Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          a1OlOlSOgPED0OeUHq3ZxjeubKruQrBRCuNqJItO+vc=
Subject key identifier:   98:F9:D4:BC:F1:55:92:7B:36:44:C3:8C:50:2A:16:70:96:88:BA:7C
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       0198D4A79C70FD33DFB8B170F8272DBC26B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          0432
Signing time:             Sat 23 Aug 2025 02:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:10 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: QNdO4jZ8Z7z8oQUBusRH08m0J/gN/uOjbHyCW4Yf3Ok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:9c:70:fd:33:df:b8:b1:70:f8:27:2d:bc:26:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Aug 23 02:00:10 2025 GMT
            Not After : Aug 24 02:00:10 2025 GMT
        Subject: CN=98f9d4bcf155927b3644c38c502a16709688ba7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:89:7a:a7:c3:55:c8:74:4b:4e:30:36:a6:d7:
                    30:7f:c1:59:da:3c:76:fe:14:1b:a3:5b:71:3b:46:
                    fe:27:01:b0:1e:78:32:36:73:52:68:26:ab:2a:61:
                    7b:ba:49:30:51:83:7f:70:9d:7e:37:d1:31:1e:20:
                    a2:79:49:33:56:50:77:b8:fb:be:43:0f:7e:4c:64:
                    bb:2b:64:f5:d5:d2:83:d4:78:b2:bf:d2:7b:8a:d0:
                    c6:bd:ea:a0:3b:a2:ff:a7:55:fa:85:a2:90:ba:ab:
                    4d:20:5a:1b:6b:bd:1a:71:62:84:40:2e:f5:18:2d:
                    8f:82:38:df:6f:55:7b:13:b0:5e:42:a0:72:00:fe:
                    61:ca:af:a2:68:a0:52:d1:7d:8f:c5:f3:ee:e4:c9:
                    75:ca:b0:93:da:73:ee:55:99:9e:6b:d7:7e:23:1b:
                    3d:de:c6:da:33:04:a7:14:a4:69:a9:1f:85:6b:3c:
                    39:91:5d:72:0f:31:27:97:7f:09:be:af:a9:b8:97:
                    b0:bc:bb:fc:0e:3c:94:9b:29:c1:30:8e:c0:c8:49:
                    15:23:d0:28:27:bc:87:ec:1f:84:d7:56:f1:52:64:
                    99:cd:8c:64:b0:b2:d4:c5:ae:b7:63:cb:27:0a:90:
                    5e:62:01:ff:c8:b4:46:0a:fe:66:fe:9c:54:92:8e:
                    59:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:F9:D4:BC:F1:55:92:7B:36:44:C3:8C:50:2A:16:70:96:88:BA:7C
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:1f:57:a3:b9:1f:77:3a:52:57:fe:7d:71:c4:c1:de:33:cf:
         81:f9:72:2e:a3:66:3e:8f:ce:6c:44:d9:37:68:f4:8c:87:0a:
         81:fc:ed:47:db:14:8c:b7:8e:0c:b5:ec:85:d1:a9:2e:8e:76:
         d6:73:c2:bd:0c:92:63:f1:17:b4:c8:80:04:56:d1:c1:d3:19:
         f0:6c:1a:bf:3d:1c:8b:56:53:86:d2:94:62:fc:e0:5d:2f:37:
         9c:f2:89:a8:1e:45:15:a5:e9:fa:24:ab:31:4d:11:34:a2:ca:
         91:12:40:1f:06:cd:b9:ae:3d:11:c8:f9:cc:c0:cc:67:79:13:
         69:d4:7b:b6:bc:3d:a1:f6:31:5b:23:9c:3b:8d:56:a7:e8:48:
         51:2f:38:b5:ab:0d:f1:5c:44:d2:e7:39:c8:60:e4:54:01:86:
         9a:5f:2d:b4:53:cb:c0:e7:79:11:d2:66:af:ee:4f:02:c2:5c:
         fb:a1:64:44:c7:81:02:4f:72:e6:4f:f8:60:f4:34:07:e2:78:
         4f:4d:54:2e:23:4e:49:71:9d:41:d2:b9:61:9a:d8:54:99:6d:
         95:90:fd:8a:92:ba:e7:97:0b:c9:64:3a:0c:cd:f1:da:6b:fa:
         ec:00:7d:83:e0:2b:c9:c0:37:5c:8f:43:e5:8c:92:9e:82:7d:
         1c:23:ff:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp5xw/TPfuLFw+CctvCa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjUwODIzMDIwMDEwWhcNMjUwODI0MDIwMDEwWjAzMTEwLwYDVQQD
Eyg5OGY5ZDRiY2YxNTU5MjdiMzY0NGMzOGM1MDJhMTY3MDk2ODhiYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIl6p8NVyHRLTjA2ptcwf8FZ2jx2
/hQbo1txO0b+JwGwHngyNnNSaCarKmF7ukkwUYN/cJ1+N9ExHiCieUkzVlB3uPu+
Qw9+TGS7K2T11dKD1Hiyv9J7itDGveqgO6L/p1X6haKQuqtNIFoba70acWKEQC71
GC2Pgjjfb1V7E7BeQqByAP5hyq+iaKBS0X2PxfPu5Ml1yrCT2nPuVZmea9d+Ixs9
3sbaMwSnFKRpqR+Fazw5kV1yDzEnl38Jvq+puJewvLv8DjyUmynBMI7AyEkVI9Ao
J7yH7B+E11bxUmSZzYxksLLUxa63Y8snCpBeYgH/yLRGCv5m/pxUko5Z4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJj51LzxVZJ7NkTDjFAqFnCWiLp8MB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmh9Xo7kf
dzpSV/59ccTB3jPPgflyLqNmPo/ObETZN2j0jIcKgfztR9sUjLeODLXshdGpLo52
1nPCvQySY/EXtMiABFbRwdMZ8Gwavz0ci1ZThtKUYvzgXS83nPKJqB5FFaXp+iSr
MU0RNKLKkRJAHwbNua49Ecj5zMDMZ3kTadR7trw9ofYxWyOcO41Wp+hIUS84tasN
8VxE0uc5yGDkVAGGml8ttFPLwOd5EdJmr+5PAsJc+6FkRMeBAk9y5k/4YPQ0B+J4
T01ULiNOSXGdQdK5YZrYVJltlZD9ipK655cLyWQ6DM3x2mv67AB9g+ArycA3XI9D
5YySnoJ9HCP/XA==
-----END CERTIFICATE-----