Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File:                     H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier:          tYqJ1AO1Y9TSVy6QKdUmky5wcFIld/eP5n+qyteYfzg=
Subject key identifier:   12:A8:D6:A1:66:88:A7:26:CF:E4:7B:52:7B:BC:DC:4C:7D:97:28:C9
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer:       /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial:       0198D6606B2303163C73377FFB728D8BE177
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number:          022B
Signing time:             Sat 23 Aug 2025 10:01:39 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:39 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:39 +0000
Files and hashes:         1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: uvZUwid1A4KZi1wquOvO2Rj2kEI5DaQZPxAZqq35oSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:6b:23:03:16:3c:73:37:7f:fb:72:8d:8b:e1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
        Validity
            Not Before: Aug 23 10:01:39 2025 GMT
            Not After : Aug 24 10:01:39 2025 GMT
        Subject: CN=12a8d6a16688a726cfe47b527bbcdc4c7d9728c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5a:4e:7c:1b:97:da:f7:10:2c:d2:d2:57:3b:
                    3a:9f:b6:db:0c:f5:6a:4e:66:6a:04:7d:59:d8:71:
                    f1:8f:fe:4b:57:2f:35:93:bd:0d:0a:16:51:7f:53:
                    39:40:fc:ab:83:f4:c3:21:dd:c2:07:4d:7a:09:3c:
                    ab:90:31:25:d8:2b:21:e2:9f:e0:45:31:b7:89:07:
                    05:e4:c9:8e:14:01:38:c6:0e:56:04:82:19:4e:bf:
                    c2:dc:85:be:25:45:c9:d7:5b:50:73:d2:3a:34:09:
                    40:56:48:55:51:8f:02:9c:a8:d8:1b:1b:29:70:58:
                    45:a8:da:33:17:b2:91:5d:a0:57:a4:89:22:88:03:
                    14:bf:22:3a:e6:fa:7d:e3:35:20:52:43:a3:ec:33:
                    e6:b5:bc:df:b8:18:8a:0c:87:81:e7:60:74:9c:9d:
                    b4:54:c9:5d:ef:da:43:8e:9d:37:a5:55:89:16:d4:
                    2d:81:16:7c:c1:b7:54:b7:6f:f9:d7:52:1d:0e:7e:
                    12:26:e5:52:5d:29:70:db:d4:21:d3:36:b8:91:25:
                    9f:4b:19:aa:6a:61:f8:7a:9f:65:ec:cd:0e:25:57:
                    17:46:90:f5:8f:c2:dd:f5:56:be:09:f7:fd:96:91:
                    97:bb:41:1e:6d:b8:c2:51:cf:89:09:10:92:4a:fe:
                    97:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A8:D6:A1:66:88:A7:26:CF:E4:7B:52:7B:BC:DC:4C:7D:97:28:C9
            X509v3 Authority Key Identifier:
                keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:18:d0:bc:2b:50:1a:60:db:c1:74:da:d0:c5:5b:d3:a2:45:
         35:b6:6f:31:4e:ee:16:f9:31:63:84:fa:9e:2f:ed:9a:69:f7:
         bd:0e:72:48:bf:3c:12:8a:48:57:a2:43:43:79:d1:e6:23:76:
         89:ca:b9:19:6e:70:68:a9:c7:07:d0:a4:34:ab:7a:33:91:32:
         5d:fe:6c:e7:f6:7d:f2:66:06:1c:59:3d:32:6f:b8:b4:8a:fa:
         d0:c3:36:3f:7d:6b:cb:d0:59:b5:b6:93:77:af:e1:62:cb:1c:
         0a:d6:56:13:f2:0b:bf:06:f2:99:ef:b5:5d:c0:0e:f0:34:ff:
         ab:f6:4d:43:f7:0e:54:cf:da:91:24:16:84:3d:58:54:d3:08:
         6e:0c:63:7a:f8:0c:31:88:85:d4:d1:24:dc:aa:6d:47:5b:08:
         f2:45:a2:3f:4b:6f:e6:e7:7e:3d:bc:28:d4:c6:96:3b:17:1a:
         8e:9b:3b:26:a8:71:59:03:07:07:4f:65:4f:a8:eb:c8:49:2f:
         1b:2a:51:5c:a7:7d:0e:7a:5c:81:4e:b8:e2:c1:1e:63:da:ad:
         b0:f6:ee:da:f0:82:a0:f5:89:48:e2:8e:57:b3:6b:35:fe:38:
         10:94:db:f5:75:d1:13:b2:46:ce:bd:ae:06:55:75:5a:4b:c1:
         5b:8c:99:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGsjAxY8czd/+3KNi+F3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjUwODIzMTAwMTM5WhcNMjUwODI0MTAwMTM5WjAzMTEwLwYDVQQD
EygxMmE4ZDZhMTY2ODhhNzI2Y2ZlNDdiNTI3YmJjZGM0YzdkOTcyOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulpOfBuX2vcQLNLSVzs6n7bbDPVq
TmZqBH1Z2HHxj/5LVy81k70NChZRf1M5QPyrg/TDId3CB016CTyrkDEl2Csh4p/g
RTG3iQcF5MmOFAE4xg5WBIIZTr/C3IW+JUXJ11tQc9I6NAlAVkhVUY8CnKjYGxsp
cFhFqNozF7KRXaBXpIkiiAMUvyI65vp94zUgUkOj7DPmtbzfuBiKDIeB52B0nJ20
VMld79pDjp03pVWJFtQtgRZ8wbdUt2/511IdDn4SJuVSXSlw29Qh0za4kSWfSxmq
amH4ep9l7M0OJVcXRpD1j8Ld9Va+Cff9lpGXu0EebbjCUc+JCRCSSv6XiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKo1qFmiKcmz+R7Unu83Ex9lyjJMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtRjQvCtQ
GmDbwXTa0MVb06JFNbZvMU7uFvkxY4T6ni/tmmn3vQ5ySL88EopIV6JDQ3nR5iN2
icq5GW5waKnHB9CkNKt6M5EyXf5s5/Z98mYGHFk9Mm+4tIr60MM2P31ry9BZtbaT
d6/hYsscCtZWE/ILvwbyme+1XcAO8DT/q/ZNQ/cOVM/akSQWhD1YVNMIbgxjevgM
MYiF1NEk3KptR1sI8kWiP0tv5ud+Pbwo1MaWOxcajps7JqhxWQMHB09lT6jryEkv
GypRXKd9DnpcgU644sEeY9qtsPbu2vCCoPWJSOKOV7NrNf44EJTb9XXRE7JGzr2u
BlV1WkvBW4yZjA==
-----END CERTIFICATE-----