Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
File:                     L97GcLeAw7-UAe8cEVodh_6PfHo.mft (raw, json)
Hash identifier:          8YBnlqPoGlHT9EdgtTSiCUkMFTjoVlEwerxH+PSZ1ew=
Subject key identifier:   8A:7C:56:22:96:EC:4A:44:76:3F:B9:A4:AE:E6:34:44:0B:84:B1:65
Authority key identifier: 2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A
Certificate issuer:       /CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
Certificate serial:       0198D4E090BFABDC9E88D3DE1807D7C62109
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
Manifest number:          0D29
Signing time:             Sat 23 Aug 2025 03:02:23 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:23 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:23 +0000
Files and hashes:         1: L97GcLeAw7-UAe8cEVodh_6PfHo.crl (hash: FSCJ4v2bBOP5sQyuR15554nTnYW0vZcX2VLPn4qJ0/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:90:bf:ab:dc:9e:88:d3:de:18:07:d7:c6:21:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
        Validity
            Not Before: Aug 23 03:02:23 2025 GMT
            Not After : Aug 24 03:02:23 2025 GMT
        Subject: CN=8a7c562296ec4a44763fb9a4aee634440b84b165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:36:f3:c5:8f:dc:b7:cc:e0:7f:36:52:25:f5:
                    d9:6e:64:94:dd:01:d5:e0:b5:fa:dc:a8:7e:15:c9:
                    ee:17:25:e8:df:71:cb:df:8e:46:22:bd:32:bd:f4:
                    dc:c4:1f:b1:57:23:2e:0c:31:25:bf:95:21:df:9a:
                    b9:b5:71:bc:7e:41:63:fa:7a:26:e6:f3:77:88:a0:
                    4c:01:7d:8f:a0:24:65:36:ba:67:c4:4e:ee:1e:5d:
                    a4:2a:bf:71:5f:6a:16:eb:a2:d3:9c:c1:98:dc:a0:
                    3a:e1:10:7b:80:cc:e3:01:4f:9f:41:61:da:91:8b:
                    a3:33:fb:d7:44:a9:14:51:a4:a9:9b:61:91:83:86:
                    d6:51:2d:f4:e4:7e:1d:85:dd:18:49:6c:df:4d:5c:
                    fa:e8:0a:31:57:8b:48:e3:b5:09:19:5d:b8:1e:c1:
                    f5:09:2f:e3:57:26:a9:fb:97:da:41:86:5c:23:ba:
                    bc:91:09:99:ba:9e:93:9b:d0:cb:0c:14:88:8c:80:
                    5e:e4:a7:55:bf:14:aa:aa:8d:52:22:43:8c:db:bd:
                    9f:09:50:28:65:e5:4e:4f:35:6f:38:50:33:42:34:
                    b7:52:c5:27:37:70:d7:53:ce:1b:e5:f9:cd:6b:62:
                    61:ea:6e:46:86:76:f4:3c:01:80:06:3f:14:41:1e:
                    b7:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:7C:56:22:96:EC:4A:44:76:3F:B9:A4:AE:E6:34:44:0B:84:B1:65
            X509v3 Authority Key Identifier:
                keyid:2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:8a:b4:20:d7:f3:41:39:23:01:38:7d:bd:7e:88:6c:63:ff:
         a0:5d:7b:b2:55:dd:a1:07:fd:62:31:6e:60:8c:3f:3e:32:6a:
         a1:e7:52:70:77:fa:41:35:4a:31:8e:56:fe:14:ff:d2:5c:68:
         70:7d:da:b2:69:80:e9:19:67:4e:9e:c1:0d:9a:d1:09:9d:77:
         85:c7:30:85:46:e8:8a:4b:ab:3c:c4:4d:7b:95:fa:31:6c:40:
         a8:01:ce:2c:48:7d:5f:72:e7:c0:08:34:6c:cd:09:6d:e5:ae:
         31:db:ba:d0:68:8a:38:fd:44:a3:0f:be:eb:dc:7e:68:7a:6f:
         8f:93:7f:93:7d:63:49:47:76:43:82:a8:5f:cf:86:70:bc:97:
         40:9a:71:8d:ef:92:48:4b:a4:d5:16:6d:e8:88:8e:1e:71:1b:
         1c:a3:43:e9:2a:0f:53:ac:67:4d:79:33:81:27:a5:0d:b5:fe:
         40:b2:55:09:9c:2d:f6:86:b8:a0:d6:7d:b2:b3:ce:c3:a6:58:
         c1:23:97:8b:0a:be:d3:c5:52:5b:d4:5a:19:62:cf:f9:1b:ce:
         f3:dd:b3:87:de:8f:06:e6:ba:9e:70:19:3a:65:c2:cd:51:6d:
         a6:73:b2:04:c5:c9:30:5c:e1:a3:b8:93:4c:0b:78:f3:cc:ef:
         59:ed:a0:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4JC/q9yeiNPeGAfXxiEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZGVjNjcwYjc4MGMzYmY5NDAxZWYxYzExNWExZDg3ZmU4
ZjdjN2EwHhcNMjUwODIzMDMwMjIzWhcNMjUwODI0MDMwMjIzWjAzMTEwLwYDVQQD
Eyg4YTdjNTYyMjk2ZWM0YTQ0NzYzZmI5YTRhZWU2MzQ0NDBiODRiMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDbzxY/ct8zgfzZSJfXZbmSU3QHV
4LX63Kh+FcnuFyXo33HL345GIr0yvfTcxB+xVyMuDDElv5Uh35q5tXG8fkFj+nom
5vN3iKBMAX2PoCRlNrpnxE7uHl2kKr9xX2oW66LTnMGY3KA64RB7gMzjAU+fQWHa
kYujM/vXRKkUUaSpm2GRg4bWUS305H4dhd0YSWzfTVz66AoxV4tI47UJGV24HsH1
CS/jVyap+5faQYZcI7q8kQmZup6Tm9DLDBSIjIBe5KdVvxSqqo1SIkOM272fCVAo
ZeVOTzVvOFAzQjS3UsUnN3DXU84b5fnNa2Jh6m5Ghnb0PAGABj8UQR63XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp8ViKW7EpEdj+5pK7mNEQLhLFlMB8GA1UdIwQY
MBaAFC/exnC3gMO/lAHvHBFaHYf+j3x6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQt
YWIxZDhlOTg0NGFmLzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQtYWIxZDhlOTg0NGFm
LzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb4q0INfz
QTkjATh9vX6IbGP/oF17slXdoQf9YjFuYIw/PjJqoedScHf6QTVKMY5W/hT/0lxo
cH3asmmA6RlnTp7BDZrRCZ13hccwhUboikurPMRNe5X6MWxAqAHOLEh9X3LnwAg0
bM0JbeWuMdu60GiKOP1Eow++69x+aHpvj5N/k31jSUd2Q4KoX8+GcLyXQJpxje+S
SEuk1RZt6IiOHnEbHKND6SoPU6xnTXkzgSelDbX+QLJVCZwt9oa4oNZ9srPOw6ZY
wSOXiwq+08VSW9RaGWLP+RvO892zh96PBua6nnAZOmXCzVFtpnOyBMXJMFzho7iT
TAt488zvWe2gfQ==
-----END CERTIFICATE-----