Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
File:                     jDJOtM17M3hJro0yb8iZAvUDpMY.mft (raw, json)
Hash identifier:          X31xKBuVRtk7VfvP/bUXA1xYLSGeDUi8hkN3760FFJA=
Subject key identifier:   2D:8D:B4:21:CD:3E:7F:B0:47:8F:AF:70:40:96:29:A2:2B:B2:2B:85
Authority key identifier: 8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6
Certificate issuer:       /CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
Certificate serial:       0198D5F1351FDD4354F7D9043D1F069161EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
Manifest number:          0100
Signing time:             Sat 23 Aug 2025 08:00:11 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:11 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:11 +0000
Files and hashes:         1: jDJOtM17M3hJro0yb8iZAvUDpMY.crl (hash: oovzgMFx3tKivvEqWc27IWFfSobVhco/aczwcRhxol4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:35:1f:dd:43:54:f7:d9:04:3d:1f:06:91:61:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
        Validity
            Not Before: Aug 23 08:00:11 2025 GMT
            Not After : Aug 24 08:00:11 2025 GMT
        Subject: CN=2d8db421cd3e7fb0478faf70409629a22bb22b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ac:68:51:56:18:16:51:2f:55:cc:a5:80:e4:
                    10:24:24:f7:81:18:d1:0b:3c:f7:42:55:bb:76:50:
                    24:d1:d3:02:b7:53:61:3a:f0:b5:57:02:4c:a8:b4:
                    55:d5:9b:d8:8d:17:ab:48:77:f8:81:8f:96:0e:9b:
                    d0:a7:07:8c:56:71:09:60:7e:bf:13:8a:75:1f:32:
                    83:c3:5d:4e:e6:13:df:ec:33:64:28:d1:54:0a:1f:
                    a7:e1:df:91:99:bb:01:75:b4:5c:a2:75:a7:88:16:
                    1a:d2:b7:91:b5:47:72:15:03:1e:ce:72:08:c9:69:
                    8e:15:6f:e5:16:89:3b:4e:ce:92:35:23:f3:b1:0c:
                    ac:7c:48:32:56:68:34:75:95:73:b9:f3:c7:a6:1d:
                    ae:e9:0c:f8:76:9d:0b:25:c3:2c:2d:ce:7b:c6:d2:
                    03:4d:4f:52:db:b5:5c:63:8f:40:94:1b:b1:60:b7:
                    14:82:ba:64:ae:24:92:7a:f9:6b:2f:c2:cd:90:a1:
                    81:34:8d:b1:bc:da:e4:6d:6c:fb:3a:0c:93:ef:68:
                    34:2b:63:d3:12:7a:ab:a3:92:87:8b:66:65:47:08:
                    f6:20:13:82:99:21:92:01:64:ec:7c:f8:3d:41:de:
                    ae:63:05:ba:91:02:3f:25:2b:ff:d3:c4:d6:27:2a:
                    ca:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:8D:B4:21:CD:3E:7F:B0:47:8F:AF:70:40:96:29:A2:2B:B2:2B:85
            X509v3 Authority Key Identifier:
                keyid:8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:89:a3:b1:cd:59:12:c9:1c:68:6a:be:9c:02:81:15:c4:d2:
         b5:45:d1:9b:e8:6c:88:2b:3d:d0:ef:ee:9a:03:13:24:4e:78:
         ee:2a:e9:c1:48:b5:64:16:3c:ea:cb:7c:6e:0d:63:07:00:d1:
         48:6d:f2:29:88:c2:a4:7a:58:d4:dc:0f:9a:36:0a:82:b4:08:
         30:3c:11:cf:30:cb:4a:62:29:65:36:ee:df:c9:d5:05:de:2e:
         2b:63:33:bd:1a:d3:44:5f:a0:ee:1d:8e:58:b0:f0:6e:bf:a2:
         34:e7:cc:49:ff:91:ee:32:62:77:9c:ba:e2:70:fa:79:79:de:
         26:e4:e9:f5:5b:87:93:aa:2d:91:04:e1:6a:10:90:34:26:56:
         1e:48:40:db:75:ca:60:be:64:e2:88:d1:28:63:0c:bb:78:4e:
         c7:47:84:ea:61:71:db:4e:a0:19:bd:4b:39:06:54:d4:25:a5:
         67:62:3e:f4:e3:a8:ae:aa:24:15:49:b8:03:18:40:98:b9:8f:
         51:41:3a:40:7a:47:06:5f:bc:f6:3c:74:f4:f5:99:5e:02:a9:
         69:39:b9:c2:ae:cb:a8:8c:17:12:2c:f7:db:89:6d:6d:da:71:
         5d:36:6d:e1:01:e1:1e:04:d3:1d:66:91:1b:80:01:61:1c:20:
         e3:6e:28:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8TUf3UNU99kEPR8GkWHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzI0ZWI0Y2Q3YjMzNzg0OWFlOGQzMjZmYzg5OTAyZjUw
M2E0YzYwHhcNMjUwODIzMDgwMDExWhcNMjUwODI0MDgwMDExWjAzMTEwLwYDVQQD
EygyZDhkYjQyMWNkM2U3ZmIwNDc4ZmFmNzA0MDk2MjlhMjJiYjIyYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKxoUVYYFlEvVcylgOQQJCT3gRjR
Czz3QlW7dlAk0dMCt1NhOvC1VwJMqLRV1ZvYjRerSHf4gY+WDpvQpweMVnEJYH6/
E4p1HzKDw11O5hPf7DNkKNFUCh+n4d+RmbsBdbRconWniBYa0reRtUdyFQMeznII
yWmOFW/lFok7Ts6SNSPzsQysfEgyVmg0dZVzufPHph2u6Qz4dp0LJcMsLc57xtID
TU9S27VcY49AlBuxYLcUgrpkriSSevlrL8LNkKGBNI2xvNrkbWz7OgyT72g0K2PT
Enqro5KHi2ZlRwj2IBOCmSGSAWTsfPg9Qd6uYwW6kQI/JSv/08TWJyrKHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2NtCHNPn+wR4+vcECWKaIrsiuFMB8GA1UdIwQY
MBaAFIwyTrTNezN4Sa6NMm/ImQL1A6TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQt
MTM5NjM2YjFlMjYzLzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQtMTM5NjM2YjFlMjYz
LzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqYmjsc1Z
EskcaGq+nAKBFcTStUXRm+hsiCs90O/umgMTJE547irpwUi1ZBY86st8bg1jBwDR
SG3yKYjCpHpY1NwPmjYKgrQIMDwRzzDLSmIpZTbu38nVBd4uK2MzvRrTRF+g7h2O
WLDwbr+iNOfMSf+R7jJid5y64nD6eXneJuTp9VuHk6otkQThahCQNCZWHkhA23XK
YL5k4ojRKGMMu3hOx0eE6mFx206gGb1LOQZU1CWlZ2I+9OOorqokFUm4AxhAmLmP
UUE6QHpHBl+89jx09PWZXgKpaTm5wq7LqIwXEiz324ltbdpxXTZt4QHhHgTTHWaR
G4ABYRwg424onA==
-----END CERTIFICATE-----