Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          LqPeCs7aWiUz0zjeR7kNHg43JJyanwFTNUH6yPelzts=
Subject key identifier:   64:95:42:5B:7A:C1:9E:C7:9D:D6:F0:79:59:1C:87:34:C4:DD:2F:7B
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0198752B9CC9CD6F0D17EB2B1276B6BDA418
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          09D7
Signing time:             Mon 04 Aug 2025 13:00:48 +0000
Manifest this update:     Mon 04 Aug 2025 13:00:48 +0000
Manifest next update:     Tue 05 Aug 2025 13:00:48 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: w/iKpg+/VSyulTNhUr1jSXKM3LMZyWGyPfIbg/DCHp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:9c:c9:cd:6f:0d:17:eb:2b:12:76:b6:bd:a4:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Aug  4 13:00:48 2025 GMT
            Not After : Aug  5 13:00:48 2025 GMT
        Subject: CN=6495425b7ac19ec79dd6f079591c8734c4dd2f7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:e9:2c:ad:d8:58:af:01:6d:fa:b3:57:c7:dd:
                    c9:ff:e7:57:52:23:37:77:66:1b:cc:73:b1:20:3d:
                    1f:b6:d0:95:28:41:0d:53:7f:9d:71:82:bf:4f:3e:
                    b8:44:f3:61:e8:04:59:b9:8d:e8:c1:c1:da:f7:64:
                    74:74:ab:c3:41:bb:b9:e9:0a:ce:34:2f:c0:d1:89:
                    8a:fe:52:3f:b6:a2:cd:95:df:0c:35:9a:72:97:89:
                    c2:bf:1c:55:68:ad:4b:09:21:a4:fe:ea:73:75:b9:
                    6a:16:43:fe:fd:82:cc:c6:10:18:c2:25:a0:14:2e:
                    cf:98:9f:f8:ee:29:d1:87:bf:05:a3:47:31:06:15:
                    a8:d8:51:6f:27:80:d9:31:3a:04:c7:a6:ce:23:d4:
                    5c:69:d5:70:a6:15:c3:bd:1e:f1:b4:e3:8c:38:16:
                    b4:ec:b3:c0:c1:04:c6:f8:8f:e3:a1:27:3a:c7:36:
                    31:38:0f:ba:a5:f1:19:28:a6:18:c0:ea:5b:2b:63:
                    ae:43:a8:86:73:a5:59:24:39:83:3d:00:73:e6:6a:
                    d6:44:22:d7:52:27:26:82:ee:40:f5:9b:81:de:4b:
                    bb:25:21:4d:1b:b7:d0:ab:6c:46:12:86:b1:6e:00:
                    42:16:c3:b9:16:d8:88:e9:41:bb:c2:f6:ec:26:fe:
                    b8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:95:42:5B:7A:C1:9E:C7:9D:D6:F0:79:59:1C:87:34:C4:DD:2F:7B
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:c5:d9:f0:33:45:61:9b:6c:a6:df:2c:3b:88:17:3b:8f:f5:
         5f:7b:b6:40:93:f6:ee:7a:13:d0:cd:c7:8a:7d:a4:f0:4e:7f:
         ae:91:fa:0b:33:49:bb:c6:5b:63:0f:34:84:51:1c:8d:65:97:
         e9:80:b4:11:f9:38:66:09:c8:e3:08:74:40:76:02:75:cc:69:
         a8:dd:bc:ff:f4:c0:9c:98:f5:44:e7:94:b5:15:65:66:c3:18:
         ce:60:5a:0f:be:db:f6:b0:71:51:e9:40:53:49:92:53:64:d0:
         48:d8:28:76:31:d6:88:f5:88:52:69:9c:60:a2:7e:d2:85:d4:
         94:a3:48:fe:00:c4:b7:38:22:30:df:86:96:b1:ae:53:ba:72:
         80:07:e1:e1:ed:d3:56:4f:bb:b3:ea:6a:ae:37:72:1c:ec:88:
         00:ce:59:d5:e8:ef:c9:21:dd:6c:75:97:e2:86:57:74:72:0a:
         fb:cf:67:ac:70:5c:ae:88:f9:2a:07:e5:60:cc:b1:d6:82:e8:
         ed:56:46:54:14:09:96:f4:63:62:81:d1:34:c5:69:50:a8:76:
         95:5c:98:68:c2:e9:74:d0:63:12:67:1a:f7:b8:a6:4f:45:75:
         ba:5b:ab:75:2a:d5:be:8e:96:ec:b2:6c:61:d6:79:b6:5e:70:
         37:0d:3f:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K5zJzW8NF+srEna2vaQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwODA0MTMwMDQ4WhcNMjUwODA1MTMwMDQ4WjAzMTEwLwYDVQQD
Eyg2NDk1NDI1YjdhYzE5ZWM3OWRkNmYwNzk1OTFjODczNGM0ZGQyZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uksrdhYrwFt+rNXx93J/+dXUiM3
d2YbzHOxID0fttCVKEENU3+dcYK/Tz64RPNh6ARZuY3owcHa92R0dKvDQbu56QrO
NC/A0YmK/lI/tqLNld8MNZpyl4nCvxxVaK1LCSGk/upzdblqFkP+/YLMxhAYwiWg
FC7PmJ/47inRh78Fo0cxBhWo2FFvJ4DZMToEx6bOI9RcadVwphXDvR7xtOOMOBa0
7LPAwQTG+I/joSc6xzYxOA+6pfEZKKYYwOpbK2OuQ6iGc6VZJDmDPQBz5mrWRCLX
Uicmgu5A9ZuB3ku7JSFNG7fQq2xGEoaxbgBCFsO5FtiI6UG7wvbsJv64cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSVQlt6wZ7HndbweVkchzTE3S97MB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOMXZ8DNF
YZtspt8sO4gXO4/1X3u2QJP27noT0M3Hin2k8E5/rpH6CzNJu8ZbYw80hFEcjWWX
6YC0Efk4ZgnI4wh0QHYCdcxpqN28//TAnJj1ROeUtRVlZsMYzmBaD77b9rBxUelA
U0mSU2TQSNgodjHWiPWIUmmcYKJ+0oXUlKNI/gDEtzgiMN+GlrGuU7pygAfh4e3T
Vk+7s+pqrjdyHOyIAM5Z1ejvySHdbHWX4oZXdHIK+89nrHBcroj5KgflYMyx1oLo
7VZGVBQJlvRjYoHRNMVpUKh2lVyYaMLpdNBjEmca97imT0V1ulurdSrVvo6W7LJs
YdZ5tl5wNw0/jg==
-----END CERTIFICATE-----