Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          Yce8XQ9UEMn4GvXHQNRtcNlVOkQBRtJ4IInxhzHjkwQ=
Subject key identifier:   03:6A:F3:67:42:07:70:46:E0:94:AE:55:49:9F:E1:B9:6C:04:E6:7F
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0198D65F9A58B3617208F2C2DBA8389E047D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0A58
Signing time:             Sat 23 Aug 2025 10:00:46 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:46 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:46 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: FxvaouygIyDOQIwzZ0P9/3bszsPXSzWomjKCfUY4fjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:9a:58:b3:61:72:08:f2:c2:db:a8:38:9e:04:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Aug 23 10:00:46 2025 GMT
            Not After : Aug 24 10:00:46 2025 GMT
        Subject: CN=036af36742077046e094ae55499fe1b96c04e67f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:28:8b:d2:66:f9:39:44:ed:37:e2:41:d3:bc:
                    df:eb:41:89:ff:f2:46:2f:e6:fb:a3:ea:81:f0:5e:
                    90:4c:c1:d3:28:8e:20:ed:07:b1:d5:15:fa:01:12:
                    a4:27:10:09:08:57:8e:f0:cc:51:de:bb:0c:50:a3:
                    e2:54:15:99:c1:ad:0c:34:46:09:ae:13:31:25:ec:
                    de:af:b2:d5:ab:d2:db:a2:fe:18:04:68:ee:81:9a:
                    8a:76:7a:8c:70:0b:43:35:17:ba:24:22:9b:9b:0f:
                    83:fd:09:82:f2:da:1f:df:3d:27:5a:a4:be:ae:1b:
                    db:b4:7d:e2:59:5a:f0:81:b1:df:98:e0:ee:46:dc:
                    2d:4b:38:7c:db:69:38:72:44:08:60:d4:ba:a1:ac:
                    c6:8c:0e:7e:a9:2e:81:53:a7:89:76:e0:de:6a:6c:
                    00:08:ea:01:8b:01:97:c6:70:e4:0c:60:72:fa:fe:
                    30:26:9f:95:66:cd:fe:05:06:0a:be:81:ac:9e:1a:
                    1a:cf:f4:43:a9:ca:08:8c:86:5a:dc:dd:51:1e:86:
                    72:a4:54:b7:35:ff:c3:87:dd:39:9d:57:96:c0:37:
                    b4:0b:cf:7a:5d:18:e2:5b:9d:57:52:25:79:cc:b5:
                    12:14:03:00:d7:ab:ff:68:35:55:56:ed:06:4b:77:
                    fc:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:6A:F3:67:42:07:70:46:E0:94:AE:55:49:9F:E1:B9:6C:04:E6:7F
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:88:7b:dd:99:a4:20:69:df:77:ca:cf:31:10:ea:a0:da:29:
         3b:a8:25:46:fc:25:a0:57:d5:87:00:09:13:10:6a:af:8f:9f:
         a8:9e:90:b2:cb:20:9c:4d:24:6a:4a:8a:2d:0a:d7:01:42:dc:
         47:66:9c:25:07:a7:e2:8c:86:e7:84:4c:51:25:aa:6a:9a:60:
         4c:44:9f:6d:53:b7:59:04:06:9e:da:6d:8d:b5:73:c3:ea:ad:
         c6:e7:60:ef:ac:5b:8f:2e:26:e0:a1:2d:90:19:a5:f1:b8:1a:
         3b:d6:f5:6c:fa:09:31:b7:43:bb:fb:67:86:37:61:88:ed:0b:
         ee:7b:56:57:71:4a:4e:6b:0e:07:ae:dd:fb:82:2d:b5:3a:fc:
         7e:5e:36:f7:76:7b:04:dc:e1:ad:49:67:32:29:c0:d7:0b:a2:
         20:fb:e6:30:2f:91:33:4f:82:97:f9:ab:84:f3:cf:a0:fc:60:
         85:cc:09:74:e4:4f:a7:c8:bd:ad:2f:82:60:5f:f4:90:d6:6b:
         96:5c:f2:f7:ae:6a:78:c1:40:c9:22:45:6c:40:de:d4:67:65:
         93:0f:c5:b3:33:4c:c6:af:ab:22:ff:a1:ec:d0:04:4b:b6:a8:
         7c:2a:97:e1:ea:14:74:22:56:11:d1:0c:36:ef:8c:c9:91:84:
         05:cc:b5:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX5pYs2FyCPLC26g4ngR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwODIzMTAwMDQ2WhcNMjUwODI0MTAwMDQ2WjAzMTEwLwYDVQQD
EygwMzZhZjM2NzQyMDc3MDQ2ZTA5NGFlNTU0OTlmZTFiOTZjMDRlNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiiL0mb5OUTtN+JB07zf60GJ//JG
L+b7o+qB8F6QTMHTKI4g7Qex1RX6ARKkJxAJCFeO8MxR3rsMUKPiVBWZwa0MNEYJ
rhMxJezer7LVq9Lbov4YBGjugZqKdnqMcAtDNRe6JCKbmw+D/QmC8tof3z0nWqS+
rhvbtH3iWVrwgbHfmODuRtwtSzh822k4ckQIYNS6oazGjA5+qS6BU6eJduDeamwA
COoBiwGXxnDkDGBy+v4wJp+VZs3+BQYKvoGsnhoaz/RDqcoIjIZa3N1RHoZypFS3
Nf/Dh905nVeWwDe0C896XRjiW51XUiV5zLUSFAMA16v/aDVVVu0GS3f8iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANq82dCB3BG4JSuVUmf4blsBOZ/MB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoh73Zmk
IGnfd8rPMRDqoNopO6glRvwloFfVhwAJExBqr4+fqJ6QsssgnE0kakqKLQrXAULc
R2acJQen4oyG54RMUSWqappgTESfbVO3WQQGntptjbVzw+qtxudg76xbjy4m4KEt
kBml8bgaO9b1bPoJMbdDu/tnhjdhiO0L7ntWV3FKTmsOB67d+4IttTr8fl4293Z7
BNzhrUlnMinA1wuiIPvmMC+RM0+Cl/mrhPPPoPxghcwJdORPp8i9rS+CYF/0kNZr
llzy965qeMFAySJFbEDe1Gdlkw/FszNMxq+rIv+h7NAES7aofCqX4eoUdCJWEdEM
Nu+MyZGEBcy1vA==
-----END CERTIFICATE-----