Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
File:                     b_rHiuobz0OKYe-RUCRI9glkHS0.mft (raw, json)
Hash identifier:          rGCV28ONIYf2a/6UAngGXa9M/bje4sFPtbQhtrxHxms=
Subject key identifier:   87:6E:01:2C:26:1F:E8:F9:1A:AB:01:3D:CA:A0:A5:40:BE:66:F2:F0
Authority key identifier: 6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D
Certificate issuer:       /CN=6ffac78aea1bcf438a61ef91502448f609641d2d
Certificate serial:       0198D5BC3A383E4F2DA3DFF8306F7E97B23B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
Manifest number:          12DB
Signing time:             Sat 23 Aug 2025 07:02:19 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:19 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:19 +0000
Files and hashes:         1: b_rHiuobz0OKYe-RUCRI9glkHS0.crl (hash: OYKG2fpxd1+I6LXzPpabfEy71k4tQnVX+hY9Er+waxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:3a:38:3e:4f:2d:a3:df:f8:30:6f:7e:97:b2:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ffac78aea1bcf438a61ef91502448f609641d2d
        Validity
            Not Before: Aug 23 07:02:19 2025 GMT
            Not After : Aug 24 07:02:19 2025 GMT
        Subject: CN=876e012c261fe8f91aab013dcaa0a540be66f2f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:45:1e:d1:fd:ca:1f:07:96:68:c7:fd:3a:2e:
                    3f:dd:e4:c0:bd:e6:cb:e0:18:4f:50:43:86:03:23:
                    a6:48:a9:fa:a9:a8:89:a5:76:8f:cf:75:c5:78:3e:
                    29:f1:c7:0a:42:f9:36:19:c6:1f:ba:22:0c:73:a6:
                    07:ab:ce:d5:1b:d7:a5:0e:77:58:52:c7:24:56:e5:
                    a9:62:6d:b3:f6:72:1c:07:fc:a0:37:47:f5:67:a8:
                    a4:5c:ae:26:0b:3f:56:f5:3a:f1:34:9b:71:b9:f4:
                    aa:c4:11:ec:92:cb:13:9c:f3:59:fc:8f:a7:73:ff:
                    03:4a:88:36:bb:47:e4:b3:df:bb:18:93:a8:88:11:
                    74:96:c7:c1:a1:86:d5:44:c3:25:25:59:a9:7c:bc:
                    e8:bd:2f:1c:32:15:82:ff:db:3d:a3:97:5f:a2:f8:
                    cc:92:9f:f1:df:3d:19:24:a6:b8:5f:48:54:a5:e7:
                    db:a5:ec:de:62:dd:41:38:83:85:78:d1:2c:7c:ed:
                    7c:c3:05:4f:67:82:ef:7e:21:95:98:0f:5a:b8:a1:
                    c1:48:60:73:b9:1f:bd:b5:cb:05:de:6a:79:fa:cf:
                    db:12:3b:87:87:e3:e3:86:2c:83:24:4d:39:9d:a4:
                    78:df:8d:64:fa:31:81:84:12:b8:a2:3f:04:42:e0:
                    7d:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6E:01:2C:26:1F:E8:F9:1A:AB:01:3D:CA:A0:A5:40:BE:66:F2:F0
            X509v3 Authority Key Identifier:
                keyid:6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ce:f9:1f:09:e7:23:da:29:8a:0d:32:aa:0e:df:60:b2:24:
         52:c3:5e:e0:ca:5d:59:bc:12:2d:08:b8:c0:b6:8d:60:b3:a8:
         e4:7c:07:76:c9:8f:fc:cf:2e:98:bc:91:ca:9f:35:26:07:c4:
         ae:54:e7:46:c1:39:8c:ef:db:bc:cb:55:d3:fe:48:dc:14:3d:
         dd:24:18:25:83:99:50:78:bf:21:85:ab:74:11:d2:0d:cb:e4:
         6b:51:25:f8:c8:82:96:b5:4d:6b:59:e3:d2:f6:79:4b:3f:92:
         02:69:ca:9a:e8:61:af:10:4c:5a:83:38:78:3c:60:70:c4:28:
         da:c9:c7:63:95:4d:7b:96:04:a2:a5:db:d0:09:05:98:8a:ca:
         40:b4:e4:96:45:8b:88:50:a5:23:a7:2b:ee:3d:36:20:e5:32:
         f4:3e:cb:08:d3:65:3b:9c:dc:84:85:c2:84:67:f1:ca:99:be:
         0c:4f:21:97:3f:cb:e8:b7:8b:ad:fd:34:e1:48:32:7c:55:d6:
         7c:c2:28:e4:eb:4d:af:95:07:9b:22:36:be:17:2f:d7:7e:25:
         99:75:3f:3b:91:c7:c0:56:06:16:de:9c:2a:b7:46:ff:83:66:
         7c:a2:3a:99:60:7f:c5:ce:23:fb:2e:0b:14:a6:7a:67:4d:fc:
         f6:11:18:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvDo4Pk8to9/4MG9+l7I7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmFjNzhhZWExYmNmNDM4YTYxZWY5MTUwMjQ0OGY2MDk2
NDFkMmQwHhcNMjUwODIzMDcwMjE5WhcNMjUwODI0MDcwMjE5WjAzMTEwLwYDVQQD
Eyg4NzZlMDEyYzI2MWZlOGY5MWFhYjAxM2RjYWEwYTU0MGJlNjZmMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UUe0f3KHweWaMf9Oi4/3eTAvebL
4BhPUEOGAyOmSKn6qaiJpXaPz3XFeD4p8ccKQvk2GcYfuiIMc6YHq87VG9elDndY
UsckVuWpYm2z9nIcB/ygN0f1Z6ikXK4mCz9W9TrxNJtxufSqxBHskssTnPNZ/I+n
c/8DSog2u0fks9+7GJOoiBF0lsfBoYbVRMMlJVmpfLzovS8cMhWC/9s9o5dfovjM
kp/x3z0ZJKa4X0hUpefbpezeYt1BOIOFeNEsfO18wwVPZ4LvfiGVmA9auKHBSGBz
uR+9tcsF3mp5+s/bEjuHh+PjhiyDJE05naR4341k+jGBhBK4oj8EQuB9lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIduASwmH+j5GqsBPcqgpUC+ZvLwMB8GA1UdIwQY
MBaAFG/6x4rqG89DimHvkVAkSPYJZB0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAt
MGMzNDM1MTNhZGUzLzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAtMGMzNDM1MTNhZGUz
LzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE875Hwnn
I9opig0yqg7fYLIkUsNe4MpdWbwSLQi4wLaNYLOo5HwHdsmP/M8umLyRyp81JgfE
rlTnRsE5jO/bvMtV0/5I3BQ93SQYJYOZUHi/IYWrdBHSDcvka1El+MiClrVNa1nj
0vZ5Sz+SAmnKmuhhrxBMWoM4eDxgcMQo2snHY5VNe5YEoqXb0AkFmIrKQLTklkWL
iFClI6cr7j02IOUy9D7LCNNlO5zchIXChGfxypm+DE8hlz/L6LeLrf004UgyfFXW
fMIo5OtNr5UHmyI2vhcv134lmXU/O5HHwFYGFt6cKrdG/4NmfKI6mWB/xc4j+y4L
FKZ6Z0389hEY+Q==
-----END CERTIFICATE-----