Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File:                     2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier:          qg8pEe/SEqx7UqBXmxz7pmM9TnyGqCwe0/jFNJo6YtM=
Subject key identifier:   F5:4B:57:37:FA:54:C6:50:9A:37:17:A1:15:08:62:44:66:42:5C:62
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       0198D7060DBBE8EFE84287DDE85B1006903E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number:          1662
Signing time:             Sat 23 Aug 2025 13:02:34 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:34 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:34 +0000
Files and hashes:         1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: vpha1rVIVxafoo753G3kLEtc8ZgjC1Qdv9UWfPbFqMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:06:0d:bb:e8:ef:e8:42:87:dd:e8:5b:10:06:90:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Aug 23 13:02:34 2025 GMT
            Not After : Aug 24 13:02:34 2025 GMT
        Subject: CN=f54b5737fa54c6509a3717a11508624466425c62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1d:bd:e8:d6:30:1e:03:ce:c8:51:88:b0:3a:
                    4d:b2:e1:55:fa:99:17:ea:83:ce:df:41:04:62:3b:
                    b5:a3:cd:69:60:ec:40:6a:41:ce:1b:e8:c5:4a:7b:
                    2f:c4:f4:43:74:33:56:63:78:70:e8:ed:1e:ae:03:
                    e2:27:38:ae:cd:ee:c0:62:cb:ba:29:56:6e:89:be:
                    4a:94:67:b0:76:2e:cb:e3:48:ae:6f:d6:51:ea:3e:
                    69:fb:2c:4d:35:97:bc:4d:19:e8:f4:65:f1:87:c3:
                    51:59:b5:67:0a:3a:5d:44:40:a9:04:b5:87:bf:4a:
                    39:43:14:b7:6c:e7:8c:73:6c:fa:c7:d3:d2:b9:86:
                    0f:5e:9b:1c:44:3e:54:43:a6:5e:e1:43:58:a4:06:
                    b5:b4:5c:d6:e0:6e:b8:a7:35:d4:ea:a6:85:e8:4a:
                    15:64:83:d9:38:19:86:af:88:79:c2:c9:ae:cd:8e:
                    55:9d:a8:09:93:13:fc:14:9f:4f:c5:2b:96:c8:78:
                    23:81:c3:fa:71:e6:69:e3:87:78:49:62:90:62:e4:
                    78:46:80:ad:3e:f0:51:c7:36:f8:28:88:02:76:6d:
                    b6:aa:f5:8e:3f:ed:a4:39:88:6c:98:11:11:f0:d6:
                    2d:ff:d8:76:41:4b:99:80:1b:82:2b:d8:a9:71:ce:
                    0d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:4B:57:37:FA:54:C6:50:9A:37:17:A1:15:08:62:44:66:42:5C:62
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:37:d6:77:a1:b1:de:2b:24:d3:b5:93:1b:12:b0:ed:6d:ec:
         b0:15:d0:12:e2:e9:90:99:85:a1:84:2a:ed:4a:13:19:cb:40:
         61:22:85:75:fd:71:e0:fa:2c:8b:05:04:33:b9:81:4a:07:57:
         b2:09:de:a6:28:b4:64:c6:0a:19:0a:70:39:bb:8a:58:e1:08:
         42:64:70:3c:60:fc:d4:f5:5c:20:11:27:59:e9:88:34:28:fd:
         dc:11:1f:da:3f:b6:9d:72:25:97:55:ad:9c:2f:fb:e5:2c:c6:
         da:17:2d:7f:3f:ea:5b:07:82:c7:b9:a9:9f:61:9b:bf:2b:2a:
         8c:fe:06:fa:33:47:ab:ad:20:3d:af:6d:64:a8:ec:14:e3:2a:
         a6:0d:4d:db:08:2d:f4:ca:17:ec:61:dc:44:6a:c5:f3:0b:0d:
         de:8c:cb:d1:3e:d9:7d:58:92:5a:7f:c8:d0:e1:e6:f5:01:d1:
         df:9f:78:c9:cc:07:45:92:dc:b8:e3:fa:52:8d:9b:4a:e0:e7:
         ea:8a:60:cd:56:f0:47:6b:a1:4b:cf:12:c3:53:40:86:0e:14:
         ff:87:12:27:da:2a:fb:d6:f5:f2:a1:b3:74:c4:cc:02:66:f2:
         3c:87:a0:e3:2f:6f:31:d6:19:7b:8e:ea:b5:fd:ed:72:dc:7e:
         01:ef:1f:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBg276O/oQofd6FsQBpA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwODIzMTMwMjM0WhcNMjUwODI0MTMwMjM0WjAzMTEwLwYDVQQD
EyhmNTRiNTczN2ZhNTRjNjUwOWEzNzE3YTExNTA4NjI0NDY2NDI1YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx296NYwHgPOyFGIsDpNsuFV+pkX
6oPO30EEYju1o81pYOxAakHOG+jFSnsvxPRDdDNWY3hw6O0ergPiJziuze7AYsu6
KVZuib5KlGewdi7L40iub9ZR6j5p+yxNNZe8TRno9GXxh8NRWbVnCjpdRECpBLWH
v0o5QxS3bOeMc2z6x9PSuYYPXpscRD5UQ6Ze4UNYpAa1tFzW4G64pzXU6qaF6EoV
ZIPZOBmGr4h5wsmuzY5VnagJkxP8FJ9PxSuWyHgjgcP6ceZp44d4SWKQYuR4RoCt
PvBRxzb4KIgCdm22qvWOP+2kOYhsmBER8NYt/9h2QUuZgBuCK9ipcc4N0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVLVzf6VMZQmjcXoRUIYkRmQlxiMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAujfWd6Gx
3isk07WTGxKw7W3ssBXQEuLpkJmFoYQq7UoTGctAYSKFdf1x4PosiwUEM7mBSgdX
sgnepii0ZMYKGQpwObuKWOEIQmRwPGD81PVcIBEnWemINCj93BEf2j+2nXIll1Wt
nC/75SzG2hctfz/qWweCx7mpn2GbvysqjP4G+jNHq60gPa9tZKjsFOMqpg1N2wgt
9MoX7GHcRGrF8wsN3ozL0T7ZfViSWn/I0OHm9QHR3594ycwHRZLcuOP6Uo2bSuDn
6opgzVbwR2uhS88Sw1NAhg4U/4cSJ9oq+9b18qGzdMTMAmbyPIeg4y9vMdYZe47q
tf3tctx+Ae8fyA==
-----END CERTIFICATE-----