Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
File:                     ap2Z4esn7Hq76TViechBGkEw_co.mft (raw, json)
Hash identifier:          cVGdKSRsZk/1U5g/f3dcz08piTjmwXf3mswsTKkMgi8=
Subject key identifier:   E4:8A:D0:D1:27:E8:86:30:38:A9:05:C0:08:FE:77:D5:37:B0:46:13
Authority key identifier: 6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA
Certificate issuer:       /CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
Certificate serial:       0198D4DFD6FF4B34B1A12D35C1E681A34636
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
Manifest number:          0CBF
Signing time:             Sat 23 Aug 2025 03:01:36 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:36 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:36 +0000
Files and hashes:         1: ap2Z4esn7Hq76TViechBGkEw_co.crl (hash: CIOklzhf1VxA8DDI0AG9qQW0xnZ2tyiplASqpWESTaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:d6:ff:4b:34:b1:a1:2d:35:c1:e6:81:a3:46:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
        Validity
            Not Before: Aug 23 03:01:36 2025 GMT
            Not After : Aug 24 03:01:36 2025 GMT
        Subject: CN=e48ad0d127e8863038a905c008fe77d537b04613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:2a:fe:af:79:a9:31:61:ca:a4:fa:59:23:76:
                    06:c3:9e:79:3d:9a:8b:21:4f:cf:16:06:6a:4b:c4:
                    23:77:02:c4:3c:d9:64:cc:f0:78:43:9c:08:f8:48:
                    3f:ee:34:40:e4:51:09:33:bb:a7:4a:0a:1d:07:c8:
                    6c:2f:a1:19:39:14:8d:9e:a4:6e:08:33:06:75:6c:
                    4e:f5:05:83:f3:ce:30:e0:1c:a6:bf:3a:b7:69:88:
                    d4:28:db:f0:d4:ff:5e:c2:f4:6e:92:91:b6:9c:30:
                    87:fc:67:9b:6f:df:6e:19:9d:99:e5:0f:8b:46:2d:
                    88:2e:02:2d:57:31:5a:d3:64:56:c2:e1:1f:bc:90:
                    1f:26:f1:e6:05:df:9d:7f:ce:09:33:0c:e7:2e:78:
                    d3:4f:15:22:ad:e4:fb:a6:0b:6b:6e:2f:4c:4f:8b:
                    d6:eb:bd:32:f9:14:e2:be:b8:f2:1e:18:0d:ed:e8:
                    23:e0:50:26:3c:a3:72:9f:d7:e5:b7:c0:f0:08:1b:
                    96:59:91:9b:2a:4f:07:0e:47:3d:b8:e3:68:c7:d6:
                    50:f2:20:df:fb:3d:3e:ff:42:e4:59:98:40:05:1f:
                    91:2c:92:ff:ab:12:01:c8:65:0e:ec:4f:09:7e:26:
                    f9:38:ae:48:d2:10:18:66:69:c0:9f:56:c7:43:ba:
                    da:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:8A:D0:D1:27:E8:86:30:38:A9:05:C0:08:FE:77:D5:37:B0:46:13
            X509v3 Authority Key Identifier:
                keyid:6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:34:57:ba:81:f4:bc:65:a6:aa:69:17:8d:06:f9:ef:9a:f2:
         57:dc:5e:c7:db:a1:48:49:c7:93:b0:7a:c8:b5:81:f7:6a:9d:
         e1:bf:f8:2e:1a:ab:5e:0c:0f:49:41:34:8f:4a:d4:df:e1:b8:
         34:57:1a:b6:9e:6a:08:6c:b2:00:35:91:a0:6c:0b:56:f7:d4:
         ee:56:f1:2b:2d:a1:90:cc:c6:e4:12:c5:70:eb:7a:ae:60:66:
         33:dc:c6:79:91:dc:74:87:2c:5f:46:26:6b:e0:14:3b:83:40:
         ff:89:fc:40:cc:06:ad:13:af:17:81:78:b1:aa:fa:c9:00:48:
         0b:dd:83:5a:35:d9:69:47:c6:b3:00:f6:e4:85:a5:71:f8:92:
         eb:2a:f3:bb:bf:91:29:ee:50:b2:06:ec:34:1b:42:64:9e:b6:
         f0:d6:44:a1:04:dd:f3:d3:66:5c:2f:6d:5a:48:14:c5:bb:86:
         0a:67:08:df:5c:94:a9:ae:dc:65:98:56:c2:31:c5:3e:2f:3a:
         e5:c4:fd:b0:c9:f9:ef:3b:56:80:ea:04:38:39:8b:64:6a:5c:
         a5:c1:bd:6f:8c:aa:0b:00:f1:67:d6:e1:c6:fa:9d:32:b4:72:
         22:c7:7d:aa:2f:1a:13:3b:14:c9:a1:cb:43:aa:b1:d6:99:ae:
         c6:07:74:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU39b/SzSxoS01weaBo0Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ5OWUxZWIyN2VjN2FiYmU5MzU2Mjc5Yzg0MTFhNDEz
MGZkY2EwHhcNMjUwODIzMDMwMTM2WhcNMjUwODI0MDMwMTM2WjAzMTEwLwYDVQQD
EyhlNDhhZDBkMTI3ZTg4NjMwMzhhOTA1YzAwOGZlNzdkNTM3YjA0NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Sr+r3mpMWHKpPpZI3YGw555PZqL
IU/PFgZqS8QjdwLEPNlkzPB4Q5wI+Eg/7jRA5FEJM7unSgodB8hsL6EZORSNnqRu
CDMGdWxO9QWD884w4Bymvzq3aYjUKNvw1P9ewvRukpG2nDCH/Gebb99uGZ2Z5Q+L
Ri2ILgItVzFa02RWwuEfvJAfJvHmBd+df84JMwznLnjTTxUireT7pgtrbi9MT4vW
670y+RTivrjyHhgN7egj4FAmPKNyn9flt8DwCBuWWZGbKk8HDkc9uONox9ZQ8iDf
+z0+/0LkWZhABR+RLJL/qxIByGUO7E8Jfib5OK5I0hAYZmnAn1bHQ7ra5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSK0NEn6IYwOKkFwAj+d9U3sEYTMB8GA1UdIwQY
MBaAFGqdmeHrJ+x6u+k1YnnIQRpBMP3KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQt
YjdkYWYyZTYwZjZmLzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQtYjdkYWYyZTYwZjZm
LzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjTRXuoH0
vGWmqmkXjQb575ryV9xex9uhSEnHk7B6yLWB92qd4b/4LhqrXgwPSUE0j0rU3+G4
NFcatp5qCGyyADWRoGwLVvfU7lbxKy2hkMzG5BLFcOt6rmBmM9zGeZHcdIcsX0Ym
a+AUO4NA/4n8QMwGrROvF4F4sar6yQBIC92DWjXZaUfGswD25IWlcfiS6yrzu7+R
Ke5QsgbsNBtCZJ628NZEoQTd89NmXC9tWkgUxbuGCmcI31yUqa7cZZhWwjHFPi86
5cT9sMn57ztWgOoEODmLZGpcpcG9b4yqCwDxZ9bhxvqdMrRyIsd9qi8aEzsUyaHL
Q6qx1pmuxgd0rQ==
-----END CERTIFICATE-----