Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          HDCb4f8g6BqmqnQQHpNYuCXUPQ+tvZ7pHNvb9GI42Y4=
Subject key identifier:   C6:10:F4:EC:8E:54:C2:04:AF:3C:8E:3C:32:DA:E2:7D:A6:74:E2:DA
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       0198D65FF9EBCADE4FBF49A547813733048E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          112F
Signing time:             Sat 23 Aug 2025 10:01:10 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:10 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:10 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: +5u0KtHHCo9rU2IL8PGkM6LGVFcNkAUcu02bwW2yiEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:f9:eb:ca:de:4f:bf:49:a5:47:81:37:33:04:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Aug 23 10:01:10 2025 GMT
            Not After : Aug 24 10:01:10 2025 GMT
        Subject: CN=c610f4ec8e54c204af3c8e3c32dae27da674e2da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0a:9d:03:2f:70:92:e2:e2:38:cd:85:2d:08:
                    f2:1f:05:bd:53:a7:d1:3c:0e:5d:51:95:ab:76:84:
                    0b:06:72:e5:1b:8f:1a:ae:59:ec:09:06:28:8e:ea:
                    21:9c:4d:eb:3c:77:0d:6c:4b:95:64:48:83:01:ee:
                    be:a2:a4:68:88:ab:0c:a4:65:5f:ac:89:82:56:aa:
                    4a:71:7e:51:9b:19:98:da:c0:ae:52:3a:09:35:24:
                    9e:39:e6:48:dd:16:18:95:5e:d7:da:ae:78:3a:82:
                    ef:c8:c9:a2:a1:27:b6:5c:a1:00:ad:ea:be:e9:61:
                    a7:b8:65:49:e1:42:bf:37:b3:f7:c8:60:5c:e4:82:
                    e4:64:1b:a2:eb:de:b4:bb:6f:39:83:9f:ed:df:b3:
                    f4:70:52:c7:58:d6:12:cc:c0:a0:42:fd:5e:f0:29:
                    ea:1e:b7:71:03:69:44:97:76:ed:d6:b5:bc:dd:3b:
                    e6:70:8b:09:b6:fb:8f:0e:c8:92:ae:5c:ee:65:c0:
                    81:0e:5c:86:6d:89:b0:8d:74:c5:91:ed:57:ab:ec:
                    9d:08:82:8a:0f:73:1d:83:cf:80:5d:7a:f5:34:9c:
                    57:ea:f8:3e:2f:68:ed:7c:e6:0c:9d:bd:34:15:c7:
                    aa:2d:82:d6:35:8c:84:b4:f4:fc:ab:f0:2d:e4:33:
                    a4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:10:F4:EC:8E:54:C2:04:AF:3C:8E:3C:32:DA:E2:7D:A6:74:E2:DA
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:34:f9:62:0c:8e:f6:f3:04:c4:d4:15:ef:a4:c7:e1:9a:ed:
         a9:7b:0c:5f:08:c7:f2:05:e9:82:1c:60:9d:04:bc:79:3a:d1:
         93:3e:17:45:2f:5c:b6:cb:a5:5e:89:b0:0d:4c:60:7b:c4:b8:
         29:d3:19:44:15:00:d9:c3:88:e9:35:7f:7f:16:fe:d7:35:9a:
         ef:55:78:57:de:84:57:7a:76:25:f7:c7:56:d6:1d:e1:6c:2b:
         85:4d:58:14:81:78:75:a5:0c:5d:25:c7:7f:0e:ae:7c:47:cc:
         f6:d3:94:1c:82:f4:dd:97:ad:c3:4b:25:72:85:80:0e:9a:77:
         e4:e6:ac:ef:59:6c:56:a1:15:b1:13:ea:b1:bd:89:20:9b:ed:
         1d:ea:f9:ad:2f:bd:40:2c:99:3b:3a:1f:b0:fc:9e:1b:77:ad:
         e3:87:4e:3d:1f:f0:0e:ec:1e:bd:dd:ce:06:73:ad:3d:6f:46:
         a4:d2:bf:cd:64:ef:85:77:33:35:d8:b2:b4:7c:69:29:8f:a1:
         c5:2f:af:6d:ef:a0:ad:24:d8:24:2b:2a:e4:d8:65:e6:06:c2:
         f3:1f:d6:2a:ca:1e:e1:ac:09:2b:2f:f0:f7:12:26:06:06:8f:
         61:80:81:0e:4e:c8:ed:68:40:23:53:ef:45:dd:93:d7:d7:8d:
         18:88:8e:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX/nryt5Pv0mlR4E3MwSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjUwODIzMTAwMTEwWhcNMjUwODI0MTAwMTEwWjAzMTEwLwYDVQQD
EyhjNjEwZjRlYzhlNTRjMjA0YWYzYzhlM2MzMmRhZTI3ZGE2NzRlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwqdAy9wkuLiOM2FLQjyHwW9U6fR
PA5dUZWrdoQLBnLlG48arlnsCQYojuohnE3rPHcNbEuVZEiDAe6+oqRoiKsMpGVf
rImCVqpKcX5RmxmY2sCuUjoJNSSeOeZI3RYYlV7X2q54OoLvyMmioSe2XKEAreq+
6WGnuGVJ4UK/N7P3yGBc5ILkZBui6960u285g5/t37P0cFLHWNYSzMCgQv1e8Cnq
HrdxA2lEl3bt1rW83TvmcIsJtvuPDsiSrlzuZcCBDlyGbYmwjXTFke1Xq+ydCIKK
D3Mdg8+AXXr1NJxX6vg+L2jtfOYMnb00FceqLYLWNYyEtPT8q/At5DOkcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYQ9OyOVMIErzyOPDLa4n2mdOLaMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeTT5YgyO
9vMExNQV76TH4ZrtqXsMXwjH8gXpghxgnQS8eTrRkz4XRS9ctsulXomwDUxge8S4
KdMZRBUA2cOI6TV/fxb+1zWa71V4V96EV3p2JffHVtYd4WwrhU1YFIF4daUMXSXH
fw6ufEfM9tOUHIL03Zetw0slcoWADpp35Oas71lsVqEVsRPqsb2JIJvtHer5rS+9
QCyZOzofsPyeG3et44dOPR/wDuwevd3OBnOtPW9GpNK/zWTvhXczNdiytHxpKY+h
xS+vbe+grSTYJCsq5Nhl5gbC8x/WKsoe4awJKy/w9xImBgaPYYCBDk7I7WhAI1Pv
Rd2T19eNGIiOyg==
-----END CERTIFICATE-----