Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          962hshrU5msECVDL/UgCposG3yYG1aihMAAnWHI5e+0=
Subject key identifier:   25:0B:F8:68:B2:E1:E4:54:C7:72:C3:CB:B7:F8:52:58:4C:A5:04:1C
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       0198D4DFF4F3B7F0ADA710D01384A48B347C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          04A0
Signing time:             Sat 23 Aug 2025 03:01:43 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:43 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:43 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: oSeue2HNGLm4ojGwjtpPmW5WqlIoAWiyOE25voyP/oI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:f4:f3:b7:f0:ad:a7:10:d0:13:84:a4:8b:34:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Aug 23 03:01:43 2025 GMT
            Not After : Aug 24 03:01:43 2025 GMT
        Subject: CN=250bf868b2e1e454c772c3cbb7f852584ca5041c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7c:cc:01:ef:41:f5:a8:10:1b:eb:68:88:6f:
                    51:84:f9:b7:1a:86:a7:f0:f2:6f:83:68:f4:c5:02:
                    66:47:e6:91:17:e3:61:7e:70:a3:1d:b0:0e:fa:c9:
                    21:cd:d3:cb:e5:f7:85:c3:22:24:fb:c2:c6:7e:ec:
                    29:c7:e2:49:27:c2:1c:3e:57:ab:c6:fa:ae:7f:d6:
                    05:08:56:90:2a:48:bd:d2:4c:2b:44:41:28:7a:67:
                    5f:64:80:3c:91:4e:ab:f5:57:5e:72:4f:af:14:ce:
                    4f:b2:1b:ac:13:01:71:55:d7:a5:38:6b:d2:10:e9:
                    05:d6:e0:54:b6:11:10:9a:53:fd:75:e4:46:cf:f7:
                    fd:ff:e0:5d:0e:52:d3:50:2f:b7:c4:e7:35:69:e0:
                    19:e1:da:7e:95:8c:48:f1:f2:36:52:ce:82:ea:a9:
                    a2:4d:aa:f5:94:7d:28:88:a5:63:f9:6e:ac:a9:d1:
                    bf:26:76:11:c4:49:55:5c:31:a5:93:87:b3:55:1b:
                    dd:db:eb:6c:85:5e:9a:dd:4f:85:4a:44:46:0d:cf:
                    df:b1:70:8b:dd:0e:05:90:d7:50:9d:51:4c:17:bf:
                    11:88:08:5f:9d:57:da:58:81:70:41:bc:b3:7d:31:
                    30:cf:23:a3:98:8c:a7:ba:c0:02:d3:1c:7c:74:f1:
                    8f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0B:F8:68:B2:E1:E4:54:C7:72:C3:CB:B7:F8:52:58:4C:A5:04:1C
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:fe:61:ef:0c:21:46:b4:d3:e9:93:81:d1:a5:3a:85:8e:e5:
         0c:a7:e1:da:ac:0a:f4:9b:66:07:81:82:b3:12:84:71:10:b1:
         0f:1a:5e:cf:2d:9b:85:69:ed:8f:d5:45:bd:42:b0:8c:13:db:
         f2:fd:6c:6f:9e:0c:f7:78:f8:38:2e:16:92:1c:5b:62:38:c2:
         32:63:2d:62:e9:1d:d7:b6:a6:25:7d:0e:5a:6a:7c:e6:4e:48:
         ae:76:0b:39:7f:bf:1a:ea:25:d4:ed:65:08:49:f1:ff:c0:59:
         76:a8:4c:75:36:08:3b:d9:1d:f8:41:26:4e:da:52:bc:42:66:
         73:0b:8b:e8:1b:cd:19:d1:5d:07:21:91:08:89:7d:76:55:8b:
         a4:60:60:a5:ac:95:1e:c5:cd:a2:71:1c:21:c5:51:52:1a:44:
         1b:5b:80:c6:6d:65:e8:d8:41:23:11:49:ff:52:42:09:98:34:
         d5:8d:91:64:20:94:5f:df:47:d0:53:30:9e:1e:2d:e7:78:44:
         dd:2c:9c:95:34:9c:24:b3:ac:79:a8:fd:55:d7:8a:4a:f1:c9:
         d8:f7:bc:d1:07:38:e2:45:21:eb:21:a5:0e:fa:be:d9:0a:ff:
         d3:99:82:e9:56:5b:b8:73:08:3b:fa:0d:b5:d2:f3:d3:07:73:
         d6:40:8d:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3/Tzt/CtpxDQE4SkizR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjUwODIzMDMwMTQzWhcNMjUwODI0MDMwMTQzWjAzMTEwLwYDVQQD
EygyNTBiZjg2OGIyZTFlNDU0Yzc3MmMzY2JiN2Y4NTI1ODRjYTUwNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXzMAe9B9agQG+toiG9RhPm3Goan
8PJvg2j0xQJmR+aRF+NhfnCjHbAO+skhzdPL5feFwyIk+8LGfuwpx+JJJ8IcPler
xvquf9YFCFaQKki90kwrREEoemdfZIA8kU6r9Vdeck+vFM5PshusEwFxVdelOGvS
EOkF1uBUthEQmlP9deRGz/f9/+BdDlLTUC+3xOc1aeAZ4dp+lYxI8fI2Us6C6qmi
Tar1lH0oiKVj+W6sqdG/JnYRxElVXDGlk4ezVRvd2+tshV6a3U+FSkRGDc/fsXCL
3Q4FkNdQnVFMF78RiAhfnVfaWIFwQbyzfTEwzyOjmIynusAC0xx8dPGPGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUL+Giy4eRUx3LDy7f4UlhMpQQcMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnP5h7wwh
RrTT6ZOB0aU6hY7lDKfh2qwK9JtmB4GCsxKEcRCxDxpezy2bhWntj9VFvUKwjBPb
8v1sb54M93j4OC4WkhxbYjjCMmMtYukd17amJX0OWmp85k5IrnYLOX+/Guol1O1l
CEnx/8BZdqhMdTYIO9kd+EEmTtpSvEJmcwuL6BvNGdFdByGRCIl9dlWLpGBgpayV
HsXNonEcIcVRUhpEG1uAxm1l6NhBIxFJ/1JCCZg01Y2RZCCUX99H0FMwnh4t53hE
3SyclTScJLOseaj9VdeKSvHJ2Pe80Qc44kUh6yGlDvq+2Qr/05mC6VZbuHMIO/oN
tdLz0wdz1kCNzA==
-----END CERTIFICATE-----