Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          rsZ5HFS8hdFCw+98uZdjWMsBfjOYLp0twFsn72ak9t4=
Subject key identifier:   AB:9E:84:7D:96:34:40:57:90:DA:F2:A3:2A:C4:01:2B:FE:C6:3B:48
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       0198D6CD67E4C65B56C0935F16BB4F6D25B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          097A
Signing time:             Sat 23 Aug 2025 12:00:42 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:42 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:42 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: VwIDDd39ayRRuJuqg9bY8U2uXcGDbrrOB9XgRKX/Lmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:67:e4:c6:5b:56:c0:93:5f:16:bb:4f:6d:25:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Aug 23 12:00:42 2025 GMT
            Not After : Aug 24 12:00:42 2025 GMT
        Subject: CN=ab9e847d9634405790daf2a32ac4012bfec63b48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c5:44:98:45:9a:02:55:22:11:e0:b9:54:52:
                    b4:76:75:e3:cd:a2:37:72:3f:2b:94:c2:03:3d:c2:
                    f8:8b:1b:fb:b2:94:e1:1d:35:77:ad:6c:66:24:4c:
                    24:06:b5:cb:5c:47:80:22:be:d6:55:76:d7:3f:86:
                    55:47:6d:01:5e:cd:b0:03:18:a3:f3:3b:c3:ca:46:
                    fe:dd:12:b7:1c:f6:4e:92:19:cd:75:41:c2:67:e3:
                    cb:5a:fb:c5:78:55:e1:6b:22:bf:bd:66:42:81:43:
                    89:d3:0c:6a:80:0a:76:6c:59:4c:a9:18:ee:ed:f3:
                    38:92:0d:e4:e2:64:5d:c6:47:d9:65:af:b2:94:dc:
                    34:ed:75:7a:c8:3b:dd:6d:07:89:d3:71:91:a1:e7:
                    df:d0:c1:0f:87:c9:4a:ac:35:3d:4d:42:d4:04:f6:
                    57:34:af:48:10:a0:3e:8e:a7:05:00:92:09:0a:2e:
                    3f:6b:b3:e8:87:cc:17:48:b3:8d:34:cb:ac:1b:84:
                    e2:94:fe:50:1d:90:ae:d0:33:53:79:a2:31:15:3a:
                    66:ae:e0:e2:88:87:80:ee:36:3a:c6:98:c6:ea:52:
                    84:1a:23:41:e5:4e:99:88:6d:c0:64:b4:01:c1:47:
                    2f:a9:8f:7e:df:0b:85:e7:b3:67:13:bd:1a:5e:61:
                    2c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9E:84:7D:96:34:40:57:90:DA:F2:A3:2A:C4:01:2B:FE:C6:3B:48
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:69:c8:e6:3c:fe:2a:59:83:05:75:6c:23:c5:10:cd:c6:7a:
         44:22:00:b6:e3:cf:5c:91:a4:3e:53:e7:df:ac:76:b5:a2:f8:
         6f:82:31:2b:29:c5:02:ab:d8:41:b5:7e:46:70:dc:23:c8:3c:
         b2:4d:fa:84:e6:b2:07:96:9e:cb:80:77:23:84:30:29:5d:7e:
         d2:a3:e3:ed:58:2c:ea:79:a2:52:0e:25:af:ca:47:8c:91:df:
         50:b9:f2:64:8b:66:e4:28:a3:13:93:67:dc:21:d3:44:7a:5c:
         c9:5c:11:f7:1f:04:4a:50:06:da:96:0a:16:58:ca:60:89:00:
         64:27:bb:56:b9:15:d0:b0:5d:67:7c:6e:c5:76:0b:ea:32:b6:
         13:ce:37:a4:48:b7:1f:48:a9:3b:c2:86:bb:87:e4:f5:40:5f:
         ae:e6:f1:1e:66:5d:4b:80:09:d1:2f:e9:88:97:2b:1c:8a:80:
         05:48:d0:56:d2:f2:49:01:08:82:a7:f6:b8:4c:2a:d9:f6:b2:
         77:3c:36:61:e7:00:90:3f:7f:00:45:f7:05:72:2b:da:6e:b7:
         c9:bd:a4:4d:5f:cf:17:9a:1d:04:c0:ff:63:25:bb:d2:24:72:
         50:9d:49:4c:ca:31:cf:51:cd:1d:e0:9d:97:82:82:bf:b4:f3:
         b2:33:26:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzWfkxltWwJNfFrtPbSW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjUwODIzMTIwMDQyWhcNMjUwODI0MTIwMDQyWjAzMTEwLwYDVQQD
EyhhYjllODQ3ZDk2MzQ0MDU3OTBkYWYyYTMyYWM0MDEyYmZlYzYzYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8VEmEWaAlUiEeC5VFK0dnXjzaI3
cj8rlMIDPcL4ixv7spThHTV3rWxmJEwkBrXLXEeAIr7WVXbXP4ZVR20BXs2wAxij
8zvDykb+3RK3HPZOkhnNdUHCZ+PLWvvFeFXhayK/vWZCgUOJ0wxqgAp2bFlMqRju
7fM4kg3k4mRdxkfZZa+ylNw07XV6yDvdbQeJ03GRoeff0MEPh8lKrDU9TULUBPZX
NK9IEKA+jqcFAJIJCi4/a7Poh8wXSLONNMusG4TilP5QHZCu0DNTeaIxFTpmruDi
iIeA7jY6xpjG6lKEGiNB5U6ZiG3AZLQBwUcvqY9+3wuF57NnE70aXmEs5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuehH2WNEBXkNryoyrEASv+xjtIMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2nI5jz+
KlmDBXVsI8UQzcZ6RCIAtuPPXJGkPlPn36x2taL4b4IxKynFAqvYQbV+RnDcI8g8
sk36hOayB5aey4B3I4QwKV1+0qPj7Vgs6nmiUg4lr8pHjJHfULnyZItm5CijE5Nn
3CHTRHpcyVwR9x8ESlAG2pYKFljKYIkAZCe7VrkV0LBdZ3xuxXYL6jK2E843pEi3
H0ipO8KGu4fk9UBfrubxHmZdS4AJ0S/piJcrHIqABUjQVtLySQEIgqf2uEwq2fay
dzw2YecAkD9/AEX3BXIr2m63yb2kTV/PF5odBMD/YyW70iRyUJ1JTMoxz1HNHeCd
l4KCv7TzsjMm1g==
-----END CERTIFICATE-----