Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
File:                     d_M68l-VqylxEYjp_-pQzMshHXY.mft (raw, json)
Hash identifier:          +IUkMslBZhOuopghJC3oUdUpdj2yAE8Lrs3VFjAgnmw=
Subject key identifier:   83:29:DE:84:3B:21:2C:2F:23:F8:4D:4A:69:7A:2B:47:37:00:AA:C0
Authority key identifier: 77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76
Certificate issuer:       /CN=77f33af25f95ab29711188e9ffea50cccb211d76
Certificate serial:       0198D7A8A3508D625AE6C616D3A8C9E63E67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
Manifest number:          0DC0
Signing time:             Sat 23 Aug 2025 16:00:09 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:09 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:09 +0000
Files and hashes:         1: d_M68l-VqylxEYjp_-pQzMshHXY.crl (hash: FB+k3Ce6E1NRaGJENXZRLZquTrMI9bg1gsoxVE6Q5No=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:a3:50:8d:62:5a:e6:c6:16:d3:a8:c9:e6:3e:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f33af25f95ab29711188e9ffea50cccb211d76
        Validity
            Not Before: Aug 23 16:00:09 2025 GMT
            Not After : Aug 24 16:00:09 2025 GMT
        Subject: CN=8329de843b212c2f23f84d4a697a2b473700aac0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0a:1a:1a:16:d6:3e:72:94:6e:fa:38:d4:3f:
                    f7:12:ef:61:4f:29:13:3e:cb:35:a8:c3:2b:57:57:
                    06:60:48:66:50:84:7d:38:45:8f:4b:f1:87:78:b7:
                    43:45:cf:eb:54:03:3b:c1:65:37:a6:c1:5f:81:9e:
                    a6:37:cf:1f:8a:d3:e3:08:8d:82:18:e7:e4:a8:5c:
                    1d:8a:af:c3:02:73:0b:36:fc:c1:80:20:37:6e:aa:
                    fd:7a:16:f6:19:4c:9a:ad:93:14:10:e7:40:cf:a4:
                    b2:8a:35:bc:6c:b2:7d:02:8d:70:4f:6a:59:91:7d:
                    40:ef:82:a1:d0:a0:6f:c3:59:6c:72:aa:20:fe:b0:
                    2a:9b:af:c1:39:a0:93:ec:09:59:ea:25:d1:6e:fb:
                    d8:20:7b:66:ce:68:1d:ae:ed:74:92:3f:4b:90:f9:
                    36:27:7b:15:cf:bc:f5:17:22:ea:ee:31:c2:81:66:
                    08:39:7d:a8:ba:95:5d:5e:3b:fe:19:41:f1:53:d3:
                    0b:1a:47:d7:da:60:34:7d:20:a6:46:dd:22:80:53:
                    d0:8a:68:4a:c2:78:4a:20:a7:2c:da:4b:e4:d6:63:
                    f3:7d:70:c0:f8:19:8a:87:e3:da:e7:2a:4f:59:d0:
                    38:e7:4b:af:06:59:09:f3:27:74:a9:4a:7a:fb:a4:
                    aa:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:29:DE:84:3B:21:2C:2F:23:F8:4D:4A:69:7A:2B:47:37:00:AA:C0
            X509v3 Authority Key Identifier:
                keyid:77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:9b:cc:95:aa:06:7e:d3:c5:48:8b:86:0c:e0:65:10:b0:f0:
         44:ee:f8:35:de:4a:5d:91:da:28:87:18:f9:79:9e:61:4f:46:
         34:ac:20:18:9c:45:28:04:b4:b2:02:16:bc:13:9c:f6:b4:7a:
         c7:d0:ec:a3:75:cb:37:5a:c8:b3:07:10:4e:a1:95:36:1b:ce:
         0d:25:d7:1c:dd:ef:e6:2e:45:d1:7a:62:1f:14:ac:2e:33:68:
         96:ce:2d:a9:88:3e:53:54:65:e0:df:34:60:85:83:59:ad:de:
         6a:40:96:56:22:f7:dc:8c:4f:f9:70:c9:0e:ca:45:84:c6:ec:
         3f:81:9d:6b:b3:2c:50:cc:e3:cc:ff:fd:0e:34:4a:71:2b:09:
         90:54:63:bd:cd:8d:cc:22:60:d5:19:52:16:03:51:00:ac:87:
         95:7a:57:57:bd:de:89:df:a7:ce:8e:41:b0:dd:41:31:66:cf:
         bf:4d:f8:7a:35:c6:3e:c7:c9:ed:93:b6:d2:41:7d:e3:e2:a8:
         0a:c3:c8:3f:77:e8:92:c4:69:f1:f3:00:11:65:6c:9d:76:86:
         1f:d8:f5:d5:a7:5b:d2:f6:4c:8f:11:84:2f:a1:c5:af:65:7a:
         78:d2:dc:4d:77:9c:60:b8:3a:bf:ec:a5:db:b4:e6:03:0f:49:
         28:7b:0a:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqKNQjWJa5sYW06jJ5j5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjMzYWYyNWY5NWFiMjk3MTExODhlOWZmZWE1MGNjY2Iy
MTFkNzYwHhcNMjUwODIzMTYwMDA5WhcNMjUwODI0MTYwMDA5WjAzMTEwLwYDVQQD
Eyg4MzI5ZGU4NDNiMjEyYzJmMjNmODRkNGE2OTdhMmI0NzM3MDBhYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwoaGhbWPnKUbvo41D/3Eu9hTykT
Pss1qMMrV1cGYEhmUIR9OEWPS/GHeLdDRc/rVAM7wWU3psFfgZ6mN88fitPjCI2C
GOfkqFwdiq/DAnMLNvzBgCA3bqr9ehb2GUyarZMUEOdAz6SyijW8bLJ9Ao1wT2pZ
kX1A74Kh0KBvw1lscqog/rAqm6/BOaCT7AlZ6iXRbvvYIHtmzmgdru10kj9LkPk2
J3sVz7z1FyLq7jHCgWYIOX2oupVdXjv+GUHxU9MLGkfX2mA0fSCmRt0igFPQimhK
wnhKIKcs2kvk1mPzfXDA+BmKh+Pa5ypPWdA450uvBlkJ8yd0qUp6+6SqNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMp3oQ7ISwvI/hNSml6K0c3AKrAMB8GA1UdIwQY
MBaAFHfzOvJflaspcRGI6f/qUMzLIR12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQt
OGJjYTA1NjFiNzJkLzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQtOGJjYTA1NjFiNzJk
LzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5vMlaoG
ftPFSIuGDOBlELDwRO74Nd5KXZHaKIcY+XmeYU9GNKwgGJxFKAS0sgIWvBOc9rR6
x9Dso3XLN1rIswcQTqGVNhvODSXXHN3v5i5F0XpiHxSsLjNols4tqYg+U1Rl4N80
YIWDWa3eakCWViL33IxP+XDJDspFhMbsP4Gda7MsUMzjzP/9DjRKcSsJkFRjvc2N
zCJg1RlSFgNRAKyHlXpXV73eid+nzo5BsN1BMWbPv034ejXGPsfJ7ZO20kF94+Ko
CsPIP3foksRp8fMAEWVsnXaGH9j11adb0vZMjxGEL6HFr2V6eNLcTXecYLg6v+yl
27TmAw9JKHsKUA==
-----END CERTIFICATE-----