Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          rxjtnawN6AlSlEMm4g17LjaeODi4nrnWDsJCFeS5Mw0=
Subject key identifier:   36:DF:80:56:97:0C:77:EF:5A:E5:AB:71:5A:61:5D:E1:A2:7F:A8:93
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       0198A04E5939D91FF4D30C76F717D6FBDF23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          087E
Signing time:             Tue 12 Aug 2025 22:02:25 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:25 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:25 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: 6ps4pHTfHXpjlnSGMVeweqrKuLc9Ush7nbDNxe5ARPk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:59:39:d9:1f:f4:d3:0c:76:f7:17:d6:fb:df:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Aug 12 22:02:25 2025 GMT
            Not After : Aug 13 22:02:25 2025 GMT
        Subject: CN=36df8056970c77ef5ae5ab715a615de1a27fa893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3d:c1:37:98:f6:99:09:9b:24:4b:ec:1c:55:
                    07:d3:63:68:cc:e3:6f:3c:f1:e5:26:2b:fc:7b:ad:
                    68:53:88:1b:e2:a9:21:66:f3:a1:4e:d5:c3:a2:11:
                    ad:cf:52:7f:cf:71:e1:2f:34:31:9f:4a:b9:6c:f0:
                    9e:73:2e:0b:6c:9c:34:30:e4:4d:e1:08:a9:22:7a:
                    40:3b:4e:d3:72:87:3d:1d:ed:0c:e6:e2:fe:25:94:
                    15:a9:05:b4:58:fa:c8:7d:10:e6:8b:45:b8:31:3b:
                    49:71:8f:d3:09:16:42:26:39:c6:22:84:d6:39:f4:
                    5a:8a:10:b4:c9:ce:f0:bd:27:d0:9c:e6:4a:8c:4e:
                    c3:d4:8f:52:e8:1b:76:e1:d8:b8:d2:6e:0f:54:7f:
                    07:f8:23:02:88:05:c9:47:9f:d1:91:8d:ba:d9:db:
                    e4:3f:da:7d:16:fb:11:ac:a7:0c:e9:9c:34:ac:75:
                    2f:b2:0d:12:2b:b2:9f:e6:fa:7a:4a:ef:dc:91:c9:
                    44:05:fc:46:19:2a:d0:3c:90:89:c5:16:56:ef:e6:
                    7d:a6:9e:af:46:b9:50:9a:2e:fc:a5:be:54:43:61:
                    bb:5f:dc:b9:07:fd:dc:6b:e8:a3:89:3b:92:30:63:
                    a0:38:59:08:99:d3:c5:85:9d:29:98:64:27:ed:d7:
                    5f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:DF:80:56:97:0C:77:EF:5A:E5:AB:71:5A:61:5D:E1:A2:7F:A8:93
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:37:eb:50:64:ae:41:7a:fd:58:32:8d:45:61:c2:09:7b:c4:
         f8:f0:7a:e2:ea:42:e0:71:9d:5d:3a:27:3d:5a:b0:fe:9a:54:
         1d:0f:9b:e5:61:f6:cf:af:87:9d:19:8f:c7:a9:51:4a:0f:6b:
         d0:67:5e:11:83:1d:d3:28:b8:14:31:25:27:f1:b7:d0:10:cb:
         25:d2:85:89:f4:dc:e8:bc:52:2c:6e:30:08:d6:83:db:2e:cb:
         d8:c9:03:64:42:46:00:ad:0c:a3:94:6d:6f:e4:5f:3d:0b:89:
         dd:0e:f4:ae:bf:a2:64:31:0c:60:22:92:c6:15:8c:54:20:41:
         44:57:76:e3:83:dd:1c:f0:90:91:fd:28:30:40:d9:b7:f8:28:
         38:f1:4a:81:7e:21:ad:ef:ce:4f:08:87:b6:72:27:0d:22:03:
         51:c7:78:72:08:dd:04:0d:e2:fb:3e:7d:aa:c1:f9:0e:d5:09:
         71:f2:df:59:c2:79:04:1d:79:c3:f6:db:90:d5:6e:cc:17:6f:
         1e:ee:2f:54:35:70:72:de:3a:4b:70:81:5b:6a:33:83:5c:25:
         02:99:86:b2:b9:b1:da:99:c7:3a:56:1f:50:b3:ca:18:f4:e8:
         87:ec:a1:8b:20:38:e6:b8:40:cd:dd:e1:93:d1:e2:d7:4f:17:
         61:4f:19:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTlk52R/00wx29xfW+98jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUwODEyMjIwMjI1WhcNMjUwODEzMjIwMjI1WjAzMTEwLwYDVQQD
EygzNmRmODA1Njk3MGM3N2VmNWFlNWFiNzE1YTYxNWRlMWEyN2ZhODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT3BN5j2mQmbJEvsHFUH02NozONv
PPHlJiv8e61oU4gb4qkhZvOhTtXDohGtz1J/z3HhLzQxn0q5bPCecy4LbJw0MORN
4QipInpAO07Tcoc9He0M5uL+JZQVqQW0WPrIfRDmi0W4MTtJcY/TCRZCJjnGIoTW
OfRaihC0yc7wvSfQnOZKjE7D1I9S6Bt24di40m4PVH8H+CMCiAXJR5/RkY262dvk
P9p9FvsRrKcM6Zw0rHUvsg0SK7Kf5vp6Su/ckclEBfxGGSrQPJCJxRZW7+Z9pp6v
RrlQmi78pb5UQ2G7X9y5B/3ca+ijiTuSMGOgOFkImdPFhZ0pmGQn7ddfWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbfgFaXDHfvWuWrcVphXeGif6iTMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeTfrUGSu
QXr9WDKNRWHCCXvE+PB64upC4HGdXTonPVqw/ppUHQ+b5WH2z6+HnRmPx6lRSg9r
0GdeEYMd0yi4FDElJ/G30BDLJdKFifTc6LxSLG4wCNaD2y7L2MkDZEJGAK0Mo5Rt
b+RfPQuJ3Q70rr+iZDEMYCKSxhWMVCBBRFd244PdHPCQkf0oMEDZt/goOPFKgX4h
re/OTwiHtnInDSIDUcd4cgjdBA3i+z59qsH5DtUJcfLfWcJ5BB15w/bbkNVuzBdv
Hu4vVDVwct46S3CBW2ozg1wlApmGsrmx2pnHOlYfULPKGPToh+yhiyA45rhAzd3h
k9Hi108XYU8ZJA==
-----END CERTIFICATE-----