Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File:                     h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier:          HVRZJrU65VAlUymDruxsVsT/5nqKx6XL/vV5X2cACJ0=
Subject key identifier:   2A:B7:E8:2E:C2:97:B9:70:9F:22:17:A6:6D:E6:67:34:81:8A:34:35
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer:       /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial:       0199FCC60B002FA6677C3033AFC5E5076960
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number:          0AB6
Signing time:             Sun 19 Oct 2025 14:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:01 +0000
Files and hashes:         1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: JrftzohQniwKC4FnrxcRGachw79sjq4KTlT+Jeas0U8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:0b:00:2f:a6:67:7c:30:33:af:c5:e5:07:69:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
        Validity
            Not Before: Oct 19 14:01:01 2025 GMT
            Not After : Oct 20 14:01:01 2025 GMT
        Subject: CN=2ab7e82ec297b9709f2217a66de66734818a3435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cd:06:f4:3b:3d:05:a7:32:d2:a6:bc:4c:67:
                    5c:b3:7c:83:11:ba:36:ad:d8:33:be:02:b9:84:10:
                    04:59:56:8f:4f:a3:74:66:a6:af:3b:70:87:bb:9e:
                    e0:bf:07:1c:93:93:8d:63:48:ff:70:6e:30:48:3b:
                    d3:83:7c:32:5e:99:84:83:1b:f3:6e:84:71:cc:34:
                    c6:1d:a0:55:a7:35:c8:81:35:53:67:5c:2b:33:32:
                    15:78:26:3a:6f:42:81:f7:19:a4:6f:2f:02:eb:2a:
                    3d:d2:81:78:2d:b9:0f:f7:b4:c0:b7:82:83:5a:d3:
                    15:a7:52:b8:cf:74:9b:1c:68:cd:d5:0b:de:f8:52:
                    c5:b0:89:ff:01:67:c2:3d:fb:ab:9e:04:68:02:2d:
                    91:b6:04:e7:60:e1:67:94:c2:6c:1d:f0:9c:d0:74:
                    0b:db:3f:79:9e:56:be:ee:2f:92:70:ab:52:6a:cc:
                    4c:37:c6:f9:d6:92:36:c8:cd:23:f8:11:81:64:70:
                    98:9f:6f:27:7c:1b:ab:9b:be:17:06:4d:43:ef:99:
                    fd:66:1d:99:d4:dd:ee:cb:d6:1d:77:ef:fc:1c:49:
                    35:76:36:0a:41:f2:08:e7:38:ed:7f:81:2d:7c:3b:
                    19:a2:4f:93:f1:36:6d:6b:a5:f5:91:52:d8:bd:59:
                    24:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B7:E8:2E:C2:97:B9:70:9F:22:17:A6:6D:E6:67:34:81:8A:34:35
            X509v3 Authority Key Identifier:
                keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:4c:ff:ed:08:99:22:d0:0a:fd:de:1a:72:46:9c:ed:90:a4:
         36:03:56:24:45:2a:ec:8d:19:10:e4:67:7c:62:03:68:7a:3a:
         49:79:da:24:c0:6a:12:48:bf:cf:a0:88:38:2a:9d:26:e1:df:
         27:79:44:a6:4c:bc:bc:cf:22:31:bb:30:60:a4:cb:24:7e:3c:
         61:49:ba:c7:f6:23:ae:7c:6b:91:be:9d:b2:1d:87:ed:f1:73:
         60:0c:0b:93:a3:ec:b6:f6:a0:69:39:90:81:f9:72:fc:29:36:
         6c:a9:4d:56:c9:33:a9:2a:e0:16:f8:88:96:d3:a7:7f:7c:e6:
         e7:55:2a:7d:ff:d9:f5:a4:94:f9:c8:16:96:25:a2:dd:78:ea:
         d2:93:72:fd:e3:b9:1b:b5:af:2a:c6:3e:4b:f0:8a:57:55:11:
         ed:c5:fc:3d:16:70:7b:4e:b3:0d:b7:72:38:fd:77:c3:8c:0d:
         13:32:00:c6:01:c7:f2:44:1e:f6:e2:4a:55:07:03:db:71:0e:
         b1:85:9d:ad:a0:4d:55:b6:6d:43:4b:b6:26:eb:13:33:c5:9c:
         3f:f8:57:35:c5:01:51:06:0d:c1:2d:3f:f0:c8:46:4b:67:62:
         14:a6:e5:fe:30:44:f1:46:44:53:c4:8f:9d:23:16:fe:2c:bc:
         9c:0e:7c:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xgsAL6ZnfDAzr8XlB2lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjUxMDE5MTQwMTAxWhcNMjUxMDIwMTQwMTAxWjAzMTEwLwYDVQQD
EygyYWI3ZTgyZWMyOTdiOTcwOWYyMjE3YTY2ZGU2NjczNDgxOGEzNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc0G9Ds9Bacy0qa8TGdcs3yDEbo2
rdgzvgK5hBAEWVaPT6N0ZqavO3CHu57gvwcck5ONY0j/cG4wSDvTg3wyXpmEgxvz
boRxzDTGHaBVpzXIgTVTZ1wrMzIVeCY6b0KB9xmkby8C6yo90oF4LbkP97TAt4KD
WtMVp1K4z3SbHGjN1Qve+FLFsIn/AWfCPfurngRoAi2RtgTnYOFnlMJsHfCc0HQL
2z95nla+7i+ScKtSasxMN8b51pI2yM0j+BGBZHCYn28nfBurm74XBk1D75n9Zh2Z
1N3uy9Ydd+/8HEk1djYKQfII5zjtf4EtfDsZok+T8TZta6X1kVLYvVkkvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCq36C7Cl7lwnyIXpm3mZzSBijQ1MB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0z/7QiZ
ItAK/d4ackac7ZCkNgNWJEUq7I0ZEORnfGIDaHo6SXnaJMBqEki/z6CIOCqdJuHf
J3lEpky8vM8iMbswYKTLJH48YUm6x/Yjrnxrkb6dsh2H7fFzYAwLk6PstvagaTmQ
gfly/Ck2bKlNVskzqSrgFviIltOnf3zm51Uqff/Z9aSU+cgWliWi3Xjq0pNy/eO5
G7WvKsY+S/CKV1UR7cX8PRZwe06zDbdyOP13w4wNEzIAxgHH8kQe9uJKVQcD23EO
sYWdraBNVbZtQ0u2JusTM8WcP/hXNcUBUQYNwS0/8MhGS2diFKbl/jBE8UZEU8SP
nSMW/iy8nA58tA==
-----END CERTIFICATE-----