Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
File:                     ur8nIaXXgzW3uX22OuxDXJyji8c.mft (raw, json)
Hash identifier:          vgAPnT5y6TdTOXxTp6mgCMm7AMkMI1PpEs+1CMpGfcg=
Subject key identifier:   84:C3:0E:C5:7A:18:A8:BB:B7:2F:3F:F9:B0:D3:C4:AD:64:C8:79:D4
Authority key identifier: BA:BF:27:21:A5:D7:83:35:B7:B9:7D:B6:3A:EC:43:5C:9C:A3:8B:C7
Certificate issuer:       /CN=babf2721a5d78335b7b97db63aec435c9ca38bc7
Certificate serial:       019894B65E846BB56C34379F78F31F1932C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
Manifest number:          0822
Signing time:             Sun 10 Aug 2025 16:00:36 +0000
Manifest this update:     Sun 10 Aug 2025 16:00:36 +0000
Manifest next update:     Mon 11 Aug 2025 16:00:36 +0000
Files and hashes:         1: ur8nIaXXgzW3uX22OuxDXJyji8c.crl (hash: SycT9x7z6/JkGUEpQm5AnmRzXaxq4iApDr4EHhmRrPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b6:5e:84:6b:b5:6c:34:37:9f:78:f3:1f:19:32:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=babf2721a5d78335b7b97db63aec435c9ca38bc7
        Validity
            Not Before: Aug 10 16:00:36 2025 GMT
            Not After : Aug 11 16:00:36 2025 GMT
        Subject: CN=84c30ec57a18a8bbb72f3ff9b0d3c4ad64c879d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e7:a9:a3:33:97:6e:5d:45:90:6e:1a:e2:de:
                    34:36:d9:c4:5d:92:ff:15:52:b2:c7:f0:a1:3f:ac:
                    f1:11:7b:37:6f:22:a9:6b:20:f1:c1:1b:c2:c5:d0:
                    9b:42:8e:93:3b:40:65:3a:ea:c4:fe:37:57:c6:83:
                    65:3b:e7:c8:72:ae:83:38:6f:86:80:e6:d8:3c:db:
                    67:e9:20:23:ba:a5:53:7e:a3:09:31:8e:1a:a8:18:
                    af:91:89:1d:f6:c6:83:0d:14:55:a8:a0:f3:c7:15:
                    b6:45:fd:e0:18:c9:1e:dd:8e:2a:a9:0a:e9:1f:cb:
                    f6:19:55:bd:e6:35:57:af:4e:14:c5:82:e3:f5:c8:
                    a4:40:d0:1c:99:ce:92:47:8c:c8:1b:43:eb:b0:fc:
                    52:6c:41:25:89:77:78:b0:5d:9f:41:08:45:c5:7f:
                    f7:3f:f9:a8:c8:c2:f2:4c:4f:ab:80:cb:cf:3e:18:
                    84:44:32:f4:f0:f9:50:7d:af:c2:d4:15:03:da:0b:
                    3d:57:e0:01:49:13:93:6b:00:3e:25:5c:e1:4f:fd:
                    f8:21:06:bf:9b:2a:22:9a:96:ce:7c:3f:0b:c6:0d:
                    4d:3c:32:ea:a3:ff:84:3e:bf:06:c4:eb:e4:f4:11:
                    01:74:6d:cc:7c:cb:22:e5:c1:de:4c:86:61:30:b8:
                    2c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:C3:0E:C5:7A:18:A8:BB:B7:2F:3F:F9:B0:D3:C4:AD:64:C8:79:D4
            X509v3 Authority Key Identifier:
                keyid:BA:BF:27:21:A5:D7:83:35:B7:B9:7D:B6:3A:EC:43:5C:9C:A3:8B:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:07:09:6f:22:00:b3:8e:b6:ce:e5:5d:f4:a1:9b:57:e3:76:
         5e:24:d8:27:5c:81:4b:b7:cf:b5:3a:1a:83:3d:5a:06:be:5f:
         b0:81:cf:cb:23:ed:6f:bc:dd:04:55:2d:fb:27:ea:74:a7:2e:
         90:a3:b7:27:b1:03:e4:2f:49:e7:e0:89:67:5f:70:9f:f5:0c:
         0c:60:9b:42:ed:80:fb:01:c2:a0:fd:df:03:4f:be:b0:f0:1d:
         cb:78:a7:89:d5:9e:08:ce:30:91:50:25:3f:f9:a1:8f:6a:d6:
         14:a0:1f:b2:96:a5:94:7c:3c:fb:ea:d7:87:8b:4d:45:06:c5:
         16:87:13:98:db:66:c6:75:9e:5e:90:f6:ad:ac:70:d7:d9:42:
         26:d8:e8:c2:6f:da:e7:ed:5d:46:f5:c9:cd:18:7a:3b:10:f8:
         1f:4a:b3:59:8c:37:76:83:c3:5d:fa:f6:c8:cd:f5:aa:f4:2b:
         8c:0f:08:63:23:93:a0:f3:ce:2f:f3:3a:4e:02:95:90:e3:ec:
         f5:a6:9a:ba:4b:9f:e2:90:19:0a:e6:18:5d:cd:d9:d2:f0:f2:
         36:dd:4a:ec:83:65:c9:b0:9d:4b:f1:05:66:d6:86:ba:a1:dc:
         4f:4b:ed:d2:60:fd:86:97:dc:75:35:97:01:1b:70:e2:9e:ff:
         ab:02:56:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUtl6Ea7VsNDefePMfGTLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmYyNzIxYTVkNzgzMzViN2I5N2RiNjNhZWM0MzVjOWNh
MzhiYzcwHhcNMjUwODEwMTYwMDM2WhcNMjUwODExMTYwMDM2WjAzMTEwLwYDVQQD
Eyg4NGMzMGVjNTdhMThhOGJiYjcyZjNmZjliMGQzYzRhZDY0Yzg3OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOepozOXbl1FkG4a4t40NtnEXZL/
FVKyx/ChP6zxEXs3byKpayDxwRvCxdCbQo6TO0BlOurE/jdXxoNlO+fIcq6DOG+G
gObYPNtn6SAjuqVTfqMJMY4aqBivkYkd9saDDRRVqKDzxxW2Rf3gGMke3Y4qqQrp
H8v2GVW95jVXr04UxYLj9cikQNAcmc6SR4zIG0PrsPxSbEEliXd4sF2fQQhFxX/3
P/moyMLyTE+rgMvPPhiERDL08PlQfa/C1BUD2gs9V+ABSROTawA+JVzhT/34IQa/
myoimpbOfD8Lxg1NPDLqo/+EPr8GxOvk9BEBdG3MfMsi5cHeTIZhMLgsCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITDDsV6GKi7ty8/+bDTxK1kyHnUMB8GA1UdIwQY
MBaAFLq/JyGl14M1t7l9tjrsQ1yco4vHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jZmQ3YTMtNDYyNC00MGJlLWJiMjMt
ZDdiZmYxMTlmZDVkLzEvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jZmQ3YTMtNDYyNC00MGJlLWJiMjMtZDdiZmYxMTlmZDVk
LzEvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhgcJbyIA
s462zuVd9KGbV+N2XiTYJ1yBS7fPtToagz1aBr5fsIHPyyPtb7zdBFUt+yfqdKcu
kKO3J7ED5C9J5+CJZ19wn/UMDGCbQu2A+wHCoP3fA0++sPAdy3inidWeCM4wkVAl
P/mhj2rWFKAfspallHw8++rXh4tNRQbFFocTmNtmxnWeXpD2raxw19lCJtjowm/a
5+1dRvXJzRh6OxD4H0qzWYw3doPDXfr2yM31qvQrjA8IYyOToPPOL/M6TgKVkOPs
9aaaukuf4pAZCuYYXc3Z0vDyNt1K7INlybCdS/EFZtaGuqHcT0vt0mD9hpfcdTWX
ARtw4p7/qwJWGg==
-----END CERTIFICATE-----