Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
File:                     a_CO0PpuGTufOlC_cmtB0MMpspc.mft (raw, json)
Hash identifier:          AA1MGE9W+5Yx5CVtniu57QGNMkX1KZeG6vh/WQE2U1U=
Subject key identifier:   4F:EA:D9:3F:D7:3D:99:E9:DF:3C:DB:A6:F9:10:8C:63:22:EE:55:4E
Authority key identifier: 6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97
Certificate issuer:       /CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
Certificate serial:       0198D5F1701B893B12F0319821F423C6EFF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
Manifest number:          0239
Signing time:             Sat 23 Aug 2025 08:00:26 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:26 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:26 +0000
Files and hashes:         1: a_CO0PpuGTufOlC_cmtB0MMpspc.crl (hash: vS+1dJuD/yXgkihO78ZovTXcRXeTWTC4Z4keZv5jzZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:70:1b:89:3b:12:f0:31:98:21:f4:23:c6:ef:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
        Validity
            Not Before: Aug 23 08:00:26 2025 GMT
            Not After : Aug 24 08:00:26 2025 GMT
        Subject: CN=4fead93fd73d99e9df3cdba6f9108c6322ee554e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f6:43:ec:6c:39:89:bf:49:82:cf:01:6c:6c:
                    f0:9c:08:11:99:5c:77:17:25:79:a5:50:02:d4:c1:
                    e9:0d:b8:19:26:8e:24:25:35:ac:ea:2f:fd:56:82:
                    57:5c:1c:f6:00:87:ca:ff:7e:61:87:a3:0b:a3:98:
                    00:7f:37:e0:6c:0e:a3:27:4a:c0:19:b1:bf:bb:6e:
                    a1:84:b3:f6:11:59:ec:87:14:75:2f:6e:7b:d0:3d:
                    0a:30:59:33:10:f6:f8:40:fc:b1:5c:59:09:3c:7f:
                    ce:f2:84:49:08:0e:bb:ba:88:fc:c6:b3:3e:6d:e9:
                    96:22:c4:15:ed:49:1d:76:40:5e:3f:80:c2:0d:9d:
                    df:e9:d1:45:3e:c2:56:ba:a4:f4:f1:9d:b9:37:78:
                    c8:22:51:13:3a:21:b1:a8:95:e5:cf:41:c7:cf:15:
                    37:fa:7c:44:1e:35:04:ac:82:c8:34:49:2e:cc:6f:
                    9c:51:af:b8:92:88:61:cf:03:0b:66:bd:55:a9:fa:
                    25:0c:2a:97:84:de:76:8a:41:26:5a:85:60:29:45:
                    ec:a5:6b:e5:39:68:9a:af:ae:59:6e:c5:e1:97:c3:
                    27:f4:d3:2e:c5:8c:d9:1f:cd:47:2b:71:24:32:1f:
                    f6:2b:f9:0d:42:79:65:90:6c:a3:9d:1c:83:7d:d4:
                    cc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:EA:D9:3F:D7:3D:99:E9:DF:3C:DB:A6:F9:10:8C:63:22:EE:55:4E
            X509v3 Authority Key Identifier:
                keyid:6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:4d:1c:a6:28:30:c6:a8:18:1b:27:60:82:ec:fe:bd:42:66:
         a5:5e:e9:b3:89:a2:fc:25:c3:10:5e:9c:fa:83:a2:bb:88:1e:
         c9:59:90:29:18:f9:51:4c:cb:f9:f5:08:10:77:41:b8:77:29:
         39:dd:4f:0c:b0:3e:f4:71:f0:f8:2d:72:f3:1b:aa:87:e6:39:
         ce:d6:0e:60:aa:3d:5f:98:c9:96:67:33:a8:d8:19:73:71:ad:
         b1:a4:4a:de:94:65:64:ef:81:bf:48:10:79:03:ed:16:82:14:
         fe:b6:7a:bf:1c:66:65:04:d4:5b:68:76:15:16:f4:3f:0c:c7:
         73:92:dd:bd:6b:ff:85:1a:b1:bd:a1:76:c1:2e:0b:46:f3:20:
         f9:c2:ad:11:67:bd:1c:b1:32:4b:51:5d:c1:f9:75:f8:6d:66:
         41:5a:ad:8d:cc:3b:b2:d6:1c:ca:61:60:37:60:62:92:e7:8a:
         a9:44:67:01:c2:2d:53:ba:50:f7:d8:17:06:75:db:57:76:c8:
         5b:a9:42:20:11:8b:86:00:b5:5b:65:58:67:56:b8:49:aa:a6:
         b5:0b:fb:62:01:97:96:a7:a3:cf:db:13:97:82:f7:1c:17:3e:
         cb:f4:9e:ac:48:9b:69:d0:fa:47:3c:93:b0:8f:50:d2:0c:db:
         c2:85:c4:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8XAbiTsS8DGYIfQjxu/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZjA4ZWQwZmE2ZTE5M2I5ZjNhNTBiZjcyNmI0MWQwYzMy
OWIyOTcwHhcNMjUwODIzMDgwMDI2WhcNMjUwODI0MDgwMDI2WjAzMTEwLwYDVQQD
Eyg0ZmVhZDkzZmQ3M2Q5OWU5ZGYzY2RiYTZmOTEwOGM2MzIyZWU1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfZD7Gw5ib9Jgs8BbGzwnAgRmVx3
FyV5pVAC1MHpDbgZJo4kJTWs6i/9VoJXXBz2AIfK/35hh6MLo5gAfzfgbA6jJ0rA
GbG/u26hhLP2EVnshxR1L2570D0KMFkzEPb4QPyxXFkJPH/O8oRJCA67uoj8xrM+
bemWIsQV7UkddkBeP4DCDZ3f6dFFPsJWuqT08Z25N3jIIlETOiGxqJXlz0HHzxU3
+nxEHjUErILINEkuzG+cUa+4kohhzwMLZr1VqfolDCqXhN52ikEmWoVgKUXspWvl
OWiar65ZbsXhl8Mn9NMuxYzZH81HK3EkMh/2K/kNQnllkGyjnRyDfdTMswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/q2T/XPZnp3zzbpvkQjGMi7lVOMB8GA1UdIwQY
MBaAFGvwjtD6bhk7nzpQv3JrQdDDKbKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUt
M2Q0MjA1ZjVlMmQzLzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUtM2Q0MjA1ZjVlMmQz
LzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuk0cpigw
xqgYGydgguz+vUJmpV7ps4mi/CXDEF6c+oOiu4geyVmQKRj5UUzL+fUIEHdBuHcp
Od1PDLA+9HHw+C1y8xuqh+Y5ztYOYKo9X5jJlmczqNgZc3GtsaRK3pRlZO+Bv0gQ
eQPtFoIU/rZ6vxxmZQTUW2h2FRb0PwzHc5LdvWv/hRqxvaF2wS4LRvMg+cKtEWe9
HLEyS1Fdwfl1+G1mQVqtjcw7stYcymFgN2BikueKqURnAcItU7pQ99gXBnXbV3bI
W6lCIBGLhgC1W2VYZ1a4SaqmtQv7YgGXlqejz9sTl4L3HBc+y/SerEibadD6RzyT
sI9Q0gzbwoXEFA==
-----END CERTIFICATE-----