Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          spy5BQM7rV0vRJ08RCOAxxaB5padU7u43CbNgWZJmHg=
Subject key identifier:   57:0B:7C:A6:50:5D:CE:AF:66:9C:6D:C5:C0:FF:E5:F7:12:76:EE:6C
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0198D4E04B995491EA2A4EBDEC7F171EAEB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0920
Signing time:             Sat 23 Aug 2025 03:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:05 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: LoFgvK0YEiwnHOvqDyleQDY7QBU/j2tBXKP7J1qmjJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:4b:99:54:91:ea:2a:4e:bd:ec:7f:17:1e:ae:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Aug 23 03:02:05 2025 GMT
            Not After : Aug 24 03:02:05 2025 GMT
        Subject: CN=570b7ca6505dceaf669c6dc5c0ffe5f71276ee6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f1:0a:3d:a4:b0:45:c6:68:c0:c5:0d:e3:5d:
                    42:3a:25:9d:c6:f3:65:ad:3d:97:bb:ff:f2:1b:88:
                    3e:21:d5:fd:bc:a9:a9:83:c3:1e:d4:24:cd:32:b2:
                    69:c8:4e:8a:af:50:89:2e:f9:3b:94:fa:a5:70:75:
                    6f:d7:50:df:81:20:9d:13:69:e7:d9:8f:b8:60:99:
                    ec:2e:a4:47:de:4a:b8:58:b8:a6:4e:e0:c2:56:6c:
                    e8:b8:91:81:3e:33:af:c5:dc:d9:9c:8a:1d:11:94:
                    6b:76:82:d3:4d:08:f0:6f:a5:66:2d:93:17:01:f7:
                    75:74:42:31:82:04:9b:61:2c:d0:15:0b:c9:a4:4c:
                    85:3a:78:ee:bf:da:c5:03:4b:46:6a:b2:e4:51:0d:
                    e8:b4:b0:aa:65:93:97:ef:47:bb:77:29:9c:20:1d:
                    0c:69:0d:37:46:c7:cb:97:6b:a5:63:42:41:bd:08:
                    e1:8a:1e:1c:bc:1a:5f:01:b1:54:92:32:2e:32:1e:
                    f5:a2:3a:44:36:20:d9:1d:35:7c:5a:f8:7e:79:64:
                    67:1c:46:19:4c:b9:c7:34:a3:b8:67:8c:07:90:62:
                    ca:59:3e:09:70:7a:ed:e1:ed:63:0d:eb:9e:71:af:
                    a2:aa:9f:20:bf:22:b5:f0:6c:e4:71:73:fb:e5:59:
                    bc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:0B:7C:A6:50:5D:CE:AF:66:9C:6D:C5:C0:FF:E5:F7:12:76:EE:6C
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:f5:da:6e:00:b6:1e:01:c9:6e:c9:e2:fb:32:57:a1:03:9b:
         c4:ce:0a:4b:70:d8:0a:1c:3f:60:93:02:a6:59:1b:bd:fe:e5:
         5f:0e:09:82:cb:78:74:8a:97:3d:ef:77:47:73:fc:9c:f0:cc:
         e4:40:f0:98:bd:64:7c:b4:6e:08:eb:e4:da:f5:4c:a3:c0:e6:
         36:1e:98:b1:4f:26:e0:39:33:3c:be:7c:4f:bf:84:63:f8:7f:
         f7:9d:74:c0:0f:56:7e:6c:ec:e8:19:4b:1e:6c:fc:d1:33:0e:
         5d:5f:e3:02:be:eb:b7:b3:2e:07:11:8c:78:20:f3:d5:94:b2:
         1f:c9:95:86:0a:34:df:0e:3c:19:91:e5:36:09:a7:2b:c4:47:
         0d:22:62:6e:c8:ae:bf:81:79:32:36:f2:f9:36:07:cd:95:e5:
         fa:f9:1b:4d:28:f8:3a:ab:0d:e5:3a:c8:d5:64:96:a1:64:b9:
         a8:04:f9:48:7e:a0:5f:99:04:55:05:67:d8:b5:bd:ec:d6:d8:
         6c:69:f2:90:09:be:94:e8:eb:a3:e3:10:e5:c1:b0:d8:1f:cf:
         63:f1:50:49:a9:e7:20:d6:76:22:b9:28:bc:99:8b:d0:10:ce:
         a6:6a:49:b5:2e:ef:32:b2:93:8e:98:25:58:32:39:31:41:e3:
         b0:2b:58:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4EuZVJHqKk697H8XHq6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwODIzMDMwMjA1WhcNMjUwODI0MDMwMjA1WjAzMTEwLwYDVQQD
Eyg1NzBiN2NhNjUwNWRjZWFmNjY5YzZkYzVjMGZmZTVmNzEyNzZlZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/EKPaSwRcZowMUN411COiWdxvNl
rT2Xu//yG4g+IdX9vKmpg8Me1CTNMrJpyE6Kr1CJLvk7lPqlcHVv11DfgSCdE2nn
2Y+4YJnsLqRH3kq4WLimTuDCVmzouJGBPjOvxdzZnIodEZRrdoLTTQjwb6VmLZMX
Afd1dEIxggSbYSzQFQvJpEyFOnjuv9rFA0tGarLkUQ3otLCqZZOX70e7dymcIB0M
aQ03RsfLl2ulY0JBvQjhih4cvBpfAbFUkjIuMh71ojpENiDZHTV8Wvh+eWRnHEYZ
TLnHNKO4Z4wHkGLKWT4JcHrt4e1jDeueca+iqp8gvyK18GzkcXP75Vm81wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcLfKZQXc6vZpxtxcD/5fcSdu5sMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfXabgC2
HgHJbsni+zJXoQObxM4KS3DYChw/YJMCplkbvf7lXw4Jgst4dIqXPe93R3P8nPDM
5EDwmL1kfLRuCOvk2vVMo8DmNh6YsU8m4DkzPL58T7+EY/h/9510wA9Wfmzs6BlL
Hmz80TMOXV/jAr7rt7MuBxGMeCDz1ZSyH8mVhgo03w48GZHlNgmnK8RHDSJibsiu
v4F5Mjby+TYHzZXl+vkbTSj4OqsN5TrI1WSWoWS5qAT5SH6gX5kEVQVn2LW97NbY
bGnykAm+lOjro+MQ5cGw2B/PY/FQSannINZ2IrkovJmL0BDOpmpJtS7vMrKTjpgl
WDI5MUHjsCtYZA==
-----END CERTIFICATE-----