Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          xHgdxyHUnQSrvYhMxIkwmNVUHtoWB4KosjQ70hKKCyA=
Subject key identifier:   BE:E4:B4:20:0A:44:58:50:80:7E:2D:55:81:C8:83:01:B7:2A:59:B5
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       0198D4E0EDBF6B4491CFD99F7B138DF53BA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          05AA
Signing time:             Sat 23 Aug 2025 03:02:47 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:47 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:47 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: D+wHqvnS0uo5rQl27rWPF9zuSkTfnfpHz9b8XyEoOGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:ed:bf:6b:44:91:cf:d9:9f:7b:13:8d:f5:3b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Aug 23 03:02:47 2025 GMT
            Not After : Aug 24 03:02:47 2025 GMT
        Subject: CN=bee4b4200a445850807e2d5581c88301b72a59b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:65:4f:e2:52:37:7b:e5:fe:bc:25:78:a2:31:
                    76:8b:a1:62:bd:38:26:8d:9f:bb:5e:7c:9c:ef:f0:
                    a3:2d:ae:67:21:11:ca:a3:6a:fb:4b:0f:a3:3c:6c:
                    5f:65:a6:3c:24:f5:9f:ad:e9:8b:47:9a:20:a6:38:
                    9a:1e:7f:f7:22:a5:a8:3a:3c:f3:b1:6d:cc:c9:25:
                    0a:d3:3b:37:1f:40:1e:08:9c:d2:3d:04:4a:c1:5f:
                    23:32:30:4b:f1:0a:4e:a1:2b:e4:a1:8a:38:9a:0b:
                    42:c6:bf:8e:e7:7f:8a:f2:a4:cb:e1:a5:56:44:c1:
                    e5:44:10:20:aa:1d:e1:e2:23:07:c0:fe:e6:7f:ea:
                    80:4f:2b:f9:4a:9e:2b:dd:d9:a4:8d:35:f8:9e:28:
                    cb:45:7f:30:23:2a:40:45:b0:8a:f6:36:7f:f7:dc:
                    f2:69:26:5f:02:a6:e6:dc:89:e0:b2:54:f7:39:be:
                    d2:27:0c:fe:3e:fd:42:70:a0:00:b5:67:6a:70:d5:
                    ba:35:b1:f5:3c:7d:f1:a5:10:66:2c:bd:21:8d:03:
                    e0:f5:fd:e1:0c:b7:99:02:23:41:a9:ac:1c:ef:db:
                    c9:a2:a4:e0:e0:73:f1:95:1c:cb:33:bf:9f:a2:fa:
                    4b:d0:c1:03:35:e0:f7:e5:25:45:9f:ac:80:43:67:
                    d3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E4:B4:20:0A:44:58:50:80:7E:2D:55:81:C8:83:01:B7:2A:59:B5
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:1a:67:62:68:92:f4:a3:ed:93:4d:b8:ad:e5:77:5a:ad:de:
         ae:7c:84:d7:87:0b:d7:d6:a5:6f:77:b6:f6:36:8c:8b:1d:e2:
         56:fb:d1:b3:d5:18:46:4d:9c:8d:fc:98:6f:77:48:d6:28:65:
         f2:cc:8f:0d:23:d6:3d:ce:1a:b6:11:6c:f6:c0:36:0e:ee:fb:
         7f:e1:a3:ea:01:a0:4d:3d:89:29:3a:52:f0:34:11:42:71:c1:
         ee:1f:22:d1:21:b1:11:b1:97:68:be:20:94:42:3d:68:86:8c:
         ff:e0:76:02:75:18:cc:ce:3e:ae:39:3c:a0:6f:76:00:59:27:
         0b:c5:91:6e:64:8f:7a:32:fc:60:96:6e:a2:76:ee:ec:7b:e2:
         a9:88:b2:e7:27:f8:59:a4:e1:a0:8f:87:7e:04:80:8d:0a:1f:
         00:a1:ab:45:7b:0d:3c:8c:06:ad:26:bf:a7:38:0e:52:31:64:
         94:8d:e7:91:84:1f:5f:4b:6e:ad:29:7a:06:79:58:25:cd:44:
         e3:bd:5e:1b:87:bb:2c:8d:a6:83:ed:34:d2:d4:c7:73:41:43:
         41:90:16:6d:a0:24:8c:0d:b6:91:6a:39:fd:58:b2:4a:e6:54:
         2d:f5:89:5a:21:5e:de:1e:27:31:36:66:94:14:54:77:f5:38:
         12:d4:2d:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4O2/a0SRz9mfexON9TuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjUwODIzMDMwMjQ3WhcNMjUwODI0MDMwMjQ3WjAzMTEwLwYDVQQD
EyhiZWU0YjQyMDBhNDQ1ODUwODA3ZTJkNTU4MWM4ODMwMWI3MmE1OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2VP4lI3e+X+vCV4ojF2i6FivTgm
jZ+7Xnyc7/CjLa5nIRHKo2r7Sw+jPGxfZaY8JPWfremLR5ogpjiaHn/3IqWoOjzz
sW3MySUK0zs3H0AeCJzSPQRKwV8jMjBL8QpOoSvkoYo4mgtCxr+O53+K8qTL4aVW
RMHlRBAgqh3h4iMHwP7mf+qATyv5Sp4r3dmkjTX4nijLRX8wIypARbCK9jZ/99zy
aSZfAqbm3IngslT3Ob7SJwz+Pv1CcKAAtWdqcNW6NbH1PH3xpRBmLL0hjQPg9f3h
DLeZAiNBqawc79vJoqTg4HPxlRzLM7+fovpL0MEDNeD35SVFn6yAQ2fTiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7ktCAKRFhQgH4tVYHIgwG3Klm1MB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRpnYmiS
9KPtk024reV3Wq3ernyE14cL19alb3e29jaMix3iVvvRs9UYRk2cjfyYb3dI1ihl
8syPDSPWPc4athFs9sA2Du77f+Gj6gGgTT2JKTpS8DQRQnHB7h8i0SGxEbGXaL4g
lEI9aIaM/+B2AnUYzM4+rjk8oG92AFknC8WRbmSPejL8YJZuonbu7HviqYiy5yf4
WaThoI+HfgSAjQofAKGrRXsNPIwGrSa/pzgOUjFklI3nkYQfX0turSl6BnlYJc1E
471eG4e7LI2mg+000tTHc0FDQZAWbaAkjA22kWo5/ViySuZULfWJWiFe3h4nMTZm
lBRUd/U4EtQtLQ==
-----END CERTIFICATE-----