Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          q8yhPwwpGiGynSzlzVu90gr2daGdCAL+m0sBIxCgR7g=
Subject key identifier:   97:6E:D5:32:91:85:FC:87:9C:18:00:78:CE:17:E6:F7:33:AB:5A:6A
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       0198D4E013CD65C7FB9B0E3845AC977119C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0410
Signing time:             Sat 23 Aug 2025 03:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:51 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: w4fgal3yq227c90pVkzwwyvDhpM8WzB/dlSaGASUIh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:13:cd:65:c7:fb:9b:0e:38:45:ac:97:71:19:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Aug 23 03:01:51 2025 GMT
            Not After : Aug 24 03:01:51 2025 GMT
        Subject: CN=976ed5329185fc879c180078ce17e6f733ab5a6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:86:63:e7:1f:86:48:8e:ad:42:aa:e5:00:4c:
                    67:9a:86:05:62:f4:84:4d:40:db:77:a9:79:85:f3:
                    3e:94:3a:07:c9:49:23:8f:14:ba:1b:2d:2d:a6:d2:
                    09:f2:ef:d5:e4:0d:10:39:3d:d2:26:57:fa:f8:f7:
                    73:24:31:4a:08:a7:f1:08:51:3a:1f:78:87:db:8d:
                    65:d1:13:c6:0a:57:1d:25:d1:fe:95:f4:8e:27:8d:
                    5d:a9:fd:f8:37:b5:30:c3:e3:00:bf:7f:d7:7d:a6:
                    33:d6:e3:d5:22:de:ba:f5:e5:b5:90:88:4e:05:fd:
                    ab:35:f3:3b:3b:5b:c5:9f:97:eb:00:3a:71:15:7b:
                    82:bc:66:e6:23:3a:48:ca:2b:37:3a:a8:da:94:12:
                    30:5f:87:68:e2:f3:2b:21:6a:f6:11:14:28:3e:09:
                    79:95:0b:07:e8:b2:db:d2:36:2b:45:35:59:02:08:
                    f2:39:a8:b2:c2:49:70:cf:eb:76:16:7d:53:a9:16:
                    b8:27:38:81:5a:1a:4a:0b:03:5a:07:a2:2b:4c:43:
                    b2:af:0f:6c:19:c8:33:15:d1:20:3d:79:e5:a2:61:
                    77:6e:1f:ce:0a:10:4a:91:5e:81:e6:14:59:7a:54:
                    7c:6b:ff:dc:9d:0a:a8:de:ec:40:27:46:50:42:03:
                    3d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:6E:D5:32:91:85:FC:87:9C:18:00:78:CE:17:E6:F7:33:AB:5A:6A
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:85:ca:5f:b9:be:52:60:d6:ac:de:6b:0f:e4:23:0c:fb:04:
         76:ec:93:4e:60:f9:a7:c9:5e:bf:10:c2:c5:72:08:bd:0a:fb:
         70:44:f3:0e:65:4d:06:6e:c0:32:23:26:0b:2f:9f:c3:24:1c:
         ae:6e:36:f0:d9:de:72:3f:a2:cd:df:96:40:63:68:c4:af:2b:
         17:c8:8a:31:5c:74:b2:fa:9d:06:82:04:d5:f7:02:f9:ac:89:
         57:16:cb:68:b4:93:98:f3:99:83:b0:c5:78:70:fe:b3:46:2c:
         51:8c:ab:5d:57:19:be:39:48:ab:a3:a4:40:57:43:37:b3:1f:
         18:f8:6d:4a:ba:ae:d9:b5:c2:9a:f8:9a:37:cc:32:f9:33:6f:
         b0:c7:df:7f:74:a7:af:a4:1e:70:42:e9:26:70:3f:6f:6f:44:
         aa:76:77:86:43:1a:a0:d5:26:24:a4:2e:d7:7c:b5:8c:2a:af:
         e8:e6:bb:fc:f5:2a:81:0f:f6:30:c9:01:b4:44:ff:52:a6:8e:
         e8:c2:b5:e8:ae:92:47:6a:16:49:4d:51:89:46:3b:56:ad:bb:
         57:56:e9:d6:08:cc:b7:d1:ff:6d:43:b3:f2:e6:2a:7d:ec:89:
         d0:9f:39:7c:18:5c:74:4d:a0:c9:86:7c:30:04:a3:a6:56:01:
         12:42:98:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4BPNZcf7mw44RayXcRnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUwODIzMDMwMTUxWhcNMjUwODI0MDMwMTUxWjAzMTEwLwYDVQQD
Eyg5NzZlZDUzMjkxODVmYzg3OWMxODAwNzhjZTE3ZTZmNzMzYWI1YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14Zj5x+GSI6tQqrlAExnmoYFYvSE
TUDbd6l5hfM+lDoHyUkjjxS6Gy0tptIJ8u/V5A0QOT3SJlf6+PdzJDFKCKfxCFE6
H3iH241l0RPGClcdJdH+lfSOJ41dqf34N7Uww+MAv3/XfaYz1uPVIt669eW1kIhO
Bf2rNfM7O1vFn5frADpxFXuCvGbmIzpIyis3OqjalBIwX4do4vMrIWr2ERQoPgl5
lQsH6LLb0jYrRTVZAgjyOaiywklwz+t2Fn1TqRa4JziBWhpKCwNaB6IrTEOyrw9s
GcgzFdEgPXnlomF3bh/OChBKkV6B5hRZelR8a//cnQqo3uxAJ0ZQQgM9swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdu1TKRhfyHnBgAeM4X5vczq1pqMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYXKX7m+
UmDWrN5rD+QjDPsEduyTTmD5p8levxDCxXIIvQr7cETzDmVNBm7AMiMmCy+fwyQc
rm428Nnecj+izd+WQGNoxK8rF8iKMVx0svqdBoIE1fcC+ayJVxbLaLSTmPOZg7DF
eHD+s0YsUYyrXVcZvjlIq6OkQFdDN7MfGPhtSrqu2bXCmviaN8wy+TNvsMfff3Sn
r6QecELpJnA/b29EqnZ3hkMaoNUmJKQu13y1jCqv6Oa7/PUqgQ/2MMkBtET/UqaO
6MK16K6SR2oWSU1RiUY7Vq27V1bp1gjMt9H/bUOz8uYqfeyJ0J85fBhcdE2gyYZ8
MASjplYBEkKYYg==
-----END CERTIFICATE-----