Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          JhsLU0rfsCLSz75e06dDGBLv78JAlQyHuwYPIEdtn8Y=
Subject key identifier:   F9:6D:FF:3C:F0:98:38:70:D5:BD:6C:E7:CA:05:77:08:D2:80:23:44
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0198D5BC4C05951176C992AE04EF35AEF7C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0A09
Signing time:             Sat 23 Aug 2025 07:02:23 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:23 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:23 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: FyZOW7QIS61PN081Ft+tv8YLrqRJEstmy3OxNHjPgVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:4c:05:95:11:76:c9:92:ae:04:ef:35:ae:f7:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Aug 23 07:02:23 2025 GMT
            Not After : Aug 24 07:02:23 2025 GMT
        Subject: CN=f96dff3cf0983870d5bd6ce7ca057708d2802344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d3:02:2f:6f:a2:71:2d:85:33:b2:e9:00:fb:
                    bc:15:c6:e2:53:cb:25:37:5c:58:81:6f:dc:4f:87:
                    77:17:3f:84:22:85:55:63:ac:f4:22:91:e4:86:3a:
                    aa:d4:bb:70:e1:65:74:5d:d8:77:fb:c4:cd:8c:00:
                    91:d5:7c:81:33:37:8c:dd:b0:29:76:c7:1a:8e:53:
                    98:4a:4c:16:13:97:ad:37:dd:8d:90:77:a9:f1:93:
                    5a:0b:92:a2:b7:46:b6:4b:72:1e:a2:f4:87:0a:6b:
                    3c:9b:21:6c:02:c4:bd:a1:a4:86:cb:5e:0a:fa:a9:
                    24:e0:7b:c8:b2:b6:a0:b8:c2:5d:44:0a:12:02:cb:
                    92:18:8c:24:1d:ef:ff:52:09:d7:a8:0a:64:de:32:
                    d1:b6:b4:dc:51:37:dd:ce:5e:69:54:2b:ad:b3:2c:
                    60:ea:4c:e6:5a:c3:da:03:12:26:ec:60:96:a7:54:
                    44:b1:d5:19:db:15:b4:d1:39:d5:e0:c4:59:4d:44:
                    a6:7d:85:34:fc:4f:86:94:9a:e8:6f:cc:cc:7a:95:
                    79:dd:16:8c:53:28:fe:50:6c:b4:ce:46:4c:75:61:
                    5c:31:fa:73:f1:f7:96:23:9a:ba:90:74:39:91:48:
                    44:ff:31:4f:65:b4:23:57:91:70:ec:eb:d7:73:d1:
                    e9:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:6D:FF:3C:F0:98:38:70:D5:BD:6C:E7:CA:05:77:08:D2:80:23:44
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:c1:43:15:cc:81:b0:5f:7c:06:96:82:a8:7c:a0:eb:0d:05:
         cd:cd:e1:57:09:c8:1d:43:f8:e6:fa:da:12:8c:af:31:df:4a:
         d0:0a:b9:f7:e2:f3:d5:06:ae:55:06:47:83:3f:a1:6e:cb:e9:
         83:c7:5c:a5:d4:71:e8:e9:10:57:9c:e3:d6:80:c5:f4:64:1c:
         bc:56:23:69:37:a9:fa:1e:28:a9:4e:78:64:40:03:89:42:98:
         60:7f:b6:13:87:fd:7e:ce:31:eb:ee:aa:68:65:cd:e2:58:62:
         31:d8:d3:57:35:2e:a2:11:f4:e5:da:cf:08:d1:67:81:7f:9e:
         d3:f0:21:4b:aa:3f:62:78:d2:c2:70:0e:dc:45:40:22:ee:dc:
         92:27:62:ae:85:ba:d9:43:d2:69:c7:77:3b:43:8f:ef:77:16:
         da:43:f4:66:78:3f:0c:5b:f2:a5:0d:41:ab:c3:23:65:f8:6e:
         19:fd:f7:b5:97:b1:4e:55:00:a1:09:ff:32:6b:ac:67:b7:c5:
         a6:92:e1:81:c4:82:11:6b:e7:ae:57:1d:59:a5:c2:4e:71:32:
         83:06:10:d8:06:c7:7d:94:7d:35:5c:6f:ff:28:d1:9c:fb:ef:
         54:18:60:63:c2:e9:3f:f7:29:b6:95:ac:51:12:5f:5b:bd:e6:
         10:e3:e8:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvEwFlRF2yZKuBO81rvfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwODIzMDcwMjIzWhcNMjUwODI0MDcwMjIzWjAzMTEwLwYDVQQD
EyhmOTZkZmYzY2YwOTgzODcwZDViZDZjZTdjYTA1NzcwOGQyODAyMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdMCL2+icS2FM7LpAPu8FcbiU8sl
N1xYgW/cT4d3Fz+EIoVVY6z0IpHkhjqq1Ltw4WV0Xdh3+8TNjACR1XyBMzeM3bAp
dscajlOYSkwWE5etN92NkHep8ZNaC5Kit0a2S3IeovSHCms8myFsAsS9oaSGy14K
+qkk4HvIsraguMJdRAoSAsuSGIwkHe//UgnXqApk3jLRtrTcUTfdzl5pVCutsyxg
6kzmWsPaAxIm7GCWp1REsdUZ2xW00TnV4MRZTUSmfYU0/E+GlJrob8zMepV53RaM
Uyj+UGy0zkZMdWFcMfpz8feWI5q6kHQ5kUhE/zFPZbQjV5Fw7OvXc9HpZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlt/zzwmDhw1b1s58oFdwjSgCNEMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAncFDFcyB
sF98BpaCqHyg6w0Fzc3hVwnIHUP45vraEoyvMd9K0Aq59+Lz1QauVQZHgz+hbsvp
g8dcpdRx6OkQV5zj1oDF9GQcvFYjaTep+h4oqU54ZEADiUKYYH+2E4f9fs4x6+6q
aGXN4lhiMdjTVzUuohH05drPCNFngX+e0/AhS6o/YnjSwnAO3EVAIu7ckidiroW6
2UPSacd3O0OP73cW2kP0Zng/DFvypQ1Bq8MjZfhuGf33tZexTlUAoQn/MmusZ7fF
ppLhgcSCEWvnrlcdWaXCTnEygwYQ2AbHfZR9NVxv/yjRnPvvVBhgY8LpP/cptpWs
URJfW73mEOPoeg==
-----END CERTIFICATE-----