Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          2IIxoKg8oQJdtEsY2wtFH2hSarJwwavIvlobL3ir6Fg=
Subject key identifier:   0C:43:BF:46:91:AE:23:A0:D0:F7:91:6C:B4:58:DC:A4:F3:3F:1F:8F
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       0198D54E86E58D3D9472AC86A9C0F94B8D3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          048B
Signing time:             Sat 23 Aug 2025 05:02:29 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:29 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:29 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: RVX0EZaF6aSymRdIFQdxvFhiHpMXGp2epTdeYXG23Ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:86:e5:8d:3d:94:72:ac:86:a9:c0:f9:4b:8d:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Aug 23 05:02:29 2025 GMT
            Not After : Aug 24 05:02:29 2025 GMT
        Subject: CN=0c43bf4691ae23a0d0f7916cb458dca4f33f1f8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:40:27:59:ff:22:54:d4:07:56:10:dc:83:65:
                    48:02:c0:90:fd:37:b8:33:f8:72:f2:a8:64:03:33:
                    40:f1:9b:c5:67:99:a0:e9:53:f6:78:1c:03:03:2b:
                    1a:1e:78:be:e6:07:45:ad:d1:64:ce:8d:96:cb:4f:
                    e6:78:cd:55:8f:8d:b1:48:bc:55:53:c7:47:26:35:
                    f9:70:d8:bb:3e:3b:c0:01:a4:c0:e2:45:1a:d2:46:
                    d3:87:48:23:cc:03:73:31:b0:e6:09:f2:26:57:c4:
                    8d:ac:d0:17:ff:62:dc:3e:e8:76:3a:e3:6b:0c:7d:
                    64:6f:da:98:9b:29:b4:77:b8:ae:9d:64:5d:8e:39:
                    87:f1:8d:2c:50:8a:f9:56:44:f8:32:b3:a6:9d:7b:
                    90:a7:d1:88:23:bc:e0:29:85:95:51:ee:f7:52:e5:
                    1e:9b:8d:35:a2:90:eb:6c:ab:77:ce:aa:eb:0a:aa:
                    d5:a6:83:d7:d6:15:ac:d8:54:85:c1:8e:68:5b:db:
                    2d:90:75:a3:d3:9b:88:64:36:98:ef:a9:43:27:c1:
                    d8:6e:c3:7e:d1:f1:b1:14:77:62:0a:28:28:37:0b:
                    62:8f:81:10:be:fc:c8:6c:47:59:67:7a:65:b4:ef:
                    db:c0:a3:d3:64:b2:dd:b4:69:56:52:2f:27:0a:ac:
                    ce:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:43:BF:46:91:AE:23:A0:D0:F7:91:6C:B4:58:DC:A4:F3:3F:1F:8F
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:d6:c6:60:13:5b:2c:c5:77:29:dd:46:10:7b:da:19:1f:97:
         fb:59:af:ad:85:00:9c:b8:46:d0:08:4e:76:36:87:bc:51:21:
         d3:2f:48:c1:26:66:65:4d:f7:09:e4:b0:6c:10:7c:e5:9f:48:
         f5:0c:27:e1:7a:1a:f3:ca:80:8d:27:4a:e2:32:21:c5:28:8c:
         66:f3:e5:b8:d8:e1:40:c6:c5:85:dd:1d:ee:42:0b:72:9b:ed:
         6f:ba:fe:fd:05:19:6f:8f:9d:47:cc:bc:03:02:a5:99:2d:60:
         26:16:a1:1c:fa:03:f1:7b:ec:9a:68:8c:81:0e:98:35:17:aa:
         ea:4a:a8:bf:9b:ff:02:bf:7e:47:df:a6:03:d7:41:16:46:e0:
         a8:3b:36:c0:ba:31:eb:71:3d:29:c7:a4:0b:75:69:2f:63:91:
         f3:f1:dc:64:be:56:d8:f9:70:59:05:2b:1b:ea:d0:94:2b:ec:
         13:34:c5:cb:ab:d2:26:9e:6c:ea:df:3a:0e:5e:2a:b1:b2:cc:
         81:75:dc:0d:1a:fb:8b:b9:a8:86:28:6b:60:11:ac:93:6c:e9:
         fe:2c:ef:e9:29:ba:df:a8:a9:ab:60:c2:1d:13:10:78:8e:2b:
         a8:f7:7a:6f:49:8f:8f:59:f5:74:b0:93:cb:e5:90:39:9c:bc:
         b0:1e:42:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTobljT2UcqyGqcD5S407MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjUwODIzMDUwMjI5WhcNMjUwODI0MDUwMjI5WjAzMTEwLwYDVQQD
EygwYzQzYmY0NjkxYWUyM2EwZDBmNzkxNmNiNDU4ZGNhNGYzM2YxZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkAnWf8iVNQHVhDcg2VIAsCQ/Te4
M/hy8qhkAzNA8ZvFZ5mg6VP2eBwDAysaHni+5gdFrdFkzo2Wy0/meM1Vj42xSLxV
U8dHJjX5cNi7PjvAAaTA4kUa0kbTh0gjzANzMbDmCfImV8SNrNAX/2LcPuh2OuNr
DH1kb9qYmym0d7iunWRdjjmH8Y0sUIr5VkT4MrOmnXuQp9GII7zgKYWVUe73UuUe
m401opDrbKt3zqrrCqrVpoPX1hWs2FSFwY5oW9stkHWj05uIZDaY76lDJ8HYbsN+
0fGxFHdiCigoNwtij4EQvvzIbEdZZ3pltO/bwKPTZLLdtGlWUi8nCqzOQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxDv0aRriOg0PeRbLRY3KTzPx+PMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHdbGYBNb
LMV3Kd1GEHvaGR+X+1mvrYUAnLhG0AhOdjaHvFEh0y9IwSZmZU33CeSwbBB85Z9I
9Qwn4Xoa88qAjSdK4jIhxSiMZvPluNjhQMbFhd0d7kILcpvtb7r+/QUZb4+dR8y8
AwKlmS1gJhahHPoD8XvsmmiMgQ6YNReq6kqov5v/Ar9+R9+mA9dBFkbgqDs2wLox
63E9KcekC3VpL2OR8/HcZL5W2PlwWQUrG+rQlCvsEzTFy6vSJp5s6t86Dl4qsbLM
gXXcDRr7i7mohihrYBGsk2zp/izv6Sm636ipq2DCHRMQeI4rqPd6b0mPj1n1dLCT
y+WQOZy8sB5CGA==
-----END CERTIFICATE-----