Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          42FobI8iDXK8CU8pZdTg9tucHUMW/oy5vQKSGCIes14=
Subject key identifier:   1B:02:87:3A:90:40:A0:B9:C4:F7:5E:53:87:27:00:C8:E4:1C:89:D5
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       0198D5BB9C013FA0E1EA4291E71C7301DD80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0B8E
Signing time:             Sat 23 Aug 2025 07:01:38 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:38 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:38 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: HHlwRnOPw5feR+vefIJrQPtLyqt2xF2TYmfdg4wOFc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:9c:01:3f:a0:e1:ea:42:91:e7:1c:73:01:dd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Aug 23 07:01:38 2025 GMT
            Not After : Aug 24 07:01:38 2025 GMT
        Subject: CN=1b02873a9040a0b9c4f75e53872700c8e41c89d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c8:ef:8c:3d:38:55:2b:18:ff:81:fa:74:f0:
                    f0:65:65:34:84:fb:fc:3b:05:47:12:6f:36:0e:57:
                    76:f2:23:37:c5:3e:38:69:e0:d0:20:4c:5e:a6:3d:
                    46:94:ff:6b:2e:e4:8a:0d:a0:e9:5b:0e:94:a2:77:
                    80:be:3c:07:da:84:0d:e6:67:52:6f:28:61:be:00:
                    d4:e3:65:d8:c5:5f:94:7c:d8:89:22:d7:54:d7:f7:
                    a7:1d:da:e4:6a:e4:84:c2:71:df:3e:db:b2:c6:c0:
                    41:6f:65:de:83:00:22:c9:2a:3c:fe:00:c6:31:db:
                    9d:09:e5:87:d6:c3:43:05:7b:c7:ac:b6:ed:47:9c:
                    89:8f:3d:b3:82:df:9f:20:ee:e3:21:4f:c2:0a:8d:
                    95:36:0d:05:a3:c9:9e:ef:08:dd:e9:23:dd:6a:fd:
                    ad:6c:10:e8:b9:ba:27:68:33:c9:8e:9e:52:d3:a2:
                    4d:81:cc:72:1c:7e:e8:d7:35:0b:d3:57:8b:c6:98:
                    06:64:3c:7c:07:dc:79:34:bb:f2:b7:34:b9:75:14:
                    f9:bb:1a:93:76:18:0e:5f:f1:aa:e4:1f:f0:f2:ed:
                    f8:6a:99:52:2d:0e:80:92:59:a6:18:68:cd:e5:6c:
                    cf:28:9a:6d:84:2e:f8:a2:ae:3e:4c:99:0b:74:ae:
                    c2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:02:87:3A:90:40:A0:B9:C4:F7:5E:53:87:27:00:C8:E4:1C:89:D5
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:22:ff:76:88:9a:76:6c:ae:b4:7a:19:7e:c1:fc:09:66:3a:
         a0:89:9d:cb:56:8f:f4:91:54:11:1b:c5:a7:12:34:d5:f6:fe:
         3a:ea:da:f6:86:a7:a4:85:eb:1d:04:62:ac:54:c4:15:c5:0d:
         b5:4b:bf:5a:d1:36:d3:0d:fb:c3:0c:9f:d2:2d:71:27:22:cf:
         24:0f:15:96:59:f9:20:19:79:9b:58:80:4d:8a:a0:99:4c:13:
         9a:f9:29:e3:53:57:68:07:51:05:89:8a:ab:3d:93:1a:7e:69:
         26:52:dd:47:23:0f:50:4f:07:2b:11:57:a5:b1:4a:63:87:f4:
         7b:98:86:ed:8b:b8:b2:3b:a7:a4:09:b8:de:df:71:b0:f6:95:
         eb:0e:40:30:b4:b9:72:8b:0f:f7:96:56:5e:b4:b8:fa:f0:15:
         0b:9b:eb:39:c9:d5:50:ef:52:7b:56:f0:15:05:ee:7f:7e:5b:
         5a:01:5c:dc:44:67:f1:a9:b3:d5:ac:77:6a:a6:00:17:6a:ce:
         2d:e7:b0:db:99:8e:16:f3:62:0b:ac:69:43:57:b7:4d:2b:3d:
         f2:cd:b9:60:7b:e0:63:11:48:ae:87:cb:ae:03:07:3e:61:b0:
         92:1e:be:55:41:ee:99:66:3a:ac:cc:aa:f7:92:62:d9:8d:07:
         bb:c7:5c:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu5wBP6Dh6kKR5xxzAd2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUwODIzMDcwMTM4WhcNMjUwODI0MDcwMTM4WjAzMTEwLwYDVQQD
EygxYjAyODczYTkwNDBhMGI5YzRmNzVlNTM4NzI3MDBjOGU0MWM4OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscjvjD04VSsY/4H6dPDwZWU0hPv8
OwVHEm82Dld28iM3xT44aeDQIExepj1GlP9rLuSKDaDpWw6UoneAvjwH2oQN5mdS
byhhvgDU42XYxV+UfNiJItdU1/enHdrkauSEwnHfPtuyxsBBb2XegwAiySo8/gDG
MdudCeWH1sNDBXvHrLbtR5yJjz2zgt+fIO7jIU/CCo2VNg0Fo8me7wjd6SPdav2t
bBDoubonaDPJjp5S06JNgcxyHH7o1zUL01eLxpgGZDx8B9x5NLvytzS5dRT5uxqT
dhgOX/Gq5B/w8u34aplSLQ6AklmmGGjN5WzPKJpthC74oq4+TJkLdK7CIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsChzqQQKC5xPdeU4cnAMjkHInVMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjiL/doia
dmyutHoZfsH8CWY6oImdy1aP9JFUERvFpxI01fb+Oura9oanpIXrHQRirFTEFcUN
tUu/WtE20w37wwyf0i1xJyLPJA8Vlln5IBl5m1iATYqgmUwTmvkp41NXaAdRBYmK
qz2TGn5pJlLdRyMPUE8HKxFXpbFKY4f0e5iG7Yu4sjunpAm43t9xsPaV6w5AMLS5
cosP95ZWXrS4+vAVC5vrOcnVUO9Se1bwFQXuf35bWgFc3ERn8amz1ax3aqYAF2rO
Leew25mOFvNiC6xpQ1e3TSs98s25YHvgYxFIrofLrgMHPmGwkh6+VUHumWY6rMyq
95Ji2Y0Hu8dcLw==
-----END CERTIFICATE-----