Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          eRmvLLVq2LzhrxA5ZOO20T433gxwkJViKUP/fzoEkNI=
Subject key identifier:   E5:03:B8:9C:5A:80:CD:D1:90:41:20:50:D2:0C:19:B6:54:61:45:B4
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       0198D5F12C074385ABA3EEB13136E698E3AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          0397
Signing time:             Sat 23 Aug 2025 08:00:08 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:08 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:08 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: 0zGfj+NwdURmwedSofkzcjy9P56a9IfH+34mKrJqyAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:2c:07:43:85:ab:a3:ee:b1:31:36:e6:98:e3:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: Aug 23 08:00:08 2025 GMT
            Not After : Aug 24 08:00:08 2025 GMT
        Subject: CN=e503b89c5a80cdd190412050d20c19b6546145b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:43:dd:35:df:0a:36:03:87:cd:f2:ec:ec:93:
                    f2:0e:d8:24:71:e8:c6:12:46:e9:57:d8:ae:c0:d7:
                    33:a8:8d:b1:34:e5:27:9e:79:96:ca:6f:72:62:e0:
                    7d:ee:f1:c5:db:98:b3:85:60:73:10:e1:38:e0:85:
                    2a:d3:a6:12:7f:e2:70:fd:6d:e0:d1:31:1c:20:f6:
                    f1:66:80:99:df:65:5c:60:ea:ac:43:ba:2e:5b:32:
                    0e:ba:dd:eb:97:f0:9a:0e:e5:18:ae:8e:77:70:88:
                    8b:c2:75:cb:97:99:70:0f:93:42:e4:60:11:88:3b:
                    78:07:b5:3b:48:05:86:41:ee:f6:1d:30:ff:84:0c:
                    94:a4:a2:5f:4b:dd:fb:63:2a:43:1f:1c:87:ac:95:
                    7d:d8:64:9e:bb:9b:af:76:47:f7:01:81:f7:b6:de:
                    ee:25:52:d0:63:e1:d3:55:dd:0c:b9:9f:3d:88:34:
                    cb:55:63:46:60:04:10:bc:9b:74:f1:f3:0e:86:ab:
                    18:7c:57:16:72:5e:ee:c6:62:bc:fb:1d:27:60:8b:
                    d8:b1:eb:1a:32:06:95:be:8b:09:f4:86:f4:c7:93:
                    63:ab:e8:10:9c:8f:51:c8:f6:23:c8:c6:99:b6:38:
                    3d:65:7d:5e:19:81:79:79:de:cd:ce:54:55:bd:11:
                    26:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:03:B8:9C:5A:80:CD:D1:90:41:20:50:D2:0C:19:B6:54:61:45:B4
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:00:cc:0c:61:23:6b:52:00:d7:33:a3:f4:be:82:f6:e5:84:
         97:bb:c1:a4:48:e3:c4:aa:3e:84:cb:f6:39:77:91:06:37:61:
         56:5a:be:d4:b5:2e:fc:5c:d2:bf:f5:ad:a3:d9:12:ab:ad:b9:
         02:72:f3:36:b6:ca:93:ae:29:d8:b1:ef:a7:05:0e:87:bc:09:
         48:62:2d:6e:41:2f:42:07:c6:6d:ed:d4:92:af:d3:ce:a9:18:
         e1:d8:41:81:78:42:c4:36:38:e0:5e:d6:e0:d6:dc:2d:8f:19:
         ac:bb:f1:a2:8b:85:8a:d2:cc:c9:e4:42:b1:7a:36:4f:b0:2b:
         01:72:01:92:40:f5:c1:33:6c:10:bf:f9:df:7e:9b:92:e1:3c:
         f4:5b:fb:46:97:fa:b5:b1:c4:61:78:8a:3f:1c:cd:bd:df:c1:
         87:94:4c:3f:6a:25:8c:85:8d:e2:eb:42:bf:68:f2:e3:7c:ea:
         02:65:e6:a6:e8:85:24:44:44:48:ac:b7:4e:47:41:28:6f:e4:
         cf:1d:56:e4:51:5a:22:b4:84:8b:fa:a6:61:32:0b:23:84:04:
         a8:7b:39:01:89:51:f2:07:d0:27:88:90:98:b0:af:45:0e:69:
         62:f6:fc:ed:0a:3f:63:2b:3d:64:50:ce:93:9e:7e:d1:a6:86:
         77:fe:c0:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8SwHQ4Wro+6xMTbmmOOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUwODIzMDgwMDA4WhcNMjUwODI0MDgwMDA4WjAzMTEwLwYDVQQD
EyhlNTAzYjg5YzVhODBjZGQxOTA0MTIwNTBkMjBjMTliNjU0NjE0NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUPdNd8KNgOHzfLs7JPyDtgkcejG
EkbpV9iuwNczqI2xNOUnnnmWym9yYuB97vHF25izhWBzEOE44IUq06YSf+Jw/W3g
0TEcIPbxZoCZ32VcYOqsQ7ouWzIOut3rl/CaDuUYro53cIiLwnXLl5lwD5NC5GAR
iDt4B7U7SAWGQe72HTD/hAyUpKJfS937YypDHxyHrJV92GSeu5uvdkf3AYH3tt7u
JVLQY+HTVd0MuZ89iDTLVWNGYAQQvJt08fMOhqsYfFcWcl7uxmK8+x0nYIvYsesa
MgaVvosJ9Ib0x5Njq+gQnI9RyPYjyMaZtjg9ZX1eGYF5ed7NzlRVvREmcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUDuJxagM3RkEEgUNIMGbZUYUW0MB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdgDMDGEj
a1IA1zOj9L6C9uWEl7vBpEjjxKo+hMv2OXeRBjdhVlq+1LUu/FzSv/Wto9kSq625
AnLzNrbKk64p2LHvpwUOh7wJSGItbkEvQgfGbe3Ukq/TzqkY4dhBgXhCxDY44F7W
4NbcLY8ZrLvxoouFitLMyeRCsXo2T7ArAXIBkkD1wTNsEL/5336bkuE89Fv7Rpf6
tbHEYXiKPxzNvd/Bh5RMP2oljIWN4utCv2jy43zqAmXmpuiFJERESKy3TkdBKG/k
zx1W5FFaIrSEi/qmYTILI4QEqHs5AYlR8gfQJ4iQmLCvRQ5pYvb87Qo/Yys9ZFDO
k55+0aaGd/7AgQ==
-----END CERTIFICATE-----