Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          PmyTgvOJJPltUiyiV6wI2DZtyZf5LlfUjvsdbqeWp6A=
Subject key identifier:   77:4E:CB:4F:44:3A:14:35:F6:E5:F5:8D:A0:16:A9:72:82:7F:FB:1C
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       0198D7057BA8B7FE3201CD90227C0B17370E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          08D9
Signing time:             Sat 23 Aug 2025 13:01:57 +0000
Manifest this update:     Sat 23 Aug 2025 13:01:57 +0000
Manifest next update:     Sun 24 Aug 2025 13:01:57 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: fWUTxNQdE30T8Iq1hjtkydEVLedHY9GpTj0mE4euV3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:7b:a8:b7:fe:32:01:cd:90:22:7c:0b:17:37:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Aug 23 13:01:57 2025 GMT
            Not After : Aug 24 13:01:57 2025 GMT
        Subject: CN=774ecb4f443a1435f6e5f58da016a972827ffb1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f2:7f:3a:29:ec:07:87:2b:96:11:1d:e4:d5:
                    40:44:02:ee:b6:4a:1e:8d:cc:ae:2d:2e:d1:b6:e0:
                    31:35:a4:07:08:bf:ab:2b:dd:a1:61:39:5b:64:b2:
                    6b:db:ad:e8:1e:c3:a8:80:f9:19:b6:f6:5b:c3:6a:
                    06:b8:db:bb:47:fd:29:c2:df:37:4c:d5:85:35:df:
                    ca:74:00:7e:34:6a:de:0d:3a:61:49:81:db:8c:eb:
                    a6:bd:d4:d9:68:cf:e8:b1:5f:f5:a5:51:df:57:25:
                    38:89:56:30:a9:47:e1:7a:83:86:e4:7a:db:3c:2d:
                    a0:02:f9:d1:29:07:99:cd:b3:0d:33:a8:50:9c:bc:
                    53:81:60:07:ee:14:d6:40:77:00:13:fb:f7:41:08:
                    a7:e6:b5:05:98:e2:b4:42:f5:3d:be:d1:83:50:52:
                    03:cc:02:7e:e0:1e:0d:90:0b:22:a6:3a:ce:1e:bd:
                    6b:2f:a9:4b:71:6d:1d:f7:f8:aa:d9:c6:db:5d:50:
                    6a:ca:c6:0b:d3:c8:bd:9a:03:2a:58:27:b7:8a:c4:
                    e3:9d:de:b6:2e:37:8b:1f:8a:ca:f3:5c:5a:3e:30:
                    2f:43:90:c3:cb:0c:b3:7f:92:5f:c6:4e:ea:8b:74:
                    ae:65:6e:ac:f7:99:dc:8f:e5:9f:0d:4c:ce:32:40:
                    4b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:4E:CB:4F:44:3A:14:35:F6:E5:F5:8D:A0:16:A9:72:82:7F:FB:1C
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:34:dc:28:f1:0f:aa:b8:30:24:25:ac:a6:6b:bb:08:89:f4:
         03:07:b3:6e:fd:cb:70:e9:76:bd:f7:0b:b1:44:05:96:0b:aa:
         fd:9a:87:0d:5d:91:b3:7a:63:79:13:2a:77:bd:b8:ed:a6:6f:
         9a:00:0f:74:24:6c:70:de:83:34:13:6b:13:83:9c:1b:3b:8c:
         7f:a2:06:11:e4:7e:ec:60:4f:45:46:69:ef:31:4c:70:cd:4f:
         d5:8a:57:5b:2e:b1:62:8c:5b:40:19:3d:c4:92:5e:d4:f7:b6:
         2b:19:37:bb:80:06:c3:b5:eb:39:26:92:43:25:12:a6:bc:5f:
         ae:1c:b9:4e:25:7a:57:86:1e:83:4b:e9:c4:56:3f:23:31:ab:
         62:76:36:aa:68:e6:20:db:f4:71:db:86:9d:ac:0f:70:dd:cb:
         7b:4b:3a:88:46:75:eb:47:ff:81:11:a7:3d:a7:90:4e:90:cc:
         fc:34:11:ef:10:c1:5e:f7:29:01:7f:05:72:0b:62:f4:5c:23:
         1e:57:0a:07:c8:1f:6a:43:aa:48:9b:ff:db:aa:af:87:3f:c5:
         44:71:77:47:ba:b0:9d:56:77:94:aa:67:51:15:aa:e4:94:38:
         25:20:23:23:46:35:60:73:78:aa:ae:ea:9b:dc:c4:c2:d2:32:
         18:2a:42:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBXuot/4yAc2QInwLFzcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjUwODIzMTMwMTU3WhcNMjUwODI0MTMwMTU3WjAzMTEwLwYDVQQD
Eyg3NzRlY2I0ZjQ0M2ExNDM1ZjZlNWY1OGRhMDE2YTk3MjgyN2ZmYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPJ/OinsB4crlhEd5NVARALutkoe
jcyuLS7RtuAxNaQHCL+rK92hYTlbZLJr263oHsOogPkZtvZbw2oGuNu7R/0pwt83
TNWFNd/KdAB+NGreDTphSYHbjOumvdTZaM/osV/1pVHfVyU4iVYwqUfheoOG5Hrb
PC2gAvnRKQeZzbMNM6hQnLxTgWAH7hTWQHcAE/v3QQin5rUFmOK0QvU9vtGDUFID
zAJ+4B4NkAsipjrOHr1rL6lLcW0d9/iq2cbbXVBqysYL08i9mgMqWCe3isTjnd62
LjeLH4rK81xaPjAvQ5DDywyzf5Jfxk7qi3SuZW6s95ncj+WfDUzOMkBLTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdOy09EOhQ19uX1jaAWqXKCf/scMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTTcKPEP
qrgwJCWspmu7CIn0Awezbv3LcOl2vfcLsUQFlguq/ZqHDV2Rs3pjeRMqd7247aZv
mgAPdCRscN6DNBNrE4OcGzuMf6IGEeR+7GBPRUZp7zFMcM1P1YpXWy6xYoxbQBk9
xJJe1Pe2Kxk3u4AGw7XrOSaSQyUSprxfrhy5TiV6V4Yeg0vpxFY/IzGrYnY2qmjm
INv0cduGnawPcN3Le0s6iEZ160f/gRGnPaeQTpDM/DQR7xDBXvcpAX8Fcgti9Fwj
HlcKB8gfakOqSJv/26qvhz/FRHF3R7qwnVZ3lKpnURWq5JQ4JSAjI0Y1YHN4qq7q
m9zEwtIyGCpCKA==
-----END CERTIFICATE-----