Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
File:                     i6gkldaDsIyIGoGM0B-kL_9v9tE.mft (raw, json)
Hash identifier:          7WI/2Aiw8eAOJvR4nUPMkUz+sTG9pjf0kUg+kyAEl+8=
Subject key identifier:   36:E0:43:8C:FE:5A:6C:0C:31:20:A9:7E:2A:60:EB:69:2A:F0:2C:8E
Authority key identifier: 8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1
Certificate issuer:       /CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
Certificate serial:       0198D5BBFFD12A732D5A6868016923BBB13F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
Manifest number:          023F
Signing time:             Sat 23 Aug 2025 07:02:04 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:04 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:04 +0000
Files and hashes:         1: i6gkldaDsIyIGoGM0B-kL_9v9tE.crl (hash: dCVtRjXNnjwJ9wm1KY/ay0iHj3ON9Jal5yrE66VICKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ff:d1:2a:73:2d:5a:68:68:01:69:23:bb:b1:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
        Validity
            Not Before: Aug 23 07:02:04 2025 GMT
            Not After : Aug 24 07:02:04 2025 GMT
        Subject: CN=36e0438cfe5a6c0c3120a97e2a60eb692af02c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9e:f7:5c:df:bb:d0:9f:36:bd:cc:5f:aa:ec:
                    e1:21:c9:c9:8a:31:e5:ce:95:cc:51:c4:9a:ac:92:
                    52:13:25:61:f0:23:8c:56:bc:86:b4:f8:e1:fa:2e:
                    37:cc:99:99:3f:0f:61:22:50:a5:91:45:c5:bb:36:
                    97:f0:cc:2e:85:8f:c2:27:e3:f2:8f:2f:22:e7:48:
                    ec:2c:33:ca:e9:31:e1:39:06:87:d6:00:0b:6c:ad:
                    c1:19:e6:ca:3f:f6:13:7a:00:40:fc:63:39:de:3d:
                    51:2a:b7:86:37:cd:26:78:cb:8e:57:07:8b:56:8f:
                    80:d5:83:d8:62:92:81:5c:26:5e:9b:bd:cf:78:63:
                    3b:a2:ca:31:7c:78:49:61:eb:bd:a6:aa:92:74:c2:
                    6a:5e:00:5d:66:37:19:78:2a:4f:b0:d8:0a:3f:d5:
                    d0:96:cf:2b:f1:aa:83:1b:96:26:ec:21:d1:72:0b:
                    6f:af:fc:3c:9f:a3:bd:f3:90:85:26:60:87:95:16:
                    bb:f7:a6:24:1b:01:f8:96:7e:39:5a:2f:67:eb:0e:
                    d9:46:62:95:a3:56:69:c8:e4:fd:41:03:25:65:9b:
                    26:3d:1b:3b:29:c1:5c:7a:36:35:74:8b:0f:e7:42:
                    a4:75:65:1c:b4:69:1a:75:31:ce:8f:67:8f:27:2b:
                    d3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E0:43:8C:FE:5A:6C:0C:31:20:A9:7E:2A:60:EB:69:2A:F0:2C:8E
            X509v3 Authority Key Identifier:
                keyid:8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:47:73:1d:50:3e:57:4c:77:4e:50:59:9f:ce:59:f8:b2:35:
         fe:c0:6d:ff:7b:51:05:29:2d:ea:e9:09:82:6c:2e:6a:ab:2a:
         cf:20:fa:49:68:fc:7b:21:da:28:28:1f:23:65:66:01:e1:f0:
         21:d6:1e:b1:6f:2f:f0:a4:1f:a9:4e:2e:13:8c:21:f1:81:80:
         27:6e:28:90:32:d0:28:63:e0:4a:aa:64:02:b0:ea:35:81:ee:
         0f:94:1b:8e:25:19:17:8e:b2:2e:60:17:96:8a:30:23:ca:87:
         6f:8a:0e:92:4c:8a:ed:64:55:2a:52:a7:42:da:66:8c:1b:42:
         40:77:fc:9f:2e:ae:e7:ef:35:8a:da:90:a3:eb:c1:b9:5f:c7:
         6b:b1:ba:c3:f2:f6:ed:e0:27:ee:0e:f2:e5:e4:37:8d:ff:a2:
         2f:d5:ea:4b:c5:c8:49:26:78:28:20:ac:6e:df:20:d0:31:3e:
         16:41:3d:b9:e9:81:89:74:72:14:fd:5f:c7:14:b7:ed:e1:4f:
         9b:17:b1:29:26:21:54:54:3b:bb:64:79:8b:fe:ec:6a:db:56:
         79:88:6f:a1:84:b3:c6:63:a9:64:88:c3:d6:00:9a:5b:53:2f:
         9f:a2:90:c5:85:16:ec:be:5a:e3:cf:82:f9:fc:68:83:0b:cc:
         1a:e0:05:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu//RKnMtWmhoAWkju7E/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYTgyNDk1ZDY4M2IwOGM4ODFhODE4Y2QwMWZhNDJmZmY2
ZmY2ZDEwHhcNMjUwODIzMDcwMjA0WhcNMjUwODI0MDcwMjA0WjAzMTEwLwYDVQQD
EygzNmUwNDM4Y2ZlNWE2YzBjMzEyMGE5N2UyYTYwZWI2OTJhZjAyYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ73XN+70J82vcxfquzhIcnJijHl
zpXMUcSarJJSEyVh8COMVryGtPjh+i43zJmZPw9hIlClkUXFuzaX8MwuhY/CJ+Py
jy8i50jsLDPK6THhOQaH1gALbK3BGebKP/YTegBA/GM53j1RKreGN80meMuOVweL
Vo+A1YPYYpKBXCZem73PeGM7osoxfHhJYeu9pqqSdMJqXgBdZjcZeCpPsNgKP9XQ
ls8r8aqDG5Ym7CHRcgtvr/w8n6O985CFJmCHlRa796YkGwH4ln45Wi9n6w7ZRmKV
o1ZpyOT9QQMlZZsmPRs7KcFcejY1dIsP50KkdWUctGkadTHOj2ePJyvTdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbgQ4z+WmwMMSCpfipg62kq8CyOMB8GA1UdIwQY
MBaAFIuoJJXWg7CMiBqBjNAfpC//b/bRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTkt
YzYyNTBmYjYwOTZlLzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTktYzYyNTBmYjYwOTZl
LzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoUdzHVA+
V0x3TlBZn85Z+LI1/sBt/3tRBSkt6ukJgmwuaqsqzyD6SWj8eyHaKCgfI2VmAeHw
IdYesW8v8KQfqU4uE4wh8YGAJ24okDLQKGPgSqpkArDqNYHuD5QbjiUZF46yLmAX
loowI8qHb4oOkkyK7WRVKlKnQtpmjBtCQHf8ny6u5+81itqQo+vBuV/Ha7G6w/L2
7eAn7g7y5eQ3jf+iL9XqS8XISSZ4KCCsbt8g0DE+FkE9uemBiXRyFP1fxxS37eFP
mxexKSYhVFQ7u2R5i/7sattWeYhvoYSzxmOpZIjD1gCaW1Mvn6KQxYUW7L5a48+C
+fxogwvMGuAFsA==
-----END CERTIFICATE-----