Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          KYWMpT+8EMPQMu8WKBf9FyH5BKZvyI7M48DrTJaJKZU=
Subject key identifier:   8B:6F:5D:A9:AE:FE:62:77:64:06:D1:AD:B3:B1:4B:09:5D:FC:BD:74
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       0198D4E00A57002FC2C77322222171CF1E4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0B29
Signing time:             Sat 23 Aug 2025 03:01:49 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:49 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:49 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: 7lKr5iU054mj6XCSSvY6/19swxEpHxCYBk+FyNwj8bc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:0a:57:00:2f:c2:c7:73:22:22:21:71:cf:1e:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Aug 23 03:01:49 2025 GMT
            Not After : Aug 24 03:01:49 2025 GMT
        Subject: CN=8b6f5da9aefe62776406d1adb3b14b095dfcbd74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ec:d4:fa:15:25:59:8e:9a:30:e7:00:ae:35:
                    59:46:6f:d7:98:10:e1:05:8c:21:60:4d:02:94:9b:
                    ec:5c:5c:fc:38:c2:d1:96:ed:d5:e1:9c:db:1c:1d:
                    0d:e9:a1:36:22:80:3e:b3:7e:a6:b1:ae:61:bd:83:
                    c8:ab:9e:54:02:c8:e0:98:c2:3e:95:9b:87:43:01:
                    16:b9:f5:68:61:80:f4:5d:67:3f:1c:11:a7:84:27:
                    33:16:ef:16:da:33:a0:83:04:c8:a2:c9:ac:91:d9:
                    3e:64:6b:9c:8c:61:6f:5e:51:03:3b:64:90:2a:5d:
                    6c:e8:b5:96:75:b5:9f:fc:96:90:2b:fe:5d:b1:ee:
                    52:71:3f:29:af:67:5d:ae:9e:a3:3a:70:14:a2:54:
                    0f:ef:7a:01:78:e3:bd:6b:5f:4b:a4:dd:d0:40:d2:
                    94:9d:89:a9:cd:73:06:9c:3c:a0:e3:a5:43:26:65:
                    c5:61:24:68:f1:99:f0:32:9f:64:6c:b5:a4:ec:40:
                    c8:fd:44:15:9e:73:72:cc:fc:46:7e:6f:30:cd:e4:
                    f4:f6:ca:0f:e0:95:40:71:1d:c0:ee:d1:3b:45:5f:
                    71:92:c0:19:cd:22:0b:b9:de:87:0f:1e:d1:82:81:
                    1a:68:4f:e5:d0:67:b3:bd:e6:c3:3d:6e:28:2d:e5:
                    b9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:6F:5D:A9:AE:FE:62:77:64:06:D1:AD:B3:B1:4B:09:5D:FC:BD:74
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:3b:cd:30:10:72:de:cd:4d:f9:15:8b:7c:ce:56:00:b6:2f:
         2f:54:1b:b4:40:a4:e2:ea:55:41:4b:83:82:c5:ef:d0:f1:e3:
         86:ab:44:c1:f9:65:5c:2e:5d:3d:3d:d0:08:f6:b5:79:1e:00:
         a4:c6:51:ca:45:93:b0:f0:ca:76:f3:40:77:06:5f:24:58:f5:
         78:06:b4:69:6c:29:79:69:79:35:f5:f7:f4:78:a7:a1:cc:18:
         a8:2a:0d:c0:29:32:39:57:f9:31:d5:51:2c:cb:d6:03:3d:80:
         89:e2:fd:32:c8:66:50:61:fa:2b:a4:cf:cb:20:aa:d3:a6:9b:
         3d:b5:6a:34:2c:1d:36:fc:ba:91:a8:2a:f7:3f:bb:f9:89:62:
         e1:bd:4c:a8:a9:de:4b:70:eb:f1:0f:87:a2:49:3c:12:16:6b:
         f0:ad:f5:b7:86:da:18:27:a1:49:5b:73:56:61:57:c3:6b:bb:
         ed:b5:64:29:1d:ff:d0:af:1d:93:e4:92:da:48:da:69:81:dd:
         e3:00:4e:4c:6e:46:b2:0f:49:9a:74:7a:76:0e:4b:03:f8:ed:
         88:cd:02:e4:91:3e:af:5a:58:94:85:fe:de:fb:b9:69:24:39:
         be:ca:c9:52:93:98:79:91:22:53:21:20:85:3d:a7:a6:c6:9e:
         b9:a6:3c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4ApXAC/Cx3MiIiFxzx5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUwODIzMDMwMTQ5WhcNMjUwODI0MDMwMTQ5WjAzMTEwLwYDVQQD
Eyg4YjZmNWRhOWFlZmU2Mjc3NjQwNmQxYWRiM2IxNGIwOTVkZmNiZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxezU+hUlWY6aMOcArjVZRm/XmBDh
BYwhYE0ClJvsXFz8OMLRlu3V4ZzbHB0N6aE2IoA+s36msa5hvYPIq55UAsjgmMI+
lZuHQwEWufVoYYD0XWc/HBGnhCczFu8W2jOggwTIosmskdk+ZGucjGFvXlEDO2SQ
Kl1s6LWWdbWf/JaQK/5dse5ScT8pr2ddrp6jOnAUolQP73oBeOO9a19LpN3QQNKU
nYmpzXMGnDyg46VDJmXFYSRo8ZnwMp9kbLWk7EDI/UQVnnNyzPxGfm8wzeT09soP
4JVAcR3A7tE7RV9xksAZzSILud6HDx7RgoEaaE/l0GezvebDPW4oLeW5aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItvXamu/mJ3ZAbRrbOxSwld/L10MB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJjvNMBBy
3s1N+RWLfM5WALYvL1QbtECk4upVQUuDgsXv0PHjhqtEwfllXC5dPT3QCPa1eR4A
pMZRykWTsPDKdvNAdwZfJFj1eAa0aWwpeWl5NfX39HinocwYqCoNwCkyOVf5MdVR
LMvWAz2AieL9MshmUGH6K6TPyyCq06abPbVqNCwdNvy6kagq9z+7+Yli4b1MqKne
S3Dr8Q+Hokk8EhZr8K31t4baGCehSVtzVmFXw2u77bVkKR3/0K8dk+SS2kjaaYHd
4wBOTG5Gsg9JmnR6dg5LA/jtiM0C5JE+r1pYlIX+3vu5aSQ5vsrJUpOYeZEiUyEg
hT2npsaeuaY8gw==
-----END CERTIFICATE-----