Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
File:                     in1zAecVR30mgJu6u0zQMr07Vhg.mft (raw, json)
Hash identifier:          PDMYWnt2QQTe1ZiYo/zq12oHTa5NnMAcJSzn5snLdBU=
Subject key identifier:   89:F9:82:A2:94:CC:F8:FA:AD:68:69:58:11:5E:36:E9:66:D2:AB:A8
Authority key identifier: 8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18
Certificate issuer:       /CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
Certificate serial:       0198D54DFBF8A8FCEB542C57B3D2906BD5D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
Manifest number:          02F8
Signing time:             Sat 23 Aug 2025 05:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:54 +0000
Files and hashes:         1: in1zAecVR30mgJu6u0zQMr07Vhg.crl (hash: fZciqpxTDI2eiogt41saLfyg9DgCN3Dmkwu4sNYwBII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:fb:f8:a8:fc:eb:54:2c:57:b3:d2:90:6b:d5:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
        Validity
            Not Before: Aug 23 05:01:54 2025 GMT
            Not After : Aug 24 05:01:54 2025 GMT
        Subject: CN=89f982a294ccf8faad686958115e36e966d2aba8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:97:15:dc:08:81:46:f4:62:92:42:24:bf:ad:
                    19:44:86:90:d1:cb:c9:db:52:da:2c:c5:18:98:68:
                    b7:bf:82:eb:be:26:f5:23:b5:77:5d:09:20:cc:ee:
                    e6:84:d7:de:b3:24:f2:a4:d2:27:9e:e5:88:66:73:
                    c4:0a:07:65:6c:6d:69:a4:0e:da:0a:40:7d:9b:20:
                    43:39:b4:63:4b:82:8d:81:04:8a:b8:99:f7:e8:a8:
                    7f:11:89:9f:c0:be:97:8c:a9:61:96:42:a5:fa:32:
                    b0:69:c0:02:66:c1:a5:07:d9:93:f8:4f:83:ef:f2:
                    d6:e5:31:dd:1a:bc:32:17:92:be:b6:e9:67:13:23:
                    e1:75:07:3e:9b:ec:4a:8c:a2:a7:df:8c:c1:e0:ff:
                    75:83:53:8c:cb:12:fb:d3:f2:67:8b:16:4e:09:84:
                    3e:ee:3a:16:20:57:d1:4e:e1:d5:1c:5e:d8:29:a4:
                    b8:78:1a:82:10:be:39:f1:9b:3c:b3:7e:d5:38:54:
                    c3:cf:5a:e6:d4:50:3b:68:9b:1f:9c:8e:f6:55:24:
                    e3:b2:e9:68:4e:1f:08:51:3f:2b:21:86:67:87:61:
                    4c:a3:2d:61:03:3c:ba:60:ec:7f:d0:ed:7e:9a:b1:
                    62:73:02:3f:8f:c5:e4:37:d6:09:16:98:d3:13:f3:
                    29:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F9:82:A2:94:CC:F8:FA:AD:68:69:58:11:5E:36:E9:66:D2:AB:A8
            X509v3 Authority Key Identifier:
                keyid:8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:fe:d2:47:f2:cc:51:67:e1:a2:9a:a0:4c:b4:f2:07:3e:dc:
         d3:fb:91:13:35:0f:71:5d:09:b5:a5:6b:f2:5a:a0:77:b7:a6:
         c3:d4:5c:af:81:a9:f4:96:c3:5f:0a:b7:e4:7d:6d:3e:36:ef:
         e1:77:a5:5d:f7:f1:a3:8b:82:61:6c:4a:06:cd:32:61:52:f0:
         c4:23:df:6f:49:6d:34:d6:d1:84:d2:9a:b0:3e:a0:6e:a8:f5:
         fd:a4:4a:e7:80:40:ad:5e:c2:39:9c:cd:05:b6:2d:e2:19:9d:
         35:31:9a:5d:29:fe:ce:38:37:94:d8:f5:67:ee:30:1e:98:b0:
         93:60:07:74:de:9c:1f:2f:8b:8f:05:64:68:fd:a8:74:c2:50:
         c0:7c:9e:ef:44:fb:92:49:6c:52:d1:ec:69:d1:78:52:c5:76:
         9d:e4:0d:ef:c6:3e:02:80:d3:f8:65:82:00:a2:03:d6:33:df:
         28:70:ac:33:25:56:b9:d0:8e:33:b9:e8:e1:04:a0:a6:19:a6:
         a5:ee:96:62:a6:41:c4:1d:32:2e:5b:11:fc:3d:bc:e7:b2:75:
         db:2f:e8:a6:c2:64:10:a3:b9:23:e0:23:5b:eb:fd:da:92:d2:
         f0:0b:dd:96:cf:0b:cf:cb:f5:f4:1e:f8:b5:6f:aa:07:af:11:
         1d:61:23:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTfv4qPzrVCxXs9KQa9XUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2Q3MzAxZTcxNTQ3N2QyNjgwOWJiYWJiNGNkMDMyYmQz
YjU2MTgwHhcNMjUwODIzMDUwMTU0WhcNMjUwODI0MDUwMTU0WjAzMTEwLwYDVQQD
Eyg4OWY5ODJhMjk0Y2NmOGZhYWQ2ODY5NTgxMTVlMzZlOTY2ZDJhYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JcV3AiBRvRikkIkv60ZRIaQ0cvJ
21LaLMUYmGi3v4Lrvib1I7V3XQkgzO7mhNfesyTypNInnuWIZnPECgdlbG1ppA7a
CkB9myBDObRjS4KNgQSKuJn36Kh/EYmfwL6XjKlhlkKl+jKwacACZsGlB9mT+E+D
7/LW5THdGrwyF5K+tulnEyPhdQc+m+xKjKKn34zB4P91g1OMyxL70/JnixZOCYQ+
7joWIFfRTuHVHF7YKaS4eBqCEL458Zs8s37VOFTDz1rm1FA7aJsfnI72VSTjsulo
Th8IUT8rIYZnh2FMoy1hAzy6YOx/0O1+mrFicwI/j8XkN9YJFpjTE/MpFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIn5gqKUzPj6rWhpWBFeNulm0quoMB8GA1UdIwQY
MBaAFIp9cwHnFUd9JoCburtM0DK9O1YYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2Qt
ZjczNjlmOWRjYzljLzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2QtZjczNjlmOWRjYzlj
LzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABf7SR/LM
UWfhopqgTLTyBz7c0/uREzUPcV0JtaVr8lqgd7emw9Rcr4Gp9JbDXwq35H1tPjbv
4XelXffxo4uCYWxKBs0yYVLwxCPfb0ltNNbRhNKasD6gbqj1/aRK54BArV7COZzN
BbYt4hmdNTGaXSn+zjg3lNj1Z+4wHpiwk2AHdN6cHy+LjwVkaP2odMJQwHye70T7
kklsUtHsadF4UsV2neQN78Y+AoDT+GWCAKID1jPfKHCsMyVWudCOM7no4QSgphmm
pe6WYqZBxB0yLlsR/D2857J12y/opsJkEKO5I+AjW+v92pLS8Avdls8Lz8v19B74
tW+qB68RHWEjFg==
-----END CERTIFICATE-----