Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          5dd8JHZLRYoMdnh5/0HjTwte2BBw4VR+oRExhIaBp8Q=
Subject key identifier:   B7:FB:F4:4A:41:13:49:E0:DA:7E:52:2D:F2:F9:2A:52:A1:DD:E4:0E
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       0198D4E0CE16DAB96C31F66CCDC5FDB1C83D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0BC0
Signing time:             Sat 23 Aug 2025 03:02:39 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:39 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:39 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: WWDsvN2f9jHHS/KurPHmroWKwFjPT2iH8IKPE9HjrvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:ce:16:da:b9:6c:31:f6:6c:cd:c5:fd:b1:c8:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Aug 23 03:02:39 2025 GMT
            Not After : Aug 24 03:02:39 2025 GMT
        Subject: CN=b7fbf44a411349e0da7e522df2f92a52a1dde40e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5e:01:d3:af:34:57:d3:8a:3f:c9:5c:54:6b:
                    1d:b5:e3:13:b6:1b:35:9b:05:9c:d5:c0:25:69:f0:
                    83:36:c9:07:67:48:f2:5a:e0:84:58:66:cd:c3:50:
                    8a:19:79:9b:ef:eb:a7:fb:f6:bc:b3:a7:dc:4a:9e:
                    0a:f8:36:cc:ea:9c:50:df:d7:92:c0:4e:c0:33:70:
                    79:53:6b:76:c1:f1:42:96:22:f8:01:93:91:19:fa:
                    1b:a4:58:d6:0d:4d:89:4b:c3:8b:a1:3c:78:3a:70:
                    f9:83:71:00:fb:e2:11:83:5f:65:50:96:e0:3b:85:
                    c9:40:0a:0a:42:33:cc:d4:64:92:64:b7:34:26:96:
                    da:f4:22:be:1c:2b:47:10:a6:66:b5:71:c3:14:2e:
                    d4:90:4f:da:51:61:fd:41:66:e9:71:6e:0c:56:4e:
                    54:f0:c7:f9:1d:5f:11:7e:80:21:09:63:fb:20:f2:
                    78:e0:0d:58:34:ed:6f:b9:4b:19:fc:42:e4:ec:92:
                    cd:0f:44:05:95:8b:2f:b5:99:25:51:be:16:bb:b9:
                    2d:1a:ca:d1:75:7c:44:e0:c6:d9:19:bd:eb:b1:02:
                    44:c4:ea:70:2a:2a:17:f0:17:fa:b8:fd:db:5b:f8:
                    9b:ac:3e:8b:91:17:67:1c:42:f6:c2:77:5d:b7:37:
                    7e:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:FB:F4:4A:41:13:49:E0:DA:7E:52:2D:F2:F9:2A:52:A1:DD:E4:0E
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:fb:9f:f7:64:e9:a3:ba:26:07:80:73:f0:d2:08:32:89:cf:
         a9:de:e3:ce:42:af:94:93:4b:57:ef:2f:86:ec:4d:a0:07:0c:
         85:c9:5d:b5:e4:b0:0f:b4:a6:c6:75:3e:57:21:a9:9a:94:21:
         52:86:07:c5:3e:39:bc:b7:81:a1:5b:83:5e:0b:a6:48:fa:f0:
         87:69:1d:02:4c:05:14:fd:38:03:4c:19:f0:ec:fa:09:cc:46:
         1c:18:f6:d4:85:55:2d:60:00:34:19:65:5d:a7:bc:4b:30:10:
         04:d7:c6:55:45:91:14:fd:77:a7:d5:15:62:b4:eb:7a:bb:7d:
         54:c4:97:f0:46:c1:0b:bd:24:b1:56:02:a3:69:8a:6f:77:bb:
         f2:3e:70:60:74:67:cc:16:9a:bd:bd:4f:52:6b:48:b3:9e:7e:
         6c:3a:40:bd:fb:4a:f0:1b:ce:91:07:20:aa:d0:02:76:61:41:
         52:c3:3b:be:b3:73:36:5d:44:17:19:b7:6d:b1:e3:08:b2:84:
         47:df:c5:72:58:66:41:85:dc:8c:4d:9d:01:5e:49:cf:6a:e6:
         f9:e2:34:07:b9:1d:fa:a2:c6:0e:9a:35:34:51:61:b2:cc:24:
         ac:cb:97:a8:45:6e:cc:e7:ef:ca:72:f4:57:bd:b0:ed:dd:58:
         0b:90:98:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4M4W2rlsMfZszcX9scg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwODIzMDMwMjM5WhcNMjUwODI0MDMwMjM5WjAzMTEwLwYDVQQD
EyhiN2ZiZjQ0YTQxMTM0OWUwZGE3ZTUyMmRmMmY5MmE1MmExZGRlNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl4B0680V9OKP8lcVGsdteMTths1
mwWc1cAlafCDNskHZ0jyWuCEWGbNw1CKGXmb7+un+/a8s6fcSp4K+DbM6pxQ39eS
wE7AM3B5U2t2wfFCliL4AZORGfobpFjWDU2JS8OLoTx4OnD5g3EA++IRg19lUJbg
O4XJQAoKQjPM1GSSZLc0Jpba9CK+HCtHEKZmtXHDFC7UkE/aUWH9QWbpcW4MVk5U
8Mf5HV8RfoAhCWP7IPJ44A1YNO1vuUsZ/ELk7JLND0QFlYsvtZklUb4Wu7ktGsrR
dXxE4MbZGb3rsQJExOpwKioX8Bf6uP3bW/ibrD6LkRdnHEL2wnddtzd+cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLf79EpBE0ng2n5SLfL5KlKh3eQOMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvuf92Tp
o7omB4Bz8NIIMonPqd7jzkKvlJNLV+8vhuxNoAcMhcldteSwD7SmxnU+VyGpmpQh
UoYHxT45vLeBoVuDXgumSPrwh2kdAkwFFP04A0wZ8Oz6CcxGHBj21IVVLWAANBll
Xae8SzAQBNfGVUWRFP13p9UVYrTrert9VMSX8EbBC70ksVYCo2mKb3e78j5wYHRn
zBaavb1PUmtIs55+bDpAvftK8BvOkQcgqtACdmFBUsM7vrNzNl1EFxm3bbHjCLKE
R9/FclhmQYXcjE2dAV5Jz2rm+eI0B7kd+qLGDpo1NFFhsswkrMuXqEVuzOfvynL0
V72w7d1YC5CYoA==
-----END CERTIFICATE-----