Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          CiFCoib4XHlMzP9hkDyKd1SsDZ268GjcLa7FjWNvTE0=
Subject key identifier:   82:96:EC:1A:A3:6F:1E:8B:DA:E3:C5:8E:BF:90:AC:21:5A:F3:9F:06
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       0198D81683055FDB23CD4143A2FD51E63516
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          112D
Signing time:             Sat 23 Aug 2025 18:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 18:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 18:00:10 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: MCSPosHZ8/xTzNz98xoogJOfIKmbjEA1JichfyZ2asw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:16:83:05:5f:db:23:cd:41:43:a2:fd:51:e6:35:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Aug 23 18:00:10 2025 GMT
            Not After : Aug 24 18:00:10 2025 GMT
        Subject: CN=8296ec1aa36f1e8bdae3c58ebf90ac215af39f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:97:b6:46:b3:7d:9d:0b:75:4d:92:ce:a7:f3:
                    42:a8:d8:f4:93:65:ed:6a:94:92:e9:2f:f6:2f:4c:
                    fd:04:6a:6f:e5:e3:08:18:48:fd:f5:de:1d:f0:2b:
                    f2:34:33:67:c6:88:7e:fe:3e:6d:76:ca:c5:0d:94:
                    75:1c:f6:fc:fe:69:f9:1a:ab:71:78:f7:04:ae:e5:
                    dd:1b:39:e6:c8:62:58:dc:ad:45:a7:38:30:18:b8:
                    e3:f2:d1:3c:1d:02:55:f7:7c:09:8a:60:b6:89:5c:
                    8b:c9:dc:61:6c:4e:da:8f:e8:41:0d:47:fe:cb:5a:
                    07:56:a6:02:52:c9:5a:01:19:e9:08:fa:30:c9:b6:
                    11:dd:36:3a:28:be:e4:be:ca:ac:d0:bf:7b:74:61:
                    e5:05:9b:f8:62:5c:fb:87:af:b1:62:d5:dc:7c:89:
                    0c:39:6a:57:53:db:ce:50:ff:0b:11:87:f6:58:4e:
                    51:c6:1b:1c:58:e8:d2:78:61:d5:27:6d:d9:7a:1b:
                    c5:d8:76:89:3d:25:62:73:9b:75:ab:d6:6f:3b:7e:
                    b3:21:1a:48:bd:04:f2:7b:80:7a:65:4a:4e:51:c6:
                    e9:c8:fc:0d:25:16:6c:20:22:da:11:72:ac:70:68:
                    a8:12:42:87:8a:1a:25:b8:65:70:35:fc:b6:a0:b9:
                    1f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:96:EC:1A:A3:6F:1E:8B:DA:E3:C5:8E:BF:90:AC:21:5A:F3:9F:06
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:f0:f4:75:75:c2:b4:0d:9b:25:0a:43:b5:88:97:b1:fd:b7:
         50:52:5d:9d:05:11:1e:e6:5c:13:6b:b5:0f:5d:d6:b6:4a:b1:
         ed:78:4e:7a:ef:e2:f9:a8:c4:00:2c:14:37:43:9d:c8:0e:7c:
         35:2a:1b:1c:0a:45:f6:8c:a0:89:bf:cd:06:31:f0:c4:0f:87:
         88:19:d5:e6:61:ee:44:74:45:29:d4:0e:4e:70:59:b9:09:1d:
         71:79:a8:46:66:b9:c5:de:19:7e:c9:88:39:ee:e5:21:dc:38:
         e8:5f:9d:e9:ae:77:1b:b3:82:6e:87:0c:87:9f:c9:bd:be:8f:
         64:a6:d9:2a:e3:cc:4b:ba:10:78:2f:bd:f0:49:0d:31:bf:6d:
         3e:e0:66:39:5d:65:03:96:5a:fb:55:ad:60:f8:68:00:46:e2:
         ac:11:bf:04:c1:28:fd:62:a1:02:1b:c3:96:16:68:19:a8:9e:
         c7:b2:be:44:90:87:01:14:6a:60:8c:45:70:32:b0:74:18:13:
         3b:99:16:8b:10:ac:ca:61:84:d6:db:43:4f:5b:65:39:65:ac:
         59:57:f3:43:5e:a0:b6:9f:0f:bd:60:4b:a4:ff:cc:cf:bf:c1:
         e8:bf:84:ab:c8:d9:1f:35:68:45:b1:04:b2:a1:61:31:f4:9a:
         06:60:0c:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYFoMFX9sjzUFDov1R5jUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUwODIzMTgwMDEwWhcNMjUwODI0MTgwMDEwWjAzMTEwLwYDVQQD
Eyg4Mjk2ZWMxYWEzNmYxZThiZGFlM2M1OGViZjkwYWMyMTVhZjM5ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZe2RrN9nQt1TZLOp/NCqNj0k2Xt
apSS6S/2L0z9BGpv5eMIGEj99d4d8CvyNDNnxoh+/j5tdsrFDZR1HPb8/mn5Gqtx
ePcEruXdGznmyGJY3K1FpzgwGLjj8tE8HQJV93wJimC2iVyLydxhbE7aj+hBDUf+
y1oHVqYCUslaARnpCPowybYR3TY6KL7kvsqs0L97dGHlBZv4Ylz7h6+xYtXcfIkM
OWpXU9vOUP8LEYf2WE5RxhscWOjSeGHVJ23ZehvF2HaJPSVic5t1q9ZvO36zIRpI
vQTye4B6ZUpOUcbpyPwNJRZsICLaEXKscGioEkKHiholuGVwNfy2oLkfWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKW7Bqjbx6L2uPFjr+QrCFa858GMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/D0dXXC
tA2bJQpDtYiXsf23UFJdnQURHuZcE2u1D13Wtkqx7XhOeu/i+ajEACwUN0OdyA58
NSobHApF9oygib/NBjHwxA+HiBnV5mHuRHRFKdQOTnBZuQkdcXmoRma5xd4ZfsmI
Oe7lIdw46F+d6a53G7OCbocMh5/Jvb6PZKbZKuPMS7oQeC+98EkNMb9tPuBmOV1l
A5Za+1WtYPhoAEbirBG/BMEo/WKhAhvDlhZoGaiex7K+RJCHARRqYIxFcDKwdBgT
O5kWixCsymGE1ttDT1tlOWWsWVfzQ16gtp8PvWBLpP/Mz7/B6L+Eq8jZHzVoRbEE
sqFhMfSaBmAMoA==
-----END CERTIFICATE-----