Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          nmucz3xK5iIYcfmPGlYifRIIw2JEo6iHWAnzwY2cEG4=
Subject key identifier:   62:BA:D5:42:48:30:3B:F7:92:E6:92:11:7C:B8:B9:66:9E:63:20:3E
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       0197B70F6513D5FFAD6E612BC57D3A886005
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          12FE
Signing time:             Sat 28 Jun 2025 15:02:08 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:08 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:08 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: qPjVtZz/o7PTlqI65+57IVi8SDuSuwbku/GRnwQX4jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:65:13:d5:ff:ad:6e:61:2b:c5:7d:3a:88:60:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Jun 28 15:02:08 2025 GMT
            Not After : Jun 29 15:02:08 2025 GMT
        Subject: CN=62bad54248303bf792e692117cb8b9669e63203e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5e:64:28:d9:dd:72:ad:96:d6:96:f8:f7:aa:
                    a0:f2:ee:b2:2f:3c:15:61:dd:8a:09:71:fa:9f:3a:
                    b6:77:d7:1a:90:62:0f:19:5c:e9:05:2c:11:c8:e0:
                    96:5c:40:5c:02:13:98:3d:55:1d:6c:b5:ec:1b:7d:
                    b5:bf:3b:0b:f7:d8:57:94:41:5e:66:a3:ec:47:4b:
                    23:82:22:16:66:65:71:86:16:59:5a:64:9e:77:3b:
                    9d:d9:ae:f1:a3:20:e7:fa:15:1a:13:e4:e3:a9:b1:
                    6b:26:9e:a3:7d:59:b6:3e:b3:d1:5d:ad:81:0f:04:
                    f2:7e:37:80:14:91:5b:e4:71:23:24:d4:d0:01:a1:
                    af:10:24:68:e4:ec:d4:1f:eb:0e:ed:89:fe:e4:fe:
                    18:64:a6:e6:c4:18:96:5d:b7:a0:4c:4f:92:d6:f1:
                    70:3c:15:39:b5:95:7d:54:a3:2f:54:40:09:c6:b5:
                    76:3e:69:70:33:45:30:f3:47:5e:ef:97:26:80:90:
                    32:be:72:63:6c:31:f9:a5:c2:d1:19:99:87:7e:52:
                    a0:b8:35:49:ac:fa:39:a0:7c:79:8c:aa:24:0a:30:
                    2f:c7:5a:2b:5c:59:34:9c:3f:35:69:59:6b:44:cb:
                    d8:33:98:80:d3:e5:b3:43:18:53:f7:46:c6:cf:91:
                    3b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:BA:D5:42:48:30:3B:F7:92:E6:92:11:7C:B8:B9:66:9E:63:20:3E
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:82:63:21:aa:3e:79:bf:a1:e7:f7:5c:e3:88:05:c6:9c:e4:
         f8:4c:2f:b2:db:5d:7b:17:7e:a9:45:bd:b8:92:0b:38:c5:ee:
         1a:e0:3f:06:5b:18:f8:6e:c6:ba:39:35:29:2a:81:10:3d:da:
         73:e0:ec:2b:4a:d9:b1:24:10:c6:3f:19:f6:8a:f9:b7:ce:d0:
         7f:e3:c2:b2:10:47:45:ab:bc:1f:47:ad:6b:1e:40:8a:07:c5:
         55:f7:a8:9a:31:cd:3a:12:cd:48:95:51:a6:cd:21:6d:9e:26:
         1e:5e:71:96:da:ae:32:11:5f:1c:67:75:ff:67:53:75:f5:18:
         ad:e2:82:2c:f9:42:1e:37:59:39:3f:17:85:80:d2:79:7b:d3:
         f0:3c:04:22:29:bd:0a:04:8c:b7:ee:d2:e5:82:9e:9e:55:38:
         aa:b4:85:83:0d:5a:34:ad:e5:89:d8:0e:17:75:4e:86:b6:9c:
         e5:c3:4b:b7:cf:58:1c:53:84:30:2e:d6:0f:5f:32:6b:74:0a:
         d4:ce:00:16:39:14:86:35:03:78:b4:1f:35:0c:51:60:18:de:
         38:23:1b:94:d2:b9:11:73:b7:8d:fe:03:87:c5:8a:2c:cb:1c:
         f4:cc:9d:ca:72:a3:e0:ea:8a:13:2b:9a:75:a4:64:7d:0b:91:
         95:ba:70:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D2UT1f+tbmErxX06iGAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwNjI4MTUwMjA4WhcNMjUwNjI5MTUwMjA4WjAzMTEwLwYDVQQD
Eyg2MmJhZDU0MjQ4MzAzYmY3OTJlNjkyMTE3Y2I4Yjk2NjllNjMyMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5kKNndcq2W1pb496qg8u6yLzwV
Yd2KCXH6nzq2d9cakGIPGVzpBSwRyOCWXEBcAhOYPVUdbLXsG321vzsL99hXlEFe
ZqPsR0sjgiIWZmVxhhZZWmSedzud2a7xoyDn+hUaE+TjqbFrJp6jfVm2PrPRXa2B
DwTyfjeAFJFb5HEjJNTQAaGvECRo5OzUH+sO7Yn+5P4YZKbmxBiWXbegTE+S1vFw
PBU5tZV9VKMvVEAJxrV2PmlwM0Uw80de75cmgJAyvnJjbDH5pcLRGZmHflKguDVJ
rPo5oHx5jKokCjAvx1orXFk0nD81aVlrRMvYM5iA0+WzQxhT90bGz5E7+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGK61UJIMDv3kuaSEXy4uWaeYyA+MB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADoJjIao+
eb+h5/dc44gFxpzk+Ewvsttdexd+qUW9uJILOMXuGuA/BlsY+G7Gujk1KSqBED3a
c+DsK0rZsSQQxj8Z9or5t87Qf+PCshBHRau8H0etax5AigfFVfeomjHNOhLNSJVR
ps0hbZ4mHl5xltquMhFfHGd1/2dTdfUYreKCLPlCHjdZOT8XhYDSeXvT8DwEIim9
CgSMt+7S5YKenlU4qrSFgw1aNK3lidgOF3VOhrac5cNLt89YHFOEMC7WD18ya3QK
1M4AFjkUhjUDeLQfNQxRYBjeOCMblNK5EXO3jf4Dh8WKLMsc9MydynKj4OqKEyua
daRkfQuRlbpwIw==
-----END CERTIFICATE-----