Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
File:                     Hn19JBnxEYqsXJktKt_2l7A-mns.mft (raw, json)
Hash identifier:          apco3sK1bwg2dYg25jzzRl1ZHRrzYNu7p8FcYrwzhEg=
Subject key identifier:   DD:68:76:E9:DB:44:6B:C7:D1:EF:4D:F7:82:13:7F:EA:0C:43:34:88
Authority key identifier: 1E:7D:7D:24:19:F1:11:8A:AC:5C:99:2D:2A:DF:F6:97:B0:3E:9A:7B
Certificate issuer:       /CN=1e7d7d2419f1118aac5c992d2adff697b03e9a7b
Certificate serial:       0198D5BC5FA0ABFE36E7A9B4E1461B67E191
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
Manifest number:          0822
Signing time:             Sat 23 Aug 2025 07:02:28 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:28 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:28 +0000
Files and hashes:         1: Hn19JBnxEYqsXJktKt_2l7A-mns.crl (hash: JPVkOh8+wNFuvti+AFsfnRx32yk3KWr1NV1QFnnrQGg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:5f:a0:ab:fe:36:e7:a9:b4:e1:46:1b:67:e1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e7d7d2419f1118aac5c992d2adff697b03e9a7b
        Validity
            Not Before: Aug 23 07:02:28 2025 GMT
            Not After : Aug 24 07:02:28 2025 GMT
        Subject: CN=dd6876e9db446bc7d1ef4df782137fea0c433488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:26:4b:20:f4:8d:0d:b4:1a:fc:e5:91:e6:85:
                    2f:13:de:71:7c:87:7d:c1:ec:0a:5b:4c:3b:70:f6:
                    c7:46:79:e2:b2:4a:dc:d0:57:86:b1:cc:cc:79:1a:
                    6b:21:1a:63:36:6a:a3:af:33:1c:4d:01:6e:ef:31:
                    1b:5a:13:8f:61:7d:36:dc:c6:86:72:92:2c:d0:2b:
                    5a:2e:9a:37:38:b8:7f:4f:f4:7b:07:dc:b7:94:0c:
                    0b:68:c8:9a:f2:bd:30:06:52:56:5a:e3:77:60:7e:
                    34:9d:0d:8f:bf:2f:50:60:f6:18:86:6e:fa:40:57:
                    62:fe:25:d1:63:32:ce:11:59:1d:bb:47:d3:6e:39:
                    53:15:31:0a:75:85:e8:ce:ed:6c:cd:d1:2b:03:61:
                    56:61:63:5f:19:21:9e:43:1e:7b:f2:00:58:38:09:
                    0d:41:6a:e2:33:64:d8:85:48:bc:cc:f0:e8:cc:55:
                    df:8f:d1:df:a4:b4:74:b7:bd:8b:f4:7b:78:41:76:
                    96:fa:35:28:c7:7c:30:f6:75:c4:0c:dd:59:5a:cb:
                    65:81:b3:49:85:43:4b:56:4c:91:18:bb:db:9a:b4:
                    79:0a:f2:5b:71:47:12:3b:e9:ef:c0:da:84:5e:7a:
                    0d:e3:97:d9:ba:96:08:bc:f2:e6:0f:16:1e:4d:ae:
                    24:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:68:76:E9:DB:44:6B:C7:D1:EF:4D:F7:82:13:7F:EA:0C:43:34:88
            X509v3 Authority Key Identifier:
                keyid:1E:7D:7D:24:19:F1:11:8A:AC:5C:99:2D:2A:DF:F6:97:B0:3E:9A:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:40:23:1b:26:2d:f9:7b:a9:d2:ca:e8:81:4c:9e:11:8f:87:
         fa:df:34:23:cb:b1:cf:54:6d:68:ca:9f:35:fd:2b:34:bf:cc:
         58:37:3c:8d:5f:0e:5b:0b:73:e3:b1:a1:db:8a:09:1b:11:a5:
         9b:c0:bd:f7:54:7a:d4:d3:aa:5e:0b:6e:9b:6e:ac:72:ae:92:
         10:2c:42:69:a9:4b:3d:91:62:13:9a:f1:c8:77:2d:77:09:74:
         fd:d3:45:fc:9d:e5:ab:b9:39:ff:12:3e:ac:17:13:b9:50:ed:
         b5:95:fc:bd:71:5f:5c:f3:8c:e3:55:8d:3d:0d:9c:57:24:82:
         cb:25:ea:f1:0a:3f:35:c0:48:56:58:85:2e:33:02:1d:34:36:
         12:b6:ea:3f:8e:0a:6c:3b:6f:a1:d8:48:15:ec:37:04:98:ae:
         23:fe:92:80:34:7e:ad:a3:ba:67:22:f4:9e:e5:34:d0:6c:85:
         7b:b5:0d:ee:ae:3f:85:5a:ee:82:51:67:aa:67:cc:63:82:b6:
         42:5a:2b:b3:af:ac:bc:48:e9:70:d0:e4:d7:c9:eb:8d:55:a5:
         84:a4:7d:d9:86:94:22:08:d4:c0:90:e3:4c:ac:14:e0:be:70:
         46:a8:a5:df:45:d2:c0:4c:61:dc:65:94:3f:45:d0:31:14:07:
         b3:eb:85:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvF+gq/4256m04UYbZ+GRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2Q3ZDI0MTlmMTExOGFhYzVjOTkyZDJhZGZmNjk3YjAz
ZTlhN2IwHhcNMjUwODIzMDcwMjI4WhcNMjUwODI0MDcwMjI4WjAzMTEwLwYDVQQD
EyhkZDY4NzZlOWRiNDQ2YmM3ZDFlZjRkZjc4MjEzN2ZlYTBjNDMzNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CZLIPSNDbQa/OWR5oUvE95xfId9
wewKW0w7cPbHRnniskrc0FeGsczMeRprIRpjNmqjrzMcTQFu7zEbWhOPYX023MaG
cpIs0CtaLpo3OLh/T/R7B9y3lAwLaMia8r0wBlJWWuN3YH40nQ2Pvy9QYPYYhm76
QFdi/iXRYzLOEVkdu0fTbjlTFTEKdYXozu1szdErA2FWYWNfGSGeQx578gBYOAkN
QWriM2TYhUi8zPDozFXfj9HfpLR0t72L9Ht4QXaW+jUox3ww9nXEDN1ZWstlgbNJ
hUNLVkyRGLvbmrR5CvJbcUcSO+nvwNqEXnoN45fZupYIvPLmDxYeTa4kPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1odunbRGvH0e9N94ITf+oMQzSIMB8GA1UdIwQY
MBaAFB59fSQZ8RGKrFyZLSrf9pewPpp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9jOGQ3OGYtYzI4Yy00MTE2LWEzYTIt
NWJmOTk4ZTI3ZmMwLzEvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9jOGQ3OGYtYzI4Yy00MTE2LWEzYTItNWJmOTk4ZTI3ZmMw
LzEvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeEAjGyYt
+Xup0srogUyeEY+H+t80I8uxz1RtaMqfNf0rNL/MWDc8jV8OWwtz47Gh24oJGxGl
m8C991R61NOqXgtum26scq6SECxCaalLPZFiE5rxyHctdwl0/dNF/J3lq7k5/xI+
rBcTuVDttZX8vXFfXPOM41WNPQ2cVySCyyXq8Qo/NcBIVliFLjMCHTQ2ErbqP44K
bDtvodhIFew3BJiuI/6SgDR+raO6ZyL0nuU00GyFe7UN7q4/hVruglFnqmfMY4K2
Qlors6+svEjpcNDk18nrjVWlhKR92YaUIgjUwJDjTKwU4L5wRqil30XSwExh3GWU
P0XQMRQHs+uFkw==
-----END CERTIFICATE-----