Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          l3feuFsP3dVhzCoRCr3+mqondvGBumQ/5Zv4DMuLBLs=
Subject key identifier:   35:5F:69:89:69:FB:5A:AC:2E:0F:BF:A8:1D:C3:FA:1F:63:60:68:1E
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       0198D472BF623A03CFB691A98B1017CF931E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0DA9
Signing time:             Sat 23 Aug 2025 01:02:26 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:26 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:26 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: s389PqQRdkklZ7DKEVO35Zp0/tbZ7V3pVN6n3SlO3jY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:bf:62:3a:03:cf:b6:91:a9:8b:10:17:cf:93:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Aug 23 01:02:26 2025 GMT
            Not After : Aug 24 01:02:26 2025 GMT
        Subject: CN=355f698969fb5aac2e0fbfa81dc3fa1f6360681e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f9:d7:24:ef:84:73:01:24:af:25:d6:71:3a:
                    4a:75:dc:78:d2:4a:bb:26:c7:9d:94:35:d5:b5:12:
                    ad:3a:f9:b5:76:05:60:50:5c:89:1a:ed:65:7c:00:
                    04:c6:c0:b4:84:2f:c0:1f:dd:11:54:bc:38:fd:d6:
                    95:a2:54:a2:7c:06:cc:e5:60:af:c6:1c:1a:0f:22:
                    8d:f1:09:f0:9c:4b:6f:d0:44:f8:d7:02:f1:75:d7:
                    ad:f5:44:d5:95:2a:96:70:9a:14:5a:e5:7a:c4:37:
                    26:8f:f2:f0:9a:7c:cc:a3:e6:df:2e:ba:55:d4:69:
                    2f:b6:a8:28:86:d6:6f:ae:50:17:54:2f:ed:18:00:
                    2a:26:14:3b:07:89:69:ce:ba:4c:3a:b8:4a:ed:29:
                    21:40:ff:ae:ee:d1:b1:0a:0b:8c:a2:ce:2d:ba:26:
                    b3:d7:a2:25:44:70:2b:82:8f:49:d8:2d:3a:be:ca:
                    f4:17:e6:3c:a7:f9:db:fc:4b:fe:ba:fd:3c:da:21:
                    75:40:b9:21:81:08:21:60:58:29:9e:5c:8c:9c:c9:
                    d2:c4:d6:98:ff:d7:c1:e8:0e:a7:e9:a9:bd:c6:93:
                    c3:94:a0:03:cb:5f:c4:c2:5d:0f:91:1e:e5:3c:8f:
                    af:f7:c8:87:0b:cc:a6:db:e5:9b:82:67:7d:7f:c5:
                    76:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:5F:69:89:69:FB:5A:AC:2E:0F:BF:A8:1D:C3:FA:1F:63:60:68:1E
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:27:6b:65:a5:22:79:35:9f:04:ac:b3:ad:7d:cd:70:ca:d9:
         e5:69:cc:30:43:18:a5:90:c7:94:c1:63:d5:16:be:66:4a:89:
         bc:6c:54:f9:5c:ad:2d:ca:ad:fd:12:0c:7e:53:e9:25:87:69:
         44:cc:f5:d6:08:4f:db:9a:3b:c7:a8:e5:50:d9:12:7d:19:75:
         03:89:74:92:fc:57:d1:c0:11:29:b3:1c:86:1f:a4:c3:37:ae:
         de:7a:60:bc:b4:ea:b3:8d:5b:99:35:a3:cf:bb:06:76:bc:74:
         5b:5b:8f:25:00:86:b5:7d:87:90:a9:dc:60:00:e9:c4:f6:e3:
         4f:96:49:32:19:23:ee:f2:e8:d6:ea:b7:d1:e6:88:2f:f2:40:
         23:60:b9:42:bc:97:41:8a:4c:06:89:87:30:f1:ec:f3:c5:e0:
         ea:2c:d3:64:97:de:a0:1f:18:95:35:67:80:61:d8:ae:22:3e:
         c2:8c:06:df:47:8a:df:26:f8:88:07:88:5a:75:ac:2a:13:4a:
         bb:3f:ce:85:07:68:75:19:fc:7b:9e:b2:f7:9b:3f:ed:de:b9:
         b9:8a:dd:72:39:a7:f1:1d:98:75:6f:1f:59:29:18:31:5b:66:
         50:a2:46:32:87:e5:70:4e:d8:62:6e:a0:20:b2:b2:3d:80:4a:
         91:43:ed:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcr9iOgPPtpGpixAXz5MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjUwODIzMDEwMjI2WhcNMjUwODI0MDEwMjI2WjAzMTEwLwYDVQQD
EygzNTVmNjk4OTY5ZmI1YWFjMmUwZmJmYTgxZGMzZmExZjYzNjA2ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/nXJO+EcwEkryXWcTpKddx40kq7
JsedlDXVtRKtOvm1dgVgUFyJGu1lfAAExsC0hC/AH90RVLw4/daVolSifAbM5WCv
xhwaDyKN8QnwnEtv0ET41wLxddet9UTVlSqWcJoUWuV6xDcmj/LwmnzMo+bfLrpV
1GkvtqgohtZvrlAXVC/tGAAqJhQ7B4lpzrpMOrhK7SkhQP+u7tGxCguMos4tuiaz
16IlRHArgo9J2C06vsr0F+Y8p/nb/Ev+uv082iF1QLkhgQghYFgpnlyMnMnSxNaY
/9fB6A6n6am9xpPDlKADy1/Ewl0PkR7lPI+v98iHC8ym2+Wbgmd9f8V2gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVfaYlp+1qsLg+/qB3D+h9jYGgeMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABidrZaUi
eTWfBKyzrX3NcMrZ5WnMMEMYpZDHlMFj1Ra+ZkqJvGxU+VytLcqt/RIMflPpJYdp
RMz11ghP25o7x6jlUNkSfRl1A4l0kvxX0cARKbMchh+kwzeu3npgvLTqs41bmTWj
z7sGdrx0W1uPJQCGtX2HkKncYADpxPbjT5ZJMhkj7vLo1uq30eaIL/JAI2C5QryX
QYpMBomHMPHs88Xg6izTZJfeoB8YlTVngGHYriI+wowG30eK3yb4iAeIWnWsKhNK
uz/OhQdodRn8e56y95s/7d65uYrdcjmn8R2YdW8fWSkYMVtmUKJGMoflcE7YYm6g
ILKyPYBKkUPtUg==
-----END CERTIFICATE-----