Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
File:                     AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft (raw, json)
Hash identifier:          mx+T6i7iC8NhpnjmGc5Rtam++5wm47KE9vTqXhVW1r4=
Subject key identifier:   D8:62:45:D0:55:42:F6:2E:9A:4C:85:7E:B1:0F:A3:9E:15:CA:51:59
Authority key identifier: 00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
Certificate issuer:       /CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Certificate serial:       0198D583BAAC27B6806806B0B37ED6711CCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
Manifest number:          0F0C
Signing time:             Sat 23 Aug 2025 06:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:36 +0000
Files and hashes:         1: AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl (hash: hbPkJHXJZ53r1iKIoppPmA5MVvfichwvbBbaOQgp85A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:ba:ac:27:b6:80:68:06:b0:b3:7e:d6:71:1c:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0008589496bf86d2d0f8874b76cac843025bcd3b
        Validity
            Not Before: Aug 23 06:00:36 2025 GMT
            Not After : Aug 24 06:00:36 2025 GMT
        Subject: CN=d86245d05542f62e9a4c857eb10fa39e15ca5159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:98:0d:87:81:6e:b8:e0:86:51:20:7c:01:62:
                    c0:79:7f:36:51:ee:5c:52:64:75:f3:02:40:49:fc:
                    8f:b4:45:f8:45:c1:4a:f1:75:bd:bd:a2:66:0d:56:
                    be:6b:79:c9:67:d8:e0:0b:57:85:a8:f9:79:4d:14:
                    8c:3c:61:85:b2:1b:36:44:c9:be:d0:8e:d2:cc:95:
                    c6:9d:70:cf:e2:d0:bc:e4:05:04:71:fc:dd:de:92:
                    55:a7:86:d7:ac:2c:ab:59:3d:3b:c8:e6:32:13:1b:
                    95:db:74:42:bb:32:3c:ef:f3:d7:ba:b1:fd:d8:97:
                    88:e1:a8:39:5a:1b:e6:49:a7:b6:fb:dd:da:82:78:
                    b2:ad:de:1a:fb:ab:ba:6a:a0:b1:24:48:25:32:ef:
                    ed:49:15:fa:00:99:a7:27:c9:f9:88:d4:45:73:24:
                    17:1a:ce:4e:c6:dc:9d:b5:8e:6b:8c:84:1b:42:b0:
                    15:8c:39:a5:49:1d:b0:00:5c:fa:47:2b:e2:23:ea:
                    67:19:57:25:08:ed:a5:f2:d2:8e:e4:0e:e0:42:05:
                    21:31:ed:56:fd:09:89:6c:4b:5d:cb:75:a5:83:bc:
                    e1:5b:bd:e2:1e:b5:08:6e:d9:37:cf:87:63:23:a1:
                    ae:a2:96:e1:1a:6d:be:a6:6c:c1:16:5f:ab:f4:00:
                    b7:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:62:45:D0:55:42:F6:2E:9A:4C:85:7E:B1:0F:A3:9E:15:CA:51:59
            X509v3 Authority Key Identifier:
                keyid:00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:98:07:97:22:13:b0:b9:ca:f3:56:81:f8:f4:40:f9:2e:12:
         3b:6c:a5:eb:8f:a1:27:53:3c:e9:d2:e8:eb:88:11:26:15:61:
         18:2c:c5:be:7c:72:dd:51:87:33:b6:3c:72:e0:98:c2:c3:52:
         2a:b6:4a:81:e7:b7:6a:a1:13:de:82:99:9b:1f:0c:be:2a:26:
         f4:92:83:c9:7d:fe:e2:44:8d:af:b4:5b:06:8b:7b:e0:b1:af:
         c1:18:7f:7e:33:49:cf:a0:5e:2a:15:80:3b:e8:c2:f9:13:15:
         54:1a:9d:75:e9:75:8e:85:e6:63:38:52:75:18:47:a2:35:a9:
         63:e5:c2:78:8f:90:eb:d7:f9:d7:7c:84:5e:36:d1:f5:a4:3f:
         6d:8a:56:e3:f8:de:28:63:58:67:df:4e:ec:2d:27:2f:4b:d5:
         1f:ba:1e:e7:12:27:40:34:f2:78:53:19:4c:d8:68:95:0c:4b:
         4d:57:3a:97:09:e5:9d:39:8c:38:b4:89:86:2e:10:5b:ff:bd:
         97:3d:af:97:f9:61:ab:30:e4:a1:1d:16:45:f9:7f:c6:70:67:
         37:d8:76:e2:ed:f5:47:e7:e5:34:0e:0c:30:1d:bd:28:f7:3f:
         2e:84:20:12:27:19:7d:aa:0c:0a:e8:bb:a7:a7:76:af:75:6d:
         e6:c4:52:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg7qsJ7aAaAaws37WcRzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDg1ODk0OTZiZjg2ZDJkMGY4ODc0Yjc2Y2FjODQzMDI1
YmNkM2IwHhcNMjUwODIzMDYwMDM2WhcNMjUwODI0MDYwMDM2WjAzMTEwLwYDVQQD
EyhkODYyNDVkMDU1NDJmNjJlOWE0Yzg1N2ViMTBmYTM5ZTE1Y2E1MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJgNh4FuuOCGUSB8AWLAeX82Ue5c
UmR18wJASfyPtEX4RcFK8XW9vaJmDVa+a3nJZ9jgC1eFqPl5TRSMPGGFshs2RMm+
0I7SzJXGnXDP4tC85AUEcfzd3pJVp4bXrCyrWT07yOYyExuV23RCuzI87/PXurH9
2JeI4ag5WhvmSae2+93agniyrd4a+6u6aqCxJEglMu/tSRX6AJmnJ8n5iNRFcyQX
Gs5OxtydtY5rjIQbQrAVjDmlSR2wAFz6RyviI+pnGVclCO2l8tKO5A7gQgUhMe1W
/QmJbEtdy3Wlg7zhW73iHrUIbtk3z4djI6GuopbhGm2+pmzBFl+r9AC3FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhiRdBVQvYumkyFfrEPo54VylFZMB8GA1UdIwQY
MBaAFAAIWJSWv4bS0PiHS3bKyEMCW807MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEt
NmJlMmY0ZDI0Yzk2LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2
LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5gHlyIT
sLnK81aB+PRA+S4SO2yl64+hJ1M86dLo64gRJhVhGCzFvnxy3VGHM7Y8cuCYwsNS
KrZKgee3aqET3oKZmx8Mviom9JKDyX3+4kSNr7RbBot74LGvwRh/fjNJz6BeKhWA
O+jC+RMVVBqddel1joXmYzhSdRhHojWpY+XCeI+Q69f513yEXjbR9aQ/bYpW4/je
KGNYZ99O7C0nL0vVH7oe5xInQDTyeFMZTNholQxLTVc6lwnlnTmMOLSJhi4QW/+9
lz2vl/lhqzDkoR0WRfl/xnBnN9h24u31R+flNA4MMB29KPc/LoQgEicZfaoMCui7
p6d2r3Vt5sRSZg==
-----END CERTIFICATE-----