Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          3s+NAeI4b0mTlM+c2elUKwHMjL58XeIgDalaHU7UZmk=
Subject key identifier:   2B:61:21:D6:4B:FE:35:01:C7:6F:D7:08:0E:53:08:BD:8B:6A:36:77
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       0198D6CDF368BEA0B72EF00A83927C316322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          01B9
Signing time:             Sat 23 Aug 2025 12:01:18 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:18 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:18 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: g+c1flA+MDxKyISnsWmIlkYpkVgES4h9hng8mKFUwMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:f3:68:be:a0:b7:2e:f0:0a:83:92:7c:31:63:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Aug 23 12:01:18 2025 GMT
            Not After : Aug 24 12:01:18 2025 GMT
        Subject: CN=2b6121d64bfe3501c76fd7080e5308bd8b6a3677
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:06:f7:75:fe:3f:58:bd:6f:f3:fa:f3:e9:63:
                    c0:9d:39:3a:af:6c:88:03:79:74:73:b8:3a:0c:9b:
                    18:47:e4:cb:8f:19:e9:ee:e3:d8:ac:c1:07:38:54:
                    71:72:33:9f:7d:a3:63:89:94:25:28:44:f8:7a:09:
                    fb:0a:7a:0b:44:76:47:14:5b:77:5f:91:f0:36:ad:
                    26:0d:a0:eb:47:97:7c:44:57:f7:bb:e8:ee:26:e1:
                    a1:6d:f6:cb:c8:59:c7:b0:ff:7a:07:77:d4:41:fc:
                    cf:a7:a9:2d:28:c4:cb:d7:de:1d:4c:fc:03:0e:49:
                    8f:8e:b6:a4:dd:d7:f7:25:02:33:c5:47:1b:3f:58:
                    06:7e:e6:23:3b:ef:29:43:69:9a:60:e1:02:29:d8:
                    23:a5:f3:21:97:9d:46:42:53:a4:bf:56:bf:1f:a1:
                    39:6b:b3:2f:77:18:70:2c:86:dc:e9:24:5a:e6:d5:
                    8d:51:11:54:c0:a2:89:20:16:d3:0f:5b:73:19:10:
                    c0:53:71:e7:85:30:f2:77:6d:79:be:5a:7d:a3:6b:
                    6f:38:d3:72:bd:3f:38:6a:57:a4:1b:64:e1:e8:02:
                    a4:f2:d7:42:c4:26:b9:06:d5:e5:e3:3a:a6:43:0a:
                    2b:4e:7e:57:d0:6c:88:f1:7f:6e:a6:49:09:ca:a6:
                    93:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:61:21:D6:4B:FE:35:01:C7:6F:D7:08:0E:53:08:BD:8B:6A:36:77
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:6a:50:a4:7f:26:64:97:f8:ad:4f:ea:b6:1a:e6:1b:b4:5d:
         f5:49:f3:c3:0a:8c:1e:3f:ef:0a:7e:bf:a2:ee:55:1b:df:f8:
         82:5e:98:be:cc:c8:26:f1:43:e0:76:d7:83:75:3e:43:4f:c7:
         f8:16:7f:52:5c:b7:f0:13:cb:ad:64:f7:bb:0c:9a:1a:01:4c:
         77:3c:a3:41:7c:b7:5e:38:b7:27:7a:53:18:ed:58:d7:9c:b6:
         c4:9c:8a:18:8a:de:e0:a7:f6:c5:f8:7d:c3:0e:7e:f5:f8:31:
         76:52:40:5b:36:f2:e1:52:7d:ef:54:4d:48:28:33:37:f1:77:
         a5:63:92:eb:eb:9e:fb:0b:cb:74:6b:94:79:cc:a4:71:58:2e:
         30:59:cd:e2:b4:c0:00:1c:04:2f:e1:55:de:5f:03:33:f3:6c:
         b2:dd:fe:24:7d:f4:e9:5b:fd:c0:fd:d7:1d:58:30:7b:96:7d:
         47:4a:1b:d0:c1:5a:d1:c1:22:00:1f:07:b8:16:cc:0b:f6:3f:
         ca:6c:27:37:22:6a:92:9a:80:27:c7:e3:30:6a:d3:df:b3:cc:
         86:9c:9b:76:78:85:b1:c1:38:32:f3:43:5c:a3:29:af:0c:88:
         ca:6d:b7:f3:e7:eb:17:1a:d0:81:6c:c3:5a:b5:40:24:1c:56:
         81:fe:8d:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzfNovqC3LvAKg5J8MWMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUwODIzMTIwMTE4WhcNMjUwODI0MTIwMTE4WjAzMTEwLwYDVQQD
EygyYjYxMjFkNjRiZmUzNTAxYzc2ZmQ3MDgwZTUzMDhiZDhiNmEzNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQb3df4/WL1v8/rz6WPAnTk6r2yI
A3l0c7g6DJsYR+TLjxnp7uPYrMEHOFRxcjOffaNjiZQlKET4egn7CnoLRHZHFFt3
X5HwNq0mDaDrR5d8RFf3u+juJuGhbfbLyFnHsP96B3fUQfzPp6ktKMTL194dTPwD
DkmPjrak3df3JQIzxUcbP1gGfuYjO+8pQ2maYOECKdgjpfMhl51GQlOkv1a/H6E5
a7MvdxhwLIbc6SRa5tWNURFUwKKJIBbTD1tzGRDAU3HnhTDyd215vlp9o2tvONNy
vT84alekG2Th6AKk8tdCxCa5BtXl4zqmQworTn5X0GyI8X9upkkJyqaTYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCthIdZL/jUBx2/XCA5TCL2LajZ3MB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqWpQpH8m
ZJf4rU/qthrmG7Rd9UnzwwqMHj/vCn6/ou5VG9/4gl6YvszIJvFD4HbXg3U+Q0/H
+BZ/Uly38BPLrWT3uwyaGgFMdzyjQXy3Xji3J3pTGO1Y15y2xJyKGIre4Kf2xfh9
ww5+9fgxdlJAWzby4VJ971RNSCgzN/F3pWOS6+ue+wvLdGuUecykcVguMFnN4rTA
ABwEL+FV3l8DM/Nsst3+JH306Vv9wP3XHVgwe5Z9R0ob0MFa0cEiAB8HuBbMC/Y/
ymwnNyJqkpqAJ8fjMGrT37PMhpybdniFscE4MvNDXKMprwyIym238+frFxrQgWzD
WrVAJBxWgf6N5w==
-----END CERTIFICATE-----