Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          23uDeEbgZGy48NBC+ojD4OfoBc1YfByrqo929zyP1zE=
Subject key identifier:   31:B8:1C:DA:F9:0B:47:5C:DA:2D:5D:BB:10:9A:CC:F7:E2:01:27:D3
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       0198D4E04ADFC0DB6F18668FB0F4B64913EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          1392
Signing time:             Sat 23 Aug 2025 03:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:05 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: NpeoZqtcrCG+TmPVQI5e+zsfC+cWS6FEM1a6mM3408A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:4a:df:c0:db:6f:18:66:8f:b0:f4:b6:49:13:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Aug 23 03:02:05 2025 GMT
            Not After : Aug 24 03:02:05 2025 GMT
        Subject: CN=31b81cdaf90b475cda2d5dbb109accf7e20127d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ce:64:48:34:8b:12:32:0f:63:87:3f:e3:bb:
                    5e:58:cb:d0:f1:6a:3b:0b:ad:38:62:30:7e:10:a0:
                    91:33:1d:35:85:b6:6a:b7:a3:ac:5c:65:d4:89:47:
                    ec:37:0f:f8:77:42:81:c9:23:a7:9e:64:45:c0:8d:
                    2b:a5:0a:88:12:83:e6:60:63:fb:c4:91:aa:e5:05:
                    f7:23:a1:65:96:d9:87:3d:a7:a5:fe:ca:47:51:f0:
                    7d:96:ee:17:85:63:54:72:6f:25:57:12:72:84:c6:
                    3f:06:89:a8:fb:8c:ab:1c:eb:e4:28:15:e8:4e:1a:
                    34:6d:51:85:10:a6:3a:16:b5:95:3f:bd:6e:0a:d8:
                    f8:1a:d3:5d:70:cd:cb:d0:b3:25:f4:a0:8f:05:c0:
                    83:98:e0:40:5e:c7:61:49:7f:27:00:cf:fe:9e:d0:
                    1c:2a:44:e1:37:e6:7a:8f:03:65:51:60:5e:f9:d2:
                    ac:d9:06:d9:48:f3:18:a9:95:4b:73:57:ee:e1:44:
                    81:4a:97:ad:d0:01:72:4e:4c:cb:0b:a9:e2:c9:d8:
                    23:b6:54:5d:1a:5b:42:2b:97:63:96:9b:59:40:10:
                    9f:64:4b:ee:81:d6:3c:fb:1d:ab:5e:f4:c3:9d:8c:
                    2f:8e:50:fd:c6:36:9c:cb:cb:fb:17:f5:d9:2b:b1:
                    17:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B8:1C:DA:F9:0B:47:5C:DA:2D:5D:BB:10:9A:CC:F7:E2:01:27:D3
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:67:aa:b8:e3:20:97:8d:6d:9b:a7:39:da:a0:27:60:ef:3a:
         1f:70:93:e1:4f:f5:fc:15:81:5c:8e:3c:ab:bd:d2:ca:f9:3f:
         5b:1b:89:cc:ce:e6:a0:e7:0d:79:2b:49:1e:a5:b7:56:ca:47:
         8a:c9:5b:c7:9e:39:46:2e:22:c0:09:65:14:71:cc:d9:be:b2:
         f8:90:27:09:79:45:ec:a8:c7:cc:69:ab:ff:fc:74:67:dd:21:
         e8:1d:3a:72:f8:e1:c5:cb:52:c0:1a:dc:d8:2d:e1:5b:06:ed:
         0f:63:2d:d0:83:0e:72:25:2a:3d:ac:af:18:ff:f7:15:a9:e7:
         1c:46:24:24:31:65:0a:9f:5f:03:1a:23:4d:73:80:16:50:e2:
         6e:41:b6:bb:de:ca:97:a0:f9:92:da:f9:09:03:87:84:8c:e8:
         99:cb:fe:29:c4:73:15:45:6b:f0:7e:48:28:f2:76:cf:1a:db:
         da:b3:49:4a:3f:d9:54:93:08:6b:91:f0:db:2f:84:6a:31:12:
         12:03:96:ca:1f:8b:b4:6a:de:dc:80:7a:11:28:fa:66:c6:c8:
         27:ab:7c:6c:22:b7:17:e6:84:78:6c:9b:04:f7:aa:39:72:d1:
         b8:8c:f7:0b:00:1b:9b:a8:bb:d7:4c:2d:a4:74:20:51:6a:e7:
         fe:8a:4a:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4ErfwNtvGGaPsPS2SRPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwODIzMDMwMjA1WhcNMjUwODI0MDMwMjA1WjAzMTEwLwYDVQQD
EygzMWI4MWNkYWY5MGI0NzVjZGEyZDVkYmIxMDlhY2NmN2UyMDEyN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms5kSDSLEjIPY4c/47teWMvQ8Wo7
C604YjB+EKCRMx01hbZqt6OsXGXUiUfsNw/4d0KBySOnnmRFwI0rpQqIEoPmYGP7
xJGq5QX3I6FlltmHPael/spHUfB9lu4XhWNUcm8lVxJyhMY/Bomo+4yrHOvkKBXo
Tho0bVGFEKY6FrWVP71uCtj4GtNdcM3L0LMl9KCPBcCDmOBAXsdhSX8nAM/+ntAc
KkThN+Z6jwNlUWBe+dKs2QbZSPMYqZVLc1fu4USBSpet0AFyTkzLC6niydgjtlRd
GltCK5djlptZQBCfZEvugdY8+x2rXvTDnYwvjlD9xjacy8v7F/XZK7EXjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDG4HNr5C0dc2i1duxCazPfiASfTMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKmequOMg
l41tm6c52qAnYO86H3CT4U/1/BWBXI48q73Syvk/WxuJzM7moOcNeStJHqW3VspH
islbx545Ri4iwAllFHHM2b6y+JAnCXlF7KjHzGmr//x0Z90h6B06cvjhxctSwBrc
2C3hWwbtD2Mt0IMOciUqPayvGP/3FannHEYkJDFlCp9fAxojTXOAFlDibkG2u97K
l6D5ktr5CQOHhIzomcv+KcRzFUVr8H5IKPJ2zxrb2rNJSj/ZVJMIa5Hw2y+EajES
EgOWyh+LtGre3IB6ESj6ZsbIJ6t8bCK3F+aEeGybBPeqOXLRuIz3CwAbm6i710wt
pHQgUWrn/opKzQ==
-----END CERTIFICATE-----