Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
File:                     9aUA85diOrHVYASDVGf8zz0KOw8.mft (raw, json)
Hash identifier:          JDXBWUarxBrRd4ZJy3nDpsUUQ8fouAW1sFTwIEJPUe0=
Subject key identifier:   6A:A1:49:CF:14:F9:A6:68:D9:EF:B5:34:8D:24:AD:ED:F5:5A:44:F6
Authority key identifier: F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F
Certificate issuer:       /CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
Certificate serial:       0198D47348B656A1992AC14E3B46349DD2DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
Manifest number:          0CDF
Signing time:             Sat 23 Aug 2025 01:03:01 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:01 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:01 +0000
Files and hashes:         1: 9aUA85diOrHVYASDVGf8zz0KOw8.crl (hash: /raQTpO2gZt4xQx4JymKIknNbXICev0tskbv3y/INLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:48:b6:56:a1:99:2a:c1:4e:3b:46:34:9d:d2:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
        Validity
            Not Before: Aug 23 01:03:01 2025 GMT
            Not After : Aug 24 01:03:01 2025 GMT
        Subject: CN=6aa149cf14f9a668d9efb5348d24adedf55a44f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c7:dd:09:1e:5e:b1:98:25:10:72:b5:1a:76:
                    02:40:7b:5a:86:8a:19:22:7f:c6:cf:14:27:dc:dd:
                    20:17:52:c0:3e:49:8d:6b:e3:d5:44:91:1e:1e:1a:
                    d8:79:a5:8e:ae:a3:b2:30:5b:e9:37:ef:da:c3:9a:
                    d8:6c:a2:1e:8e:4c:1a:df:bb:2d:4b:eb:71:e7:32:
                    76:04:3e:d5:f3:cb:fe:1f:f0:bf:c5:f9:d9:73:b9:
                    ff:89:b1:62:73:b0:91:ae:06:ad:90:55:ab:64:e0:
                    71:be:32:46:57:62:15:db:28:b1:e9:a5:39:d6:ba:
                    16:e5:aa:6d:ec:52:20:1a:6f:3a:b5:3b:bf:6f:8f:
                    e5:2c:40:4d:d9:44:36:ed:4a:ab:b0:a1:90:66:9d:
                    b4:da:29:f1:54:8b:d2:6b:d4:ed:36:fd:50:de:0d:
                    97:f0:1e:79:63:0c:41:74:55:e3:af:f5:06:fa:8a:
                    2c:54:b3:51:0f:6b:db:90:a7:6d:55:62:08:17:60:
                    b1:17:c5:90:47:04:54:b2:ef:93:5b:ae:cd:c7:21:
                    38:c5:e0:21:f7:8d:7e:36:8d:34:63:6d:64:08:0b:
                    ba:30:3d:f2:f6:b9:11:42:40:36:15:06:9f:7a:14:
                    ca:8d:3e:51:8e:f8:a4:d7:a4:90:22:d0:99:65:58:
                    f4:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:A1:49:CF:14:F9:A6:68:D9:EF:B5:34:8D:24:AD:ED:F5:5A:44:F6
            X509v3 Authority Key Identifier:
                keyid:F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:f1:f1:09:50:0e:39:2d:80:42:4c:af:04:98:8f:af:5e:87:
         4f:1e:95:09:56:57:f8:d2:9d:5c:b2:da:67:27:46:e6:11:23:
         40:91:36:ed:2a:02:63:91:53:79:50:17:88:1f:01:d0:c4:7c:
         1a:87:78:0f:de:a6:72:b6:60:b3:20:18:d8:0e:ed:ed:62:db:
         22:02:ac:a7:61:44:29:ac:1a:12:58:09:52:14:00:4f:af:7f:
         e1:15:fe:d2:c0:8a:d6:78:8a:9e:84:b2:c9:a0:ab:d2:a5:ce:
         52:48:cc:8c:61:1c:a5:6b:13:28:79:98:8d:80:d7:32:ef:98:
         9a:c1:87:a2:65:04:4d:d8:25:9b:64:8d:3a:21:fe:de:0c:a5:
         b1:20:f0:a8:da:9e:39:b3:66:90:2f:e2:8b:57:9f:b8:fb:ad:
         6a:0e:21:1b:2d:7c:17:1a:f7:56:07:8c:2b:30:ff:c4:3e:2e:
         db:a0:76:0c:0c:01:10:cd:e8:8a:6c:14:56:68:9f:c7:5e:f7:
         d6:8e:0c:b4:a7:76:a1:fa:eb:bd:a9:4f:d7:13:6a:81:07:c5:
         0f:4c:92:f0:9b:ca:5a:e5:7d:db:6b:c7:0a:3c:00:b2:91:8e:
         94:74:7a:c4:68:3b:6d:7b:4f:97:16:91:bc:7e:05:6e:d0:18:
         69:c1:4d:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc0i2VqGZKsFOO0Y0ndLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTUwMGYzOTc2MjNhYjFkNTYwMDQ4MzU0NjdmY2NmM2Qw
YTNiMGYwHhcNMjUwODIzMDEwMzAxWhcNMjUwODI0MDEwMzAxWjAzMTEwLwYDVQQD
Eyg2YWExNDljZjE0ZjlhNjY4ZDllZmI1MzQ4ZDI0YWRlZGY1NWE0NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMfdCR5esZglEHK1GnYCQHtahooZ
In/GzxQn3N0gF1LAPkmNa+PVRJEeHhrYeaWOrqOyMFvpN+/aw5rYbKIejkwa37st
S+tx5zJ2BD7V88v+H/C/xfnZc7n/ibFic7CRrgatkFWrZOBxvjJGV2IV2yix6aU5
1roW5apt7FIgGm86tTu/b4/lLEBN2UQ27UqrsKGQZp202inxVIvSa9TtNv1Q3g2X
8B55YwxBdFXjr/UG+oosVLNRD2vbkKdtVWIIF2CxF8WQRwRUsu+TW67NxyE4xeAh
941+No00Y21kCAu6MD3y9rkRQkA2FQafehTKjT5Rjvik16SQItCZZVj0wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGqhSc8U+aZo2e+1NI0kre31WkT2MB8GA1UdIwQY
MBaAFPWlAPOXYjqx1WAEg1Rn/M89CjsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAt
ZTc2ZmQ5YzlkYzhjLzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAtZTc2ZmQ5YzlkYzhj
LzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwPHxCVAO
OS2AQkyvBJiPr16HTx6VCVZX+NKdXLLaZydG5hEjQJE27SoCY5FTeVAXiB8B0MR8
God4D96mcrZgsyAY2A7t7WLbIgKsp2FEKawaElgJUhQAT69/4RX+0sCK1niKnoSy
yaCr0qXOUkjMjGEcpWsTKHmYjYDXMu+YmsGHomUETdglm2SNOiH+3gylsSDwqNqe
ObNmkC/ii1efuPutag4hGy18Fxr3VgeMKzD/xD4u26B2DAwBEM3oimwUVmifx173
1o4MtKd2ofrrvalP1xNqgQfFD0yS8JvKWuV922vHCjwAspGOlHR6xGg7bXtPlxaR
vH4FbtAYacFNbA==
-----END CERTIFICATE-----