Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
File:                     a1xW3Y1JexBoE6IloYFxST7jKoU.mft (raw, json)
Hash identifier:          KpFbu/rUlnkJcmQyAlsRbM9a5S5vcTTJs3FqEJc+EEA=
Subject key identifier:   20:F0:73:C5:28:28:42:4C:89:5A:50:2B:4D:50:DC:0D:B1:C1:AD:2D
Authority key identifier: 6B:5C:56:DD:8D:49:7B:10:68:13:A2:25:A1:81:71:49:3E:E3:2A:85
Certificate issuer:       /CN=6b5c56dd8d497b106813a225a18171493ee32a85
Certificate serial:       0198D583DCD001988F6C69941A230E1A1719
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
Manifest number:          8A
Signing time:             Sat 23 Aug 2025 06:00:45 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:45 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:45 +0000
Files and hashes:         1: a1xW3Y1JexBoE6IloYFxST7jKoU.crl (hash: WXAPJh1dgirONKSFzNeIj5ISF51aiL/I8Sj4OEaNLOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:dc:d0:01:98:8f:6c:69:94:1a:23:0e:1a:17:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5c56dd8d497b106813a225a18171493ee32a85
        Validity
            Not Before: Aug 23 06:00:45 2025 GMT
            Not After : Aug 24 06:00:45 2025 GMT
        Subject: CN=20f073c52828424c895a502b4d50dc0db1c1ad2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:03:3f:23:6c:1c:fd:02:36:cd:cd:a8:1b:10:
                    39:67:67:75:14:b0:cc:82:26:b2:aa:5b:8a:ce:9e:
                    88:a7:a4:ce:58:ff:c4:b0:5a:a7:22:b6:0d:93:21:
                    cd:1e:33:5f:31:e6:84:74:2f:43:7b:b8:a8:3a:f8:
                    a9:63:8b:10:b0:c9:28:15:be:08:78:a2:52:a0:09:
                    6c:73:67:30:8b:85:0a:a6:6b:8e:8e:ea:18:f7:66:
                    8c:da:06:e4:08:e4:ae:ed:1a:ac:88:61:48:cb:0f:
                    11:2d:e1:cc:e7:38:fd:fb:13:d4:49:c5:1e:f9:f7:
                    6c:88:e5:6e:ac:24:47:7f:e4:5f:95:80:36:5e:22:
                    6c:80:a2:f9:79:e6:eb:e9:c2:ec:61:f3:b1:83:36:
                    34:26:87:a4:a4:db:24:cb:2d:12:31:69:60:aa:ee:
                    4b:ca:28:dc:65:bf:da:72:62:e1:67:62:04:13:2f:
                    fd:74:e0:6e:0a:e4:e2:6d:25:10:13:f0:8c:fe:a1:
                    df:24:50:42:b0:58:99:ee:47:d6:3e:9e:5a:e4:82:
                    79:bc:69:af:61:24:d2:89:2d:84:ec:dd:bc:56:37:
                    7e:cc:29:8e:36:22:34:fe:20:83:d4:1d:85:ed:ee:
                    52:48:74:4d:38:54:23:08:51:01:19:1a:0d:f6:c7:
                    9e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F0:73:C5:28:28:42:4C:89:5A:50:2B:4D:50:DC:0D:B1:C1:AD:2D
            X509v3 Authority Key Identifier:
                keyid:6B:5C:56:DD:8D:49:7B:10:68:13:A2:25:A1:81:71:49:3E:E3:2A:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:3b:a7:5c:7b:dd:3c:df:fe:88:80:52:03:23:c6:3c:69:bb:
         9a:2f:60:54:42:e3:58:44:9b:71:1d:01:28:5a:ad:25:7b:b2:
         fd:3c:a3:4d:03:03:b0:6b:59:7e:5b:bb:74:2e:69:54:1e:51:
         b0:03:05:e9:3d:35:5b:61:1c:86:04:8c:76:e5:23:1f:67:77:
         bc:4b:1e:e0:98:cf:ac:10:9b:7d:52:41:7e:dd:b0:02:3a:9b:
         d7:da:53:20:f0:f9:fd:9e:29:24:a6:34:ab:89:f8:54:04:4f:
         58:bd:69:de:5f:dc:20:3e:d7:9b:1f:a7:05:af:2e:31:c0:d7:
         28:ec:16:f4:1b:17:66:a7:bc:0d:74:5d:f2:f7:95:01:d8:e8:
         2c:1d:02:28:30:5c:2e:e4:bf:4e:b6:e7:a7:5e:88:c6:7a:c7:
         6f:69:f7:ab:1d:97:4b:f8:36:5b:8d:b2:37:12:76:13:0c:0b:
         5e:87:69:74:6c:d2:e0:ef:02:8e:55:a3:90:99:82:b3:30:72:
         f9:43:3a:af:25:8e:1d:05:d7:d1:27:70:e0:ea:c2:5c:00:7b:
         2a:ce:07:f4:a7:ca:92:d5:02:51:b0:cb:93:ff:82:be:56:a7:
         0c:9e:4b:c4:6c:0a:9f:d4:c6:32:bb:1a:1c:ff:09:44:65:68:
         12:53:bc:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg9zQAZiPbGmUGiMOGhcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWM1NmRkOGQ0OTdiMTA2ODEzYTIyNWExODE3MTQ5M2Vl
MzJhODUwHhcNMjUwODIzMDYwMDQ1WhcNMjUwODI0MDYwMDQ1WjAzMTEwLwYDVQQD
EygyMGYwNzNjNTI4Mjg0MjRjODk1YTUwMmI0ZDUwZGMwZGIxYzFhZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywM/I2wc/QI2zc2oGxA5Z2d1FLDM
giayqluKzp6Ip6TOWP/EsFqnIrYNkyHNHjNfMeaEdC9De7ioOvipY4sQsMkoFb4I
eKJSoAlsc2cwi4UKpmuOjuoY92aM2gbkCOSu7RqsiGFIyw8RLeHM5zj9+xPUScUe
+fdsiOVurCRHf+RflYA2XiJsgKL5eebr6cLsYfOxgzY0JoekpNskyy0SMWlgqu5L
yijcZb/acmLhZ2IEEy/9dOBuCuTibSUQE/CM/qHfJFBCsFiZ7kfWPp5a5IJ5vGmv
YSTSiS2E7N28Vjd+zCmONiI0/iCD1B2F7e5SSHRNOFQjCFEBGRoN9seejwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDwc8UoKEJMiVpQK01Q3A2xwa0tMB8GA1UdIwQY
MBaAFGtcVt2NSXsQaBOiJaGBcUk+4yqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xYTUzMGYtZWZlMy00ZDhiLTkwM2Et
YTcxMzZhMTQ1ZjFjLzEvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xYTUzMGYtZWZlMy00ZDhiLTkwM2EtYTcxMzZhMTQ1ZjFj
LzEvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApjunXHvd
PN/+iIBSAyPGPGm7mi9gVELjWESbcR0BKFqtJXuy/TyjTQMDsGtZflu7dC5pVB5R
sAMF6T01W2EchgSMduUjH2d3vEse4JjPrBCbfVJBft2wAjqb19pTIPD5/Z4pJKY0
q4n4VARPWL1p3l/cID7Xmx+nBa8uMcDXKOwW9BsXZqe8DXRd8veVAdjoLB0CKDBc
LuS/Trbnp16IxnrHb2n3qx2XS/g2W42yNxJ2EwwLXodpdGzS4O8CjlWjkJmCszBy
+UM6ryWOHQXX0Sdw4OrCXAB7Ks4H9KfKktUCUbDLk/+CvlanDJ5LxGwKn9TGMrsa
HP8JRGVoElO8HQ==
-----END CERTIFICATE-----