Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          ffzfd5Vwy9zYS08whU3L2Hw5QuTwqbPfXk0BpgaLJH0=
Subject key identifier:   45:B7:3B:6F:7F:D2:DC:C9:2B:6F:54:AB:C2:FF:34:2A:32:AE:00:6B
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       0198D65F265A09582184DA42BE3968C79FEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0F5E
Signing time:             Sat 23 Aug 2025 10:00:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:16 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: 4WU+HoX8cyPwEga/F7E9hKY/8OV5bEV3BHXysTQGsSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:26:5a:09:58:21:84:da:42:be:39:68:c7:9f:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Aug 23 10:00:16 2025 GMT
            Not After : Aug 24 10:00:16 2025 GMT
        Subject: CN=45b73b6f7fd2dcc92b6f54abc2ff342a32ae006b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:95:04:ae:7f:cb:d3:cb:a0:3d:02:4f:85:e4:
                    f3:b3:cf:55:67:f7:4f:cd:c3:ca:ce:37:81:34:d8:
                    b2:bc:91:8c:26:ad:33:18:9d:82:38:76:f5:31:d6:
                    c3:7c:e5:f8:16:c0:57:e5:b0:36:9b:5b:d8:f9:9f:
                    80:3e:e8:d0:eb:04:b7:b6:42:b8:a8:34:33:64:86:
                    ae:5d:7c:59:b5:05:c1:f0:fd:51:e5:53:94:99:9f:
                    b4:f0:8b:3a:a7:6b:87:68:5a:08:89:13:cf:0c:e4:
                    ea:6f:cc:56:f9:5d:50:f4:da:c4:68:21:cf:89:ee:
                    af:03:67:37:d4:92:5e:2e:8a:11:6c:31:b4:2d:78:
                    dc:35:19:39:5f:c5:1e:2f:c0:66:e7:2d:77:7a:f1:
                    1d:56:35:35:c5:6f:51:ed:c4:c3:22:2e:d7:52:1f:
                    d1:85:05:dc:e5:1f:c5:42:5a:ed:b6:c7:20:0e:4c:
                    e1:50:13:f5:dd:fd:7f:02:0c:03:08:66:3a:2a:83:
                    d0:0b:e0:4a:c7:0c:63:3c:1f:c0:d4:10:33:06:f6:
                    4f:99:9c:91:50:18:33:87:5f:67:3b:2e:97:e0:de:
                    42:58:55:dd:e9:b9:83:a8:90:b7:0e:a7:62:5a:71:
                    69:f3:77:4e:f5:89:fc:72:19:80:e8:3d:a7:ed:64:
                    22:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B7:3B:6F:7F:D2:DC:C9:2B:6F:54:AB:C2:FF:34:2A:32:AE:00:6B
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:95:33:cf:d0:e2:92:a8:ad:7f:a6:a8:ea:e1:1e:7e:c8:f7:
         19:9c:59:50:c8:1e:dc:8c:3b:f6:67:ce:c7:27:97:12:f9:42:
         5c:92:9e:57:90:ca:66:c7:d8:3a:ec:a6:73:7f:27:e9:ba:0d:
         74:ef:25:3a:90:28:c2:dc:f9:b7:29:b7:72:cb:9c:ee:be:ad:
         c5:4e:82:6c:f6:c8:e3:c6:b9:fc:c9:1b:ff:1e:9e:a5:3c:81:
         bc:33:cc:12:f9:42:03:cd:3a:78:87:88:d8:6b:69:32:32:02:
         85:63:c0:97:08:94:71:cf:da:cb:f9:16:20:4b:9e:3d:bf:68:
         f2:0f:3d:ba:89:cd:3c:32:a9:1c:84:f4:e5:35:9a:67:5b:ae:
         ae:31:5f:73:00:90:e0:08:72:43:fd:15:f2:09:60:e7:8a:35:
         5c:cf:ec:0a:95:c5:1d:43:14:84:8f:4d:0b:eb:72:c6:c2:6d:
         fb:97:78:16:d6:07:8e:a6:64:88:ec:b2:fa:44:96:8a:31:55:
         6f:e6:4e:25:77:f3:d4:c6:f2:1f:19:ae:0f:4b:29:00:0f:eb:
         6d:63:7c:5a:4f:ca:f9:36:0e:39:ae:44:22:6b:40:d2:1f:e6:
         91:5b:59:da:43:d3:63:e7:44:5b:4e:02:c3:08:f7:5d:ae:4e:
         9e:5f:45:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXyZaCVghhNpCvjlox5/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwODIzMTAwMDE2WhcNMjUwODI0MTAwMDE2WjAzMTEwLwYDVQQD
Eyg0NWI3M2I2ZjdmZDJkY2M5MmI2ZjU0YWJjMmZmMzQyYTMyYWUwMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5UErn/L08ugPQJPheTzs89VZ/dP
zcPKzjeBNNiyvJGMJq0zGJ2COHb1MdbDfOX4FsBX5bA2m1vY+Z+APujQ6wS3tkK4
qDQzZIauXXxZtQXB8P1R5VOUmZ+08Is6p2uHaFoIiRPPDOTqb8xW+V1Q9NrEaCHP
ie6vA2c31JJeLooRbDG0LXjcNRk5X8UeL8Bm5y13evEdVjU1xW9R7cTDIi7XUh/R
hQXc5R/FQlrttscgDkzhUBP13f1/AgwDCGY6KoPQC+BKxwxjPB/A1BAzBvZPmZyR
UBgzh19nOy6X4N5CWFXd6bmDqJC3DqdiWnFp83dO9Yn8chmA6D2n7WQiywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEW3O29/0tzJK29Uq8L/NCoyrgBrMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5Uzz9Di
kqitf6ao6uEefsj3GZxZUMge3Iw79mfOxyeXEvlCXJKeV5DKZsfYOuymc38n6boN
dO8lOpAowtz5tym3csuc7r6txU6CbPbI48a5/Mkb/x6epTyBvDPMEvlCA806eIeI
2GtpMjIChWPAlwiUcc/ay/kWIEuePb9o8g89uonNPDKpHIT05TWaZ1uurjFfcwCQ
4AhyQ/0V8glg54o1XM/sCpXFHUMUhI9NC+tyxsJt+5d4FtYHjqZkiOyy+kSWijFV
b+ZOJXfz1MbyHxmuD0spAA/rbWN8Wk/K+TYOOa5EImtA0h/mkVtZ2kPTY+dEW04C
wwj3Xa5Onl9Ffw==
-----END CERTIFICATE-----