyS/DPi6AVNqTvlL8oWcG5W74e34ZDbNASJy
35wwEbBt9063Uc8gx4mjii/mZLWf3JjlEpshn1nR/QGVyXA0Utl8NqcSmOiGVEq9
a+0/Azj3A/G2BtPVGM2sFNvQimw5rvd6OgsH0z46T7ojd+obVbD45lPf6fkZuvLd
oEv8GoYLSLBUKqR8C7av7EmyCuyIVqN4s4yfwGW+NxoWJpgeK9GUsFES2g70J2Qy
E9g+jNwwrIYoiw==
-----END CERTIFICATE-----