Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          5DHI7CJREkAAndzlLOncdbfo8DGqyUq7sbtSShgoNOQ=
Subject key identifier:   A1:62:AB:D9:FD:9C:64:5D:45:B2:04:E7:85:BE:B4:50:B8:09:2B:65
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       0198D8BCD7B4011C39D4EFFA0D24AA56B1CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0CF5
Signing time:             Sat 23 Aug 2025 21:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 21:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 21:01:51 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: DtwzVieQ5Ck6o7xZ4+oaMHLN0iWX34pGj7tv1r85Lrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 17:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:bc:d7:b4:01:1c:39:d4:ef:fa:0d:24:aa:56:b1:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Aug 23 21:01:51 2025 GMT
            Not After : Aug 24 21:01:51 2025 GMT
        Subject: CN=a162abd9fd9c645d45b204e785beb450b8092b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:66:43:9a:09:9c:28:4c:ef:02:6c:b3:18:d1:
                    43:b3:59:ac:30:7f:1d:34:d9:cd:f1:1f:6f:ec:a9:
                    cc:7e:62:43:2d:b6:83:c7:71:9c:b9:dd:58:d8:03:
                    4b:fb:29:d2:61:38:cc:85:68:0e:0f:6d:c6:5e:d1:
                    63:70:b0:4e:3e:40:f0:c3:42:68:60:56:f2:ec:bc:
                    0a:35:06:5a:b9:e7:42:c3:bc:5b:6e:41:91:11:f6:
                    ff:ab:62:89:5d:92:c3:10:07:82:d6:ed:5b:4e:e3:
                    bf:e3:68:f2:83:cb:49:78:dc:6a:2b:a1:66:b3:fe:
                    d1:a1:94:6d:9c:85:40:7b:14:80:41:1a:c7:9c:a3:
                    12:d7:9e:8a:6e:5e:50:37:f6:b6:29:d7:4e:04:86:
                    5d:9d:16:45:10:22:11:64:5f:5a:59:41:8b:44:63:
                    47:9c:f1:89:31:6a:ab:7f:e5:71:68:96:3a:ab:4e:
                    05:43:73:b7:6b:c9:fa:58:d9:93:f6:15:9b:b9:4c:
                    83:fb:9d:51:1d:0b:93:1c:60:be:cf:31:21:59:bd:
                    bf:74:33:39:fc:ae:f5:15:ba:c6:7c:ea:55:05:ab:
                    71:11:7a:6a:94:3e:c7:2c:24:9e:c6:88:e8:1b:1b:
                    84:88:68:c7:4c:d1:06:91:14:dc:e9:6d:ce:d1:f4:
                    3d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:62:AB:D9:FD:9C:64:5D:45:B2:04:E7:85:BE:B4:50:B8:09:2B:65
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:17:b2:00:2c:cc:24:bc:90:b3:29:9e:9c:14:1c:34:5c:38:
         bb:96:9e:16:fb:cb:ae:29:5f:d1:62:49:67:a1:04:d4:20:58:
         b2:ba:b6:cb:77:11:db:d1:c1:04:62:ba:9a:30:60:30:0c:80:
         fc:07:ad:7b:87:1c:0b:8e:d7:6e:58:64:40:39:3f:67:87:63:
         6b:51:a7:65:16:32:4e:ea:f0:19:85:b9:62:23:c9:25:19:47:
         da:a0:f1:9c:92:49:4f:2b:65:df:7c:4e:d3:a5:60:fc:f7:a7:
         46:3d:51:cc:fd:a9:6b:25:17:fe:f2:91:c4:b0:b2:a1:db:77:
         44:8a:9c:d5:59:4d:f1:da:a0:15:94:10:33:d2:ba:8f:01:b1:
         ec:62:ed:a7:c5:10:e8:26:af:4c:62:38:5b:0b:83:7e:f3:e5:
         1c:29:67:b5:ea:c2:9a:4b:bb:64:ee:f4:e1:01:8f:35:a5:f2:
         b7:da:ad:40:ca:f8:ba:fe:40:a8:83:44:09:0d:06:ed:1b:46:
         b3:d9:c5:5a:4a:44:87:9d:b9:d2:a0:94:50:41:3f:be:5f:07:
         0c:93:d1:d2:55:02:57:f3:1c:f4:9a:a0:aa:db:57:94:e3:72:
         51:c5:b9:19:47:0b:69:b6:11:25:42:d0:45:00:76:0b:f8:ff:
         a7:50:6b:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYvNe0ARw51O/6DSSqVrHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwODIzMjEwMTUxWhcNMjUwODI0MjEwMTUxWjAzMTEwLwYDVQQD
EyhhMTYyYWJkOWZkOWM2NDVkNDViMjA0ZTc4NWJlYjQ1MGI4MDkyYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGZDmgmcKEzvAmyzGNFDs1msMH8d
NNnN8R9v7KnMfmJDLbaDx3Gcud1Y2ANL+ynSYTjMhWgOD23GXtFjcLBOPkDww0Jo
YFby7LwKNQZauedCw7xbbkGREfb/q2KJXZLDEAeC1u1bTuO/42jyg8tJeNxqK6Fm
s/7RoZRtnIVAexSAQRrHnKMS156Kbl5QN/a2KddOBIZdnRZFECIRZF9aWUGLRGNH
nPGJMWqrf+VxaJY6q04FQ3O3a8n6WNmT9hWbuUyD+51RHQuTHGC+zzEhWb2/dDM5
/K71FbrGfOpVBatxEXpqlD7HLCSexojoGxuEiGjHTNEGkRTc6W3O0fQ9yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFiq9n9nGRdRbIE54W+tFC4CStlMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdBeyACzM
JLyQsymenBQcNFw4u5aeFvvLrilf0WJJZ6EE1CBYsrq2y3cR29HBBGK6mjBgMAyA
/Aete4ccC47XblhkQDk/Z4dja1GnZRYyTurwGYW5YiPJJRlH2qDxnJJJTytl33xO
06Vg/PenRj1RzP2payUX/vKRxLCyodt3RIqc1VlN8dqgFZQQM9K6jwGx7GLtp8UQ
6CavTGI4WwuDfvPlHClnterCmku7ZO704QGPNaXyt9qtQMr4uv5AqINECQ0G7RtG
s9nFWkpEh5250qCUUEE/vl8HDJPR0lUCV/Mc9JqgqttXlONyUcW5GUcLabYRJULQ
RQB2C/j/p1Brxg==
-----END CERTIFICATE-----