Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File:                     0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier:          HR2PdYQpS1mn6Y7TYFaeKVdF/mLiYnW2gkqEQoQCVds=
Subject key identifier:   4C:BD:CD:40:79:9B:E0:87:E2:83:53:D0:FB:76:DF:EB:D4:91:7F:EC
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer:       /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial:       0198D5BB7CE575C0FBA131392BE3EE77D26B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number:          0151
Signing time:             Sat 23 Aug 2025 07:01:30 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:30 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:30 +0000
Files and hashes:         1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: 92kqBJKV8OWwrxJBX40efdc6bpxF9Ffrn2dsrIZV5ao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:7c:e5:75:c0:fb:a1:31:39:2b:e3:ee:77:d2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
        Validity
            Not Before: Aug 23 07:01:30 2025 GMT
            Not After : Aug 24 07:01:30 2025 GMT
        Subject: CN=4cbdcd40799be087e28353d0fb76dfebd4917fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6b:b5:44:29:3e:df:b7:25:0e:8e:c7:7d:54:
                    f4:8a:57:94:5a:b6:87:3b:7c:b9:57:ef:80:f5:75:
                    d3:7c:bb:9b:16:10:80:c8:78:22:17:c9:08:09:48:
                    8a:f2:ef:a5:46:4d:c8:8e:a5:c6:32:51:71:1e:73:
                    56:52:90:61:dd:d1:ec:a1:a8:19:6f:f0:9a:37:02:
                    dd:50:fb:44:f2:67:d4:82:58:09:f1:bc:fa:d8:3c:
                    49:c2:be:88:a7:f8:36:79:09:75:6e:4a:41:e5:35:
                    b6:f0:97:2c:9d:49:5e:12:1b:dd:37:02:0d:a0:1e:
                    9c:fd:5c:59:d4:19:8e:ec:62:ae:65:68:d3:cf:f1:
                    5c:11:22:98:fc:0d:91:c7:68:36:8a:9b:d8:32:7c:
                    0c:dd:14:95:0b:92:b6:6b:b2:a7:bd:83:6f:4e:39:
                    5f:f3:83:70:51:ca:31:e1:3a:0e:e0:f5:3e:b4:d0:
                    48:6a:df:c8:6d:1a:0f:c0:ad:f3:32:bb:c0:49:c0:
                    b7:8c:9c:40:ef:15:91:87:16:bd:e4:4e:e8:90:e6:
                    cd:c6:73:5b:db:3c:52:a6:51:1f:ee:4e:61:4e:7b:
                    88:75:99:6e:93:e6:9c:e3:0a:64:4c:c1:57:51:64:
                    5b:4d:42:e1:3a:38:17:f9:36:2d:61:d7:bd:da:7a:
                    2b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:BD:CD:40:79:9B:E0:87:E2:83:53:D0:FB:76:DF:EB:D4:91:7F:EC
            X509v3 Authority Key Identifier:
                keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:9a:82:68:56:b4:6e:1e:e7:37:0f:c4:1f:3f:2a:77:54:55:
         5a:69:36:74:56:d7:fe:4d:24:86:af:e9:e5:22:00:9d:e9:33:
         ea:e5:41:10:cb:d4:69:83:db:37:ab:0b:d9:73:e0:44:f2:22:
         54:01:8b:a7:d8:d8:ba:f7:68:4e:8a:a6:32:ee:49:6e:5e:57:
         a2:e3:ae:39:01:86:cf:b0:b2:47:03:e1:7d:53:8b:58:b1:7d:
         7a:e7:27:24:30:e3:66:b3:ca:85:da:38:48:42:8c:be:ee:74:
         56:ec:b0:4d:3f:51:38:3c:08:ab:64:c1:f7:de:ab:6e:15:36:
         51:2e:4a:8e:1e:a9:84:a1:51:0f:8d:b2:3b:a6:36:f0:5e:5a:
         84:7b:eb:b1:5b:04:61:2b:74:5b:84:4f:f5:94:ff:2b:59:8f:
         67:f8:a0:6a:0a:09:27:95:94:85:0d:91:7f:b5:b6:40:18:7a:
         5e:b8:14:f2:e0:f6:d9:66:57:0b:14:3d:06:f5:8a:a7:da:48:
         42:b9:55:e5:67:e8:eb:97:cf:3a:4d:4d:e4:7c:ca:7c:b5:eb:
         9e:60:82:90:da:50:ad:d4:b4:87:97:6c:48:a5:f5:c0:b8:86:
         07:aa:81:39:b8:d6:6e:30:d7:a4:4c:08:56:59:40:37:db:cb:
         f4:7d:c1:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu3zldcD7oTE5K+Pud9JrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjUwODIzMDcwMTMwWhcNMjUwODI0MDcwMTMwWjAzMTEwLwYDVQQD
Eyg0Y2JkY2Q0MDc5OWJlMDg3ZTI4MzUzZDBmYjc2ZGZlYmQ0OTE3ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGu1RCk+37clDo7HfVT0ileUWraH
O3y5V++A9XXTfLubFhCAyHgiF8kICUiK8u+lRk3IjqXGMlFxHnNWUpBh3dHsoagZ
b/CaNwLdUPtE8mfUglgJ8bz62DxJwr6Ip/g2eQl1bkpB5TW28JcsnUleEhvdNwIN
oB6c/VxZ1BmO7GKuZWjTz/FcESKY/A2Rx2g2ipvYMnwM3RSVC5K2a7KnvYNvTjlf
84NwUcox4ToO4PU+tNBIat/IbRoPwK3zMrvAScC3jJxA7xWRhxa95E7okObNxnNb
2zxSplEf7k5hTnuIdZluk+ac4wpkTMFXUWRbTULhOjgX+TYtYde92norGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEy9zUB5m+CH4oNT0Pt23+vUkX/sMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJqCaFa0
bh7nNw/EHz8qd1RVWmk2dFbX/k0khq/p5SIAnekz6uVBEMvUaYPbN6sL2XPgRPIi
VAGLp9jYuvdoToqmMu5Jbl5XouOuOQGGz7CyRwPhfVOLWLF9eucnJDDjZrPKhdo4
SEKMvu50VuywTT9RODwIq2TB996rbhU2US5Kjh6phKFRD42yO6Y28F5ahHvrsVsE
YSt0W4RP9ZT/K1mPZ/igagoJJ5WUhQ2Rf7W2QBh6XrgU8uD22WZXCxQ9BvWKp9pI
QrlV5Wfo65fPOk1N5HzKfLXrnmCCkNpQrdS0h5dsSKX1wLiGB6qBObjWbjDXpEwI
VllAN9vL9H3BcA==
-----END CERTIFICATE-----