Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          LsgiidmNjnjiWkkT7IvtbcXSpGhkahfOPPOIYg4nrIs=
Subject key identifier:   B4:37:CB:7A:E7:98:CE:67:A2:5F:98:8F:64:61:0F:2A:96:E8:13:87
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       0198D6CD3BFB2D7DC276D404679F2B93E6AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          09A2
Signing time:             Sat 23 Aug 2025 12:00:30 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:30 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:30 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: n4uh+4wccLkmOFiOCsXwEY9vS5hhI8f7yylkVKg8nB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:3b:fb:2d:7d:c2:76:d4:04:67:9f:2b:93:e6:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: Aug 23 12:00:30 2025 GMT
            Not After : Aug 24 12:00:30 2025 GMT
        Subject: CN=b437cb7ae798ce67a25f988f64610f2a96e81387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:14:8a:a2:82:2b:50:16:a1:40:4b:e9:22:7b:
                    4f:ca:e9:75:d1:86:df:96:ac:31:e2:77:18:dc:e4:
                    65:21:b7:23:90:37:87:3e:bd:c5:e1:e0:8b:81:ce:
                    ff:ad:31:e9:de:51:ea:73:c5:75:07:d5:4c:e4:60:
                    9c:3f:88:15:80:fd:a5:13:69:b2:45:d5:c0:9d:0d:
                    51:07:e5:6a:d6:41:c2:4a:b3:95:ef:6d:1f:19:3c:
                    35:83:e1:cc:e2:54:f3:ca:10:b9:f1:12:15:37:73:
                    8f:37:54:cb:0c:73:3d:ce:21:27:ab:b9:9d:25:10:
                    a5:d9:8f:69:25:09:60:ea:db:1a:63:7d:c5:6e:8c:
                    b1:75:a9:9b:6d:c2:b2:db:6b:f4:8c:97:1c:e6:cf:
                    1c:b2:6a:64:1c:c3:ef:fb:ac:07:93:d1:a8:66:aa:
                    5f:1c:81:93:63:a1:92:bd:89:8b:68:87:a6:d7:b1:
                    85:bd:ba:f1:3e:16:59:a3:7d:03:84:9c:26:d3:db:
                    d8:20:57:59:63:d5:11:76:b0:91:71:65:73:84:2a:
                    4a:bf:17:9d:5e:87:0b:d5:f8:a4:0e:d4:bb:de:b8:
                    c1:ba:26:22:11:ca:cd:f3:ba:59:7f:02:b4:4f:fa:
                    90:66:6b:a2:9f:02:7a:01:5a:ee:d3:32:a9:49:21:
                    b7:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:37:CB:7A:E7:98:CE:67:A2:5F:98:8F:64:61:0F:2A:96:E8:13:87
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:88:6b:58:fe:51:19:59:24:ff:c8:64:cb:6f:6d:19:87:d2:
         a3:91:ec:0e:de:f7:ba:3b:e6:74:5e:4d:70:3a:f0:f8:4a:04:
         67:e5:06:53:13:60:e8:23:8b:dc:da:83:58:c6:23:fd:34:45:
         f3:90:74:b2:89:fe:40:24:2c:d2:d8:13:b9:87:92:0d:d1:c1:
         e8:47:fc:f3:3f:b4:6f:9e:4e:7a:63:c8:95:61:a3:e5:f9:5d:
         ef:9a:2f:df:ec:12:c8:7b:aa:c2:9a:90:ca:b9:09:33:1a:5e:
         5f:f2:41:97:73:28:89:02:c0:da:d7:84:7e:58:eb:d9:38:98:
         fe:2b:56:5e:3a:bf:19:e0:d9:8b:64:e5:b3:bb:aa:ce:82:7f:
         e7:53:bf:53:d5:f7:b3:1f:f3:9d:15:e4:38:3a:f2:33:1a:bb:
         9d:7b:4f:ad:ae:e3:33:d6:46:20:1f:45:03:0d:c4:47:6b:10:
         0c:21:15:eb:13:00:7f:be:79:d3:61:ce:e6:0d:45:4e:10:fe:
         44:4f:83:30:dd:4b:99:b7:57:ec:a9:db:ff:01:e1:bd:dd:85:
         73:93:24:a4:f6:e7:87:6c:a9:a2:1d:49:8d:c4:0b:81:86:6b:
         0d:b8:86:e6:29:f0:ff:99:ca:67:90:bb:4c:97:94:c6:05:1b:
         49:ec:39:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzTv7LX3CdtQEZ58rk+auMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjUwODIzMTIwMDMwWhcNMjUwODI0MTIwMDMwWjAzMTEwLwYDVQQD
EyhiNDM3Y2I3YWU3OThjZTY3YTI1Zjk4OGY2NDYxMGYyYTk2ZTgxMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohSKooIrUBahQEvpIntPyul10Ybf
lqwx4ncY3ORlIbcjkDeHPr3F4eCLgc7/rTHp3lHqc8V1B9VM5GCcP4gVgP2lE2my
RdXAnQ1RB+Vq1kHCSrOV720fGTw1g+HM4lTzyhC58RIVN3OPN1TLDHM9ziEnq7md
JRCl2Y9pJQlg6tsaY33FboyxdambbcKy22v0jJcc5s8csmpkHMPv+6wHk9GoZqpf
HIGTY6GSvYmLaIem17GFvbrxPhZZo30DhJwm09vYIFdZY9URdrCRcWVzhCpKvxed
XocL1fikDtS73rjBuiYiEcrN87pZfwK0T/qQZmuinwJ6AVru0zKpSSG3BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ3y3rnmM5nol+Yj2RhDyqW6BOHMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhohrWP5R
GVkk/8hky29tGYfSo5HsDt73ujvmdF5NcDrw+EoEZ+UGUxNg6COL3NqDWMYj/TRF
85B0son+QCQs0tgTuYeSDdHB6Ef88z+0b55OemPIlWGj5fld75ov3+wSyHuqwpqQ
yrkJMxpeX/JBl3MoiQLA2teEfljr2TiY/itWXjq/GeDZi2Tls7uqzoJ/51O/U9X3
sx/znRXkODryMxq7nXtPra7jM9ZGIB9FAw3ER2sQDCEV6xMAf75502HO5g1FThD+
RE+DMN1LmbdX7Knb/wHhvd2Fc5MkpPbnh2ypoh1JjcQLgYZrDbiG5inw/5nKZ5C7
TJeUxgUbSew5Pw==
-----END CERTIFICATE-----