Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
File:                     9aUA85diOrHVYASDVGf8zz0KOw8.mft (raw, json)
Hash identifier:          6jmptFsvHkvQfmzNB1ASYWAOvZafw0pyrJgx5B0dtwo=
Subject key identifier:   C2:27:18:4C:AF:C3:B8:F9:72:4D:AE:D6:B2:8E:DB:E4:DA:EE:9E:77
Authority key identifier: F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F
Certificate issuer:       /CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
Certificate serial:       0197B88EC672A5E787BFA4730E26185A27E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
Manifest number:          0C4C
Signing time:             Sat 28 Jun 2025 22:00:53 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:53 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:53 +0000
Files and hashes:         1: 9aUA85diOrHVYASDVGf8zz0KOw8.crl (hash: /MfFiP3s8LUXOJDPp0koVt6ButHm8KShC3vzXkDbTIs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:c6:72:a5:e7:87:bf:a4:73:0e:26:18:5a:27:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
        Validity
            Not Before: Jun 28 22:00:53 2025 GMT
            Not After : Jun 29 22:00:53 2025 GMT
        Subject: CN=c227184cafc3b8f9724daed6b28edbe4daee9e77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ea:d6:ac:85:b5:43:3e:00:4c:f3:0e:03:1a:
                    36:73:6d:07:51:5d:4e:70:35:37:9a:dc:67:96:d2:
                    31:9d:68:8b:68:c7:4c:b1:bf:e3:bf:a1:64:c7:aa:
                    74:56:1b:63:cb:74:88:d1:0e:93:bd:4c:d3:40:1e:
                    f1:1e:3b:63:e1:03:c6:4e:57:57:d4:d5:a5:0a:d5:
                    93:f8:93:bc:83:33:57:80:0a:0b:b5:28:05:70:73:
                    fe:61:2e:c5:3d:36:3e:77:e0:3f:4c:1c:b8:7b:f3:
                    aa:f5:d1:7b:54:8b:e9:52:fe:c0:60:78:ea:33:09:
                    5e:85:ac:3c:81:6f:22:53:2c:64:08:35:00:58:04:
                    5e:94:81:5a:2a:c8:b9:b4:d9:86:1d:c9:54:bb:55:
                    e2:8b:70:c2:7d:d0:7e:97:94:98:23:bc:80:f2:bd:
                    ec:a9:6a:1d:63:28:50:81:06:dd:22:fe:77:51:44:
                    99:fc:86:f2:d3:55:e7:42:7d:eb:77:32:43:df:74:
                    11:8a:43:3f:12:2b:6c:5c:1a:98:29:f0:29:f0:e8:
                    a2:39:c6:b6:59:f2:76:8d:76:d8:2d:9b:88:81:fa:
                    42:dc:9d:bf:d9:13:e7:45:65:b2:7b:f3:88:f4:58:
                    f9:05:09:9b:79:d2:45:a2:82:d6:30:d5:3f:29:d5:
                    4c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:27:18:4C:AF:C3:B8:F9:72:4D:AE:D6:B2:8E:DB:E4:DA:EE:9E:77
            X509v3 Authority Key Identifier:
                keyid:F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:1a:02:a0:94:d5:7a:31:3a:70:1b:c0:be:56:f1:96:00:19:
         ca:3f:4c:cf:49:63:8c:ca:32:ee:e1:c0:19:b1:01:d9:40:75:
         ef:56:6c:48:e3:90:b8:a1:ed:8c:17:4e:e1:81:64:3d:70:eb:
         00:94:2e:d3:f7:b5:66:bb:fe:6c:66:df:89:0a:e5:2a:57:1e:
         44:0c:37:ab:9e:15:ae:fb:f4:31:05:e5:63:b8:42:c9:5a:c6:
         6e:02:c5:a1:46:37:7c:76:9f:d2:fb:20:2c:35:25:06:79:87:
         c5:cc:84:70:23:51:eb:80:ce:ea:bf:4d:10:b1:6f:c6:32:49:
         7a:aa:9d:d8:77:99:d9:08:0a:05:33:1b:c7:e5:a7:b2:38:b8:
         83:dd:6f:94:32:76:06:d6:72:fb:23:98:7d:bb:43:f0:24:0b:
         5f:ec:69:d9:47:8b:09:64:ec:24:64:a1:3e:bb:c9:a7:88:24:
         a1:62:cd:ba:71:8a:bc:4e:46:b0:66:2f:f9:4c:1b:e7:9e:42:
         bb:21:b3:45:6e:e8:00:45:6b:ac:03:be:0d:7e:08:3f:a8:46:
         e1:14:11:79:9e:f1:15:23:80:b2:62:bc:10:e8:13:b3:26:98:
         1d:0a:f8:dc:06:68:d4:11:6a:8a:31:58:16:9f:ee:ab:15:5c:
         d6:bd:39:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jsZypeeHv6RzDiYYWifgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTUwMGYzOTc2MjNhYjFkNTYwMDQ4MzU0NjdmY2NmM2Qw
YTNiMGYwHhcNMjUwNjI4MjIwMDUzWhcNMjUwNjI5MjIwMDUzWjAzMTEwLwYDVQQD
EyhjMjI3MTg0Y2FmYzNiOGY5NzI0ZGFlZDZiMjhlZGJlNGRhZWU5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxerWrIW1Qz4ATPMOAxo2c20HUV1O
cDU3mtxnltIxnWiLaMdMsb/jv6Fkx6p0Vhtjy3SI0Q6TvUzTQB7xHjtj4QPGTldX
1NWlCtWT+JO8gzNXgAoLtSgFcHP+YS7FPTY+d+A/TBy4e/Oq9dF7VIvpUv7AYHjq
Mwlehaw8gW8iUyxkCDUAWARelIFaKsi5tNmGHclUu1Xii3DCfdB+l5SYI7yA8r3s
qWodYyhQgQbdIv53UUSZ/Iby01XnQn3rdzJD33QRikM/EitsXBqYKfAp8OiiOca2
WfJ2jXbYLZuIgfpC3J2/2RPnRWWye/OI9Fj5BQmbedJFooLWMNU/KdVMSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMInGEyvw7j5ck2u1rKO2+Ta7p53MB8GA1UdIwQY
MBaAFPWlAPOXYjqx1WAEg1Rn/M89CjsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAt
ZTc2ZmQ5YzlkYzhjLzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAtZTc2ZmQ5YzlkYzhj
LzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADRoCoJTV
ejE6cBvAvlbxlgAZyj9Mz0ljjMoy7uHAGbEB2UB171ZsSOOQuKHtjBdO4YFkPXDr
AJQu0/e1Zrv+bGbfiQrlKlceRAw3q54Vrvv0MQXlY7hCyVrGbgLFoUY3fHaf0vsg
LDUlBnmHxcyEcCNR64DO6r9NELFvxjJJeqqd2HeZ2QgKBTMbx+Wnsji4g91vlDJ2
BtZy+yOYfbtD8CQLX+xp2UeLCWTsJGShPrvJp4gkoWLNunGKvE5GsGYv+Uwb555C
uyGzRW7oAEVrrAO+DX4IP6hG4RQReZ7xFSOAsmK8EOgTsyaYHQr43AZo1BFqijFY
Fp/uqxVc1r05aQ==
-----END CERTIFICATE-----