Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          zApNBSvEBZGJl95IxWj9jYSdKjHedH/zssrlqi3YQYo=
Subject key identifier:   97:B7:12:CC:9F:7D:98:8E:29:39:2E:93:A3:26:AA:50:EC:37:31:84
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       0198D65F4BF1F87D1276F98F26428563495A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          1195
Signing time:             Sat 23 Aug 2025 10:00:26 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:26 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:26 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: v6GTXeKODRNSJlVYDjJXMCyGKS+9U0gvDb1pdkt98pk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:4b:f1:f8:7d:12:76:f9:8f:26:42:85:63:49:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Aug 23 10:00:26 2025 GMT
            Not After : Aug 24 10:00:26 2025 GMT
        Subject: CN=97b712cc9f7d988e29392e93a326aa50ec373184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:62:a0:03:38:bd:8a:87:32:13:d7:7b:4d:f1:
                    1d:a1:82:e0:86:af:73:18:ea:65:f5:69:e9:99:07:
                    2d:4e:e1:a6:59:ee:dd:fa:3b:ea:66:f1:56:69:f6:
                    af:97:bf:c1:66:3b:9a:27:40:82:3e:a1:d0:8a:87:
                    84:b9:37:6d:1d:02:fc:fc:b7:cc:4c:41:aa:39:d3:
                    bd:1c:bd:17:7f:40:a3:90:9c:ad:3f:e1:11:dc:01:
                    49:42:84:c1:58:46:46:1b:2d:f6:cf:40:6f:0e:ce:
                    a7:db:eb:c3:68:1a:73:37:20:f3:ca:ad:e3:b7:b3:
                    c7:3a:03:5f:39:e3:ee:aa:d7:11:bb:93:82:85:95:
                    78:dd:30:c1:9c:b7:8f:5c:02:a0:5b:7f:94:9a:5d:
                    df:40:99:87:3d:06:00:a8:a7:28:7f:e2:ee:dd:05:
                    cf:ed:c2:3e:4b:29:cf:66:83:ad:7f:6d:ef:0d:4a:
                    c3:92:81:9d:e4:2d:03:6d:0f:82:cc:10:4a:5d:de:
                    7b:80:1e:4b:e8:f3:eb:62:a1:fc:eb:f8:cd:f1:2b:
                    80:0d:7a:80:95:74:96:0f:b1:fb:39:63:17:f0:b7:
                    7b:ce:40:54:47:fd:3b:64:95:0b:aa:3c:a2:27:78:
                    7f:a5:dc:11:cb:55:c6:bf:2a:6f:62:91:47:87:7f:
                    07:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:B7:12:CC:9F:7D:98:8E:29:39:2E:93:A3:26:AA:50:EC:37:31:84
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:0e:69:8c:1c:44:04:57:66:b3:be:83:f6:a7:90:f4:4d:62:
         5e:e5:d5:21:c2:04:9f:91:19:94:4a:ce:9f:39:12:19:2b:80:
         fa:e3:41:de:49:88:3e:d0:d2:00:f1:dc:e0:e5:60:53:7b:ef:
         19:d6:4d:de:ae:02:7a:63:2d:ac:ea:30:69:13:aa:d3:24:4e:
         6a:c1:b7:7c:a4:1e:38:57:e0:b6:82:06:66:c5:c6:08:30:3b:
         17:31:d0:ca:e8:ab:e0:37:f1:dd:de:a4:fe:14:93:a1:22:ba:
         bc:44:d5:8f:df:37:34:8f:73:55:9b:4c:1a:e2:57:0b:a0:da:
         80:68:94:e5:f0:0a:18:6e:5e:0d:58:a2:9d:ae:96:bb:3c:c9:
         07:96:4a:c1:d1:d2:31:a5:26:5c:57:7b:30:52:b6:89:b3:0e:
         dd:a1:de:a5:44:10:9f:6e:36:15:46:88:41:29:3a:36:50:d5:
         a2:0b:fb:76:54:c3:27:4a:6c:76:f8:d7:14:d5:4f:83:59:ac:
         07:10:02:ef:bc:c2:79:45:70:60:ed:60:a7:a8:50:45:69:cb:
         10:6b:de:b2:f6:41:5c:38:f3:64:32:a6:1c:88:f9:f4:40:ef:
         ff:66:3f:3d:24:cb:76:bb:85:79:22:1c:4d:3f:10:16:19:ef:
         53:00:df:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX0vx+H0SdvmPJkKFY0laMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUwODIzMTAwMDI2WhcNMjUwODI0MTAwMDI2WjAzMTEwLwYDVQQD
Eyg5N2I3MTJjYzlmN2Q5ODhlMjkzOTJlOTNhMzI2YWE1MGVjMzczMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2KgAzi9iocyE9d7TfEdoYLghq9z
GOpl9WnpmQctTuGmWe7d+jvqZvFWafavl7/BZjuaJ0CCPqHQioeEuTdtHQL8/LfM
TEGqOdO9HL0Xf0CjkJytP+ER3AFJQoTBWEZGGy32z0BvDs6n2+vDaBpzNyDzyq3j
t7PHOgNfOePuqtcRu5OChZV43TDBnLePXAKgW3+Uml3fQJmHPQYAqKcof+Lu3QXP
7cI+SynPZoOtf23vDUrDkoGd5C0DbQ+CzBBKXd57gB5L6PPrYqH86/jN8SuADXqA
lXSWD7H7OWMX8Ld7zkBUR/07ZJULqjyiJ3h/pdwRy1XGvypvYpFHh38HBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJe3EsyffZiOKTkuk6MmqlDsNzGEMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUQ5pjBxE
BFdms76D9qeQ9E1iXuXVIcIEn5EZlErOnzkSGSuA+uNB3kmIPtDSAPHc4OVgU3vv
GdZN3q4CemMtrOowaROq0yROasG3fKQeOFfgtoIGZsXGCDA7FzHQyuir4Dfx3d6k
/hSToSK6vETVj983NI9zVZtMGuJXC6DagGiU5fAKGG5eDViina6WuzzJB5ZKwdHS
MaUmXFd7MFK2ibMO3aHepUQQn242FUaIQSk6NlDVogv7dlTDJ0psdvjXFNVPg1ms
BxAC77zCeUVwYO1gp6hQRWnLEGvesvZBXDjzZDKmHIj59EDv/2Y/PSTLdruFeSIc
TT8QFhnvUwDfFw==
-----END CERTIFICATE-----