Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
File:                     C86QcAXcPrBHC8PbRpCNoQkXuEo.mft (raw, json)
Hash identifier:          HFUjd51cUprzVsa7P+8z6HpuUH6T9p5/0RDc8DNuq+0=
Subject key identifier:   90:86:49:BB:7E:34:F3:9C:F3:F1:C9:0D:92:0F:9D:B1:60:B8:23:16
Authority key identifier: 0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A
Certificate issuer:       /CN=0bce907005dc3eb0470bc3db46908da10917b84a
Certificate serial:       0198D47351F6EFD4508A739A53316B8A9162
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
Manifest number:          0FF8
Signing time:             Sat 23 Aug 2025 01:03:03 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:03 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:03 +0000
Files and hashes:         1: C86QcAXcPrBHC8PbRpCNoQkXuEo.crl (hash: H/PDaXIrFfHCdGbO+kntROrHXGH5/JaQ8CugEiUFcgM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:51:f6:ef:d4:50:8a:73:9a:53:31:6b:8a:91:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bce907005dc3eb0470bc3db46908da10917b84a
        Validity
            Not Before: Aug 23 01:03:03 2025 GMT
            Not After : Aug 24 01:03:03 2025 GMT
        Subject: CN=908649bb7e34f39cf3f1c90d920f9db160b82316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:83:94:8f:73:2f:fb:6e:a8:88:4f:35:ef:1c:
                    57:ab:c3:71:ef:fd:fe:a9:03:02:09:b9:0f:0f:02:
                    bd:64:54:58:8f:38:be:4d:cb:db:c6:4c:a1:5e:e3:
                    ae:9a:50:4f:62:a7:f4:b9:57:ec:ea:6f:81:bb:60:
                    73:14:e0:5f:fe:46:a9:38:da:22:cb:98:97:91:09:
                    33:d1:f1:b5:24:88:b2:80:42:3a:18:0f:45:0f:97:
                    de:8a:32:83:0d:d5:05:09:bd:8b:c0:5f:d9:5d:05:
                    c5:ff:24:54:16:ad:12:b5:7a:ec:c5:9e:f7:2f:9c:
                    a8:27:17:48:4b:2e:db:ef:91:26:49:d4:cb:5f:d7:
                    8a:89:7d:73:48:47:7c:1a:49:b2:46:cb:9b:79:03:
                    91:46:74:3a:bf:ca:cd:35:a1:02:5a:0d:db:60:0b:
                    ac:e9:60:b5:89:4b:17:d5:40:01:ae:b7:11:7f:d2:
                    fe:cd:42:d6:ca:48:8b:04:8c:73:d4:86:1e:cd:20:
                    67:66:b2:ff:63:67:db:2b:3d:de:ee:72:c6:c1:c3:
                    a0:41:6c:4a:da:f3:ff:8e:6e:06:d4:d3:b7:4b:09:
                    12:ef:f5:f3:3f:9a:bc:d4:af:fa:d3:29:59:24:6e:
                    2f:d7:9b:c2:a7:25:b9:cf:30:bd:1c:54:f9:bf:ed:
                    15:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:86:49:BB:7E:34:F3:9C:F3:F1:C9:0D:92:0F:9D:B1:60:B8:23:16
            X509v3 Authority Key Identifier:
                keyid:0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:93:16:1e:13:0d:60:da:9f:c4:27:be:9e:23:23:9e:6c:32:
         03:0c:df:a6:a3:35:d6:1f:c9:70:cf:c5:aa:18:60:1b:82:e7:
         39:d4:d1:df:54:f6:33:1f:01:63:41:f3:63:f0:cb:f7:17:47:
         15:51:db:b7:45:82:2d:0a:5e:c4:f9:63:1c:8f:d7:6b:ee:9a:
         b0:9b:11:28:8f:cc:86:dc:51:47:21:fd:2f:4c:d8:bf:27:ba:
         33:29:91:f5:3f:58:63:02:65:fc:4b:d0:64:85:30:e6:20:6c:
         82:f1:8a:2b:fa:fb:13:81:92:02:7e:f5:c7:aa:11:c1:a5:e8:
         6e:ff:90:de:a4:35:9e:97:25:6c:c4:f9:e6:76:d0:23:0f:dd:
         41:1c:a2:a1:61:a7:32:9c:d4:47:dc:8a:16:2b:e3:93:19:ba:
         d8:b4:b4:2a:b4:57:a8:47:11:70:12:27:62:57:34:6b:cc:dc:
         47:75:a8:d7:5c:58:ec:b5:2d:e4:4c:30:9c:c8:7d:a9:65:fa:
         c8:4b:c8:45:6a:75:88:b9:a8:2c:30:05:c6:15:e4:cf:2c:d2:
         5e:53:37:7f:53:a4:bc:25:f6:ba:68:fa:01:c4:3b:3d:65:bc:
         5c:8c:ea:fb:bb:53:22:f6:4f:0f:de:38:80:81:78:0f:c8:e7:
         55:31:b3:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc1H279RQinOaUzFripFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiY2U5MDcwMDVkYzNlYjA0NzBiYzNkYjQ2OTA4ZGExMDkx
N2I4NGEwHhcNMjUwODIzMDEwMzAzWhcNMjUwODI0MDEwMzAzWjAzMTEwLwYDVQQD
Eyg5MDg2NDliYjdlMzRmMzljZjNmMWM5MGQ5MjBmOWRiMTYwYjgyMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoOUj3Mv+26oiE817xxXq8Nx7/3+
qQMCCbkPDwK9ZFRYjzi+TcvbxkyhXuOumlBPYqf0uVfs6m+Bu2BzFOBf/kapONoi
y5iXkQkz0fG1JIiygEI6GA9FD5feijKDDdUFCb2LwF/ZXQXF/yRUFq0StXrsxZ73
L5yoJxdISy7b75EmSdTLX9eKiX1zSEd8GkmyRsubeQORRnQ6v8rNNaECWg3bYAus
6WC1iUsX1UABrrcRf9L+zULWykiLBIxz1IYezSBnZrL/Y2fbKz3e7nLGwcOgQWxK
2vP/jm4G1NO3SwkS7/XzP5q81K/60ylZJG4v15vCpyW5zzC9HFT5v+0V9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCGSbt+NPOc8/HJDZIPnbFguCMWMB8GA1UdIwQY
MBaAFAvOkHAF3D6wRwvD20aQjaEJF7hKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAt
ZTM3MTg5OThiMTg0LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAtZTM3MTg5OThiMTg0
LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJMWHhMN
YNqfxCe+niMjnmwyAwzfpqM11h/JcM/FqhhgG4LnOdTR31T2Mx8BY0HzY/DL9xdH
FVHbt0WCLQpexPljHI/Xa+6asJsRKI/MhtxRRyH9L0zYvye6MymR9T9YYwJl/EvQ
ZIUw5iBsgvGKK/r7E4GSAn71x6oRwaXobv+Q3qQ1npclbMT55nbQIw/dQRyioWGn
MpzUR9yKFivjkxm62LS0KrRXqEcRcBInYlc0a8zcR3Wo11xY7LUt5EwwnMh9qWX6
yEvIRWp1iLmoLDAFxhXkzyzSXlM3f1OkvCX2umj6AcQ7PWW8XIzq+7tTIvZPD944
gIF4D8jnVTGzkg==
-----END CERTIFICATE-----