Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          U8C1bG5zX7S5k1O7Z+fF5bmZlHkOANZ+4i2jvuoNaRs=
Subject key identifier:   E0:5F:BD:C8:85:6F:8F:A2:4D:30:A5:D4:17:4E:C3:D9:A4:3B:FD:8B
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       0198D65F870A44330C6E7F97DF16612C2CB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0AAC
Signing time:             Sat 23 Aug 2025 10:00:41 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:41 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:41 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: NU+Z0uFnbQvCIhJRYazSp5BkzK8s4ZLLycRz4oVstXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:87:0a:44:33:0c:6e:7f:97:df:16:61:2c:2c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Aug 23 10:00:41 2025 GMT
            Not After : Aug 24 10:00:41 2025 GMT
        Subject: CN=e05fbdc8856f8fa24d30a5d4174ec3d9a43bfd8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3c:8c:ec:5a:bb:09:4f:44:42:79:51:8a:2a:
                    25:d1:25:11:a1:e1:cb:2b:e3:24:06:df:e2:50:01:
                    47:35:90:f5:a4:ec:18:1f:4a:d3:32:73:eb:97:76:
                    da:7f:80:9f:b3:b9:b4:76:07:b4:43:5e:a9:45:d0:
                    84:e0:e5:d5:96:7d:5f:72:c8:cc:15:13:84:ac:7a:
                    23:0c:63:80:1b:f5:18:4e:4a:3f:4f:74:f1:47:37:
                    9c:64:51:21:f5:50:d5:a7:7a:da:f0:90:36:8a:19:
                    14:60:4e:a7:56:5c:14:65:44:00:35:cf:39:d6:a7:
                    f4:3d:8f:e1:48:2c:0b:cc:98:63:29:95:52:6e:ab:
                    15:80:73:4d:00:d0:68:99:08:1a:46:b3:8a:33:cd:
                    d4:a8:dd:dd:63:51:9b:bb:ee:4b:a5:ab:7c:d0:ec:
                    7e:38:01:27:fe:af:92:f7:0f:21:c0:71:eb:1c:92:
                    34:cd:50:cc:30:7b:e2:90:4e:ce:83:76:1a:db:f0:
                    7c:96:14:38:3d:58:74:33:15:12:e8:b2:76:22:cd:
                    15:0c:a2:6d:37:f1:f9:a7:2f:a8:11:92:f3:f0:b6:
                    b7:61:64:1b:c9:38:1e:93:cd:e2:84:a5:89:cf:86:
                    76:28:0d:60:74:f2:2c:7a:99:0f:82:e9:25:6a:4d:
                    97:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:5F:BD:C8:85:6F:8F:A2:4D:30:A5:D4:17:4E:C3:D9:A4:3B:FD:8B
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:4c:ba:f6:c9:d1:da:a6:e9:1b:a6:63:b7:e2:cb:af:7f:52:
         48:21:6d:8b:76:d3:77:8d:91:33:bf:c7:da:c3:e8:14:6c:34:
         9c:dc:bb:4d:09:e6:8c:b9:d0:3b:67:09:bc:c2:66:1c:03:54:
         c0:a4:d1:75:06:ee:c3:b3:bd:b4:57:a5:03:15:9f:b0:99:c5:
         86:f1:91:af:d4:8e:e2:20:12:55:50:a9:33:a2:16:87:f6:e2:
         2a:ac:70:36:80:bd:17:21:de:65:21:86:b2:aa:a7:cc:e5:70:
         f1:ba:b4:40:5e:7f:8e:b5:ee:79:ed:0a:fa:db:f0:f4:a0:11:
         b8:18:96:42:69:d9:12:61:b2:cd:e1:3c:85:71:bc:0f:c6:5a:
         87:5f:dc:7a:52:de:e5:fa:f8:d6:60:96:9f:e4:a8:fc:ba:f0:
         bd:4a:5d:e7:7b:78:5f:b9:5f:57:89:72:83:41:c8:b1:7d:75:
         25:8b:33:b1:ff:88:eb:17:b7:48:aa:46:97:ac:fc:d4:b5:84:
         27:be:81:fa:e5:e4:b4:5e:44:e2:37:4e:a8:f3:e2:46:6c:a7:
         76:fc:f1:d7:e3:42:5d:8c:be:8f:78:4d:fa:38:a5:67:ff:d4:
         f1:4a:66:7d:90:b9:3b:d8:88:90:06:3c:19:b1:53:8a:f0:ee:
         ff:09:19:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX4cKRDMMbn+X3xZhLCyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwODIzMTAwMDQxWhcNMjUwODI0MTAwMDQxWjAzMTEwLwYDVQQD
EyhlMDVmYmRjODg1NmY4ZmEyNGQzMGE1ZDQxNzRlYzNkOWE0M2JmZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTyM7Fq7CU9EQnlRiiol0SURoeHL
K+MkBt/iUAFHNZD1pOwYH0rTMnPrl3baf4Cfs7m0dge0Q16pRdCE4OXVln1fcsjM
FROErHojDGOAG/UYTko/T3TxRzecZFEh9VDVp3ra8JA2ihkUYE6nVlwUZUQANc85
1qf0PY/hSCwLzJhjKZVSbqsVgHNNANBomQgaRrOKM83UqN3dY1Gbu+5Lpat80Ox+
OAEn/q+S9w8hwHHrHJI0zVDMMHvikE7Og3Ya2/B8lhQ4PVh0MxUS6LJ2Is0VDKJt
N/H5py+oEZLz8La3YWQbyTgek83ihKWJz4Z2KA1gdPIsepkPguklak2XUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOBfvciFb4+iTTCl1BdOw9mkO/2LMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUy69snR
2qbpG6Zjt+LLr39SSCFti3bTd42RM7/H2sPoFGw0nNy7TQnmjLnQO2cJvMJmHANU
wKTRdQbuw7O9tFelAxWfsJnFhvGRr9SO4iASVVCpM6IWh/biKqxwNoC9FyHeZSGG
sqqnzOVw8bq0QF5/jrXuee0K+tvw9KARuBiWQmnZEmGyzeE8hXG8D8Zah1/celLe
5fr41mCWn+So/LrwvUpd53t4X7lfV4lyg0HIsX11JYszsf+I6xe3SKpGl6z81LWE
J76B+uXktF5E4jdOqPPiRmyndvzx1+NCXYy+j3hN+jilZ//U8UpmfZC5O9iIkAY8
GbFTivDu/wkZgQ==
-----END CERTIFICATE-----