Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          6GyBNnsI/wwtJrvFZeDfOZBhY8vz5SE9g4rKbqlAV30=
Subject key identifier:   BC:82:B8:06:2B:1A:15:9A:89:13:BF:78:C5:7C:27:18:07:1D:12:F3
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       0197B70E82D9307CB19A651C6AA51E45A968
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0A95
Signing time:             Sat 28 Jun 2025 15:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:10 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: hyFpXGgW5UOtnmNGLaQ9tXWyOVeHkC98Q5PP+mMp/7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:82:d9:30:7c:b1:9a:65:1c:6a:a5:1e:45:a9:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Jun 28 15:01:10 2025 GMT
            Not After : Jun 29 15:01:10 2025 GMT
        Subject: CN=bc82b8062b1a159a8913bf78c57c2718071d12f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:18:57:47:50:76:64:cd:ba:9d:9c:a0:40:5b:
                    69:d2:5d:4b:2d:a3:c1:cb:f6:89:33:64:ee:ae:1b:
                    5d:0a:cb:a7:c5:1b:20:99:32:60:44:8e:60:cc:7a:
                    e6:eb:df:b0:3d:7b:b3:23:ea:b2:d6:6b:8f:63:33:
                    42:50:84:df:16:7a:95:fe:a0:9c:06:28:7f:0b:3a:
                    e5:8d:21:d1:88:f9:2f:aa:a6:f7:c0:f2:4f:d8:0b:
                    66:82:3f:4c:a0:06:9d:44:d9:6b:30:7e:66:45:08:
                    54:00:fd:af:f8:51:46:55:2d:5a:98:fc:95:e6:0a:
                    9f:c8:b5:81:5d:2f:fb:c7:cb:22:61:06:72:41:9b:
                    f6:5b:71:f3:e1:55:f6:61:79:81:5e:30:92:bb:f4:
                    ed:7c:fe:17:5d:47:be:f0:61:9a:6b:1f:5a:2a:7e:
                    a8:07:06:9a:34:a0:7b:c9:ce:da:72:97:b8:67:6e:
                    58:4f:b9:04:0f:93:1a:5b:77:16:86:13:c0:96:df:
                    84:95:07:4b:1a:b0:7c:0d:31:7c:6f:69:34:3c:df:
                    f4:d6:10:3a:c6:8a:7d:0a:3e:c0:7c:98:0b:3e:12:
                    50:8a:7a:53:af:d5:4b:42:ca:67:10:7a:11:21:59:
                    f2:74:f8:e8:b4:2e:9a:6d:87:56:06:09:f1:56:f4:
                    3e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:82:B8:06:2B:1A:15:9A:89:13:BF:78:C5:7C:27:18:07:1D:12:F3
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:c7:c1:46:ad:4f:2a:69:b9:30:25:cf:59:cb:74:25:94:40:
         f6:f7:34:4a:d4:3b:b3:1a:e8:65:14:45:9c:e2:25:da:39:fe:
         37:f2:41:bc:be:b2:d6:03:b8:ad:58:35:16:de:02:2a:5c:65:
         86:4e:20:1c:8c:0e:89:ae:d5:f3:e9:29:5c:06:08:68:f7:ac:
         6d:5d:fa:e5:2c:96:fb:b3:34:d4:87:46:a6:20:e2:9e:23:a3:
         28:78:36:f8:3f:25:aa:c9:ec:a1:03:c3:db:97:0c:fc:97:3c:
         b6:b2:97:53:d2:5c:ef:7b:f8:8c:5b:18:d2:08:3f:7f:1b:e3:
         1c:a6:5d:7b:84:68:f9:98:76:f6:96:02:07:e1:d3:21:9b:b5:
         24:b9:10:3f:c4:78:30:fe:3b:e2:7b:3a:55:86:07:a3:a1:41:
         d1:52:a7:4b:33:96:bb:b1:a7:3e:c2:21:8e:b9:f7:c4:97:14:
         e0:84:5f:51:83:bb:e8:d3:c8:e8:c0:38:80:f3:18:32:97:f0:
         25:fd:8d:95:be:ce:cc:72:e7:fd:96:3e:66:f5:e8:9e:7d:10:
         4b:16:b0:ee:09:ae:1a:9c:0d:11:0f:e0:c5:49:d3:b6:23:a2:
         52:a7:6b:bb:1d:5c:e8:7a:8a:c6:86:72:23:ea:1c:8c:57:b4:
         68:9f:de:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DoLZMHyxmmUcaqUeRaloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUwNjI4MTUwMTEwWhcNMjUwNjI5MTUwMTEwWjAzMTEwLwYDVQQD
EyhiYzgyYjgwNjJiMWExNTlhODkxM2JmNzhjNTdjMjcxODA3MWQxMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBhXR1B2ZM26nZygQFtp0l1LLaPB
y/aJM2TurhtdCsunxRsgmTJgRI5gzHrm69+wPXuzI+qy1muPYzNCUITfFnqV/qCc
Bih/CzrljSHRiPkvqqb3wPJP2Atmgj9MoAadRNlrMH5mRQhUAP2v+FFGVS1amPyV
5gqfyLWBXS/7x8siYQZyQZv2W3Hz4VX2YXmBXjCSu/TtfP4XXUe+8GGaax9aKn6o
BwaaNKB7yc7acpe4Z25YT7kED5MaW3cWhhPAlt+ElQdLGrB8DTF8b2k0PN/01hA6
xop9Cj7AfJgLPhJQinpTr9VLQspnEHoRIVnydPjotC6abYdWBgnxVvQ+lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyCuAYrGhWaiRO/eMV8JxgHHRLzMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmsfBRq1P
Kmm5MCXPWct0JZRA9vc0StQ7sxroZRRFnOIl2jn+N/JBvL6y1gO4rVg1Ft4CKlxl
hk4gHIwOia7V8+kpXAYIaPesbV365SyW+7M01IdGpiDiniOjKHg2+D8lqsnsoQPD
25cM/Jc8trKXU9Jc73v4jFsY0gg/fxvjHKZde4Ro+Zh29pYCB+HTIZu1JLkQP8R4
MP474ns6VYYHo6FB0VKnSzOWu7GnPsIhjrn3xJcU4IRfUYO76NPI6MA4gPMYMpfw
Jf2Nlb7OzHLn/ZY+ZvXonn0QSxaw7gmuGpwNEQ/gxUnTtiOiUqdrux1c6HqKxoZy
I+ocjFe0aJ/eLA==
-----END CERTIFICATE-----