Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
File:                     I0AYtVE7d50uHjrBqGpZO92XTKc.mft (raw, json)
Hash identifier:          kPNmUrNbahmg0JNnHkQqGghy8R2YXwSbiknPg1tnvUk=
Subject key identifier:   AF:B8:18:4B:3A:D1:45:30:0D:1B:A2:13:18:83:C2:C7:99:EB:0D:A0
Authority key identifier: 23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7
Certificate issuer:       /CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
Certificate serial:       0198745050F43ECD561162E1B48132961687
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
Manifest number:          01F8
Signing time:             Mon 04 Aug 2025 09:01:17 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:17 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:17 +0000
Files and hashes:         1: I0AYtVE7d50uHjrBqGpZO92XTKc.crl (hash: 4jdZ7m4kLV4RqDj/o22A/nJsDnakmC7P/TmjG35EuGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:50:f4:3e:cd:56:11:62:e1:b4:81:32:96:16:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
        Validity
            Not Before: Aug  4 09:01:17 2025 GMT
            Not After : Aug  5 09:01:17 2025 GMT
        Subject: CN=afb8184b3ad145300d1ba2131883c2c799eb0da0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e0:7a:52:67:15:c3:8d:c6:16:5f:04:9d:8e:
                    35:4f:b4:22:ac:21:e8:14:fa:92:65:3c:f6:a9:04:
                    91:a9:ba:89:ef:5c:79:b6:bd:53:b8:6a:34:b3:13:
                    4b:0a:35:9e:f2:4d:95:73:96:e1:5e:e3:96:7a:36:
                    cb:30:e0:79:ad:c1:fb:6a:e0:cb:1e:5e:77:f1:2a:
                    12:3f:35:57:c5:e1:7f:2f:d7:34:e8:70:d2:cf:ae:
                    85:cd:e8:1e:d6:a3:1d:6a:17:48:de:71:fe:74:db:
                    8f:ec:e8:fe:69:14:2a:1f:7c:8d:4e:44:81:25:23:
                    b4:89:e1:23:aa:65:e0:38:7c:3a:b8:46:e2:c2:39:
                    e2:47:8f:f1:6b:b8:ef:8a:41:89:e0:46:a4:1d:99:
                    8f:9c:a9:97:bb:e4:49:46:e1:27:5f:6b:16:4b:46:
                    6e:02:ab:3c:da:b7:01:37:2a:aa:7f:43:7b:e6:4d:
                    e0:0f:a8:29:04:74:ca:6e:71:e6:be:d2:1a:d6:f9:
                    98:e3:ce:bd:87:03:97:6d:a1:9a:d3:ca:31:91:a6:
                    0e:10:0c:4f:98:2b:d2:94:1b:24:a2:b4:cc:37:67:
                    b0:b6:9a:9d:51:f3:0c:58:a9:2a:78:42:e4:72:b2:
                    2e:c2:26:77:0a:8e:41:4b:9f:f0:48:d8:89:71:b6:
                    22:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:B8:18:4B:3A:D1:45:30:0D:1B:A2:13:18:83:C2:C7:99:EB:0D:A0
            X509v3 Authority Key Identifier:
                keyid:23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:72:dd:de:7f:f2:12:cb:f2:f4:c5:39:2f:65:69:39:e5:8c:
         14:b4:43:32:e6:82:f1:c9:76:67:3a:84:93:bc:70:08:b7:53:
         95:a0:68:43:70:96:70:fa:34:ef:2b:de:8e:e3:dd:50:cb:78:
         d0:e8:b4:2a:db:9e:96:86:c4:d2:d6:e0:52:40:28:8d:e2:ec:
         3e:55:e9:98:07:84:12:70:f1:38:a8:6e:ad:fc:72:e8:c7:af:
         aa:ee:9d:25:42:74:85:a3:87:42:b3:c5:b6:48:0c:ad:6c:1e:
         4a:71:50:ba:19:0d:43:05:b4:bc:66:12:61:ed:bf:f9:98:b6:
         b7:bb:3b:63:24:32:51:21:0f:9a:9a:72:24:18:42:b0:8e:8d:
         28:2d:9c:84:f1:60:aa:ab:17:39:8e:5b:5f:fc:6d:79:68:86:
         d7:c1:9c:80:c2:bd:6d:ff:ee:b2:b6:e3:ca:c0:6d:eb:c4:d9:
         98:b8:df:84:a2:06:2c:80:bd:08:88:73:d9:87:aa:7a:a6:6f:
         b4:e8:20:4f:71:c6:e2:15:ad:1f:75:db:51:52:ec:5a:71:a1:
         bc:fa:de:02:02:f9:f5:54:8b:46:c0:35:1f:39:bf:50:7a:26:
         6e:a6:b9:74:38:48:50:b8:19:75:f3:fa:5b:8f:df:3e:91:5b:
         36:b9:48:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UFD0Ps1WEWLhtIEylhaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDAxOGI1NTEzYjc3OWQyZTFlM2FjMWE4NmE1OTNiZGQ5
NzRjYTcwHhcNMjUwODA0MDkwMTE3WhcNMjUwODA1MDkwMTE3WjAzMTEwLwYDVQQD
EyhhZmI4MTg0YjNhZDE0NTMwMGQxYmEyMTMxODgzYzJjNzk5ZWIwZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+B6UmcVw43GFl8EnY41T7QirCHo
FPqSZTz2qQSRqbqJ71x5tr1TuGo0sxNLCjWe8k2Vc5bhXuOWejbLMOB5rcH7auDL
Hl538SoSPzVXxeF/L9c06HDSz66Fzege1qMdahdI3nH+dNuP7Oj+aRQqH3yNTkSB
JSO0ieEjqmXgOHw6uEbiwjniR4/xa7jvikGJ4EakHZmPnKmXu+RJRuEnX2sWS0Zu
Aqs82rcBNyqqf0N75k3gD6gpBHTKbnHmvtIa1vmY4869hwOXbaGa08oxkaYOEAxP
mCvSlBskorTMN2ewtpqdUfMMWKkqeELkcrIuwiZ3Co5BS5/wSNiJcbYiLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+4GEs60UUwDRuiExiDwseZ6w2gMB8GA1UdIwQY
MBaAFCNAGLVRO3edLh46wahqWTvdl0ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQt
YzNkNmM3YzhiYThhLzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQtYzNkNmM3YzhiYThh
LzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHLd3n/y
Esvy9MU5L2VpOeWMFLRDMuaC8cl2ZzqEk7xwCLdTlaBoQ3CWcPo07yvejuPdUMt4
0Oi0KtuelobE0tbgUkAojeLsPlXpmAeEEnDxOKhurfxy6Mevqu6dJUJ0haOHQrPF
tkgMrWweSnFQuhkNQwW0vGYSYe2/+Zi2t7s7YyQyUSEPmppyJBhCsI6NKC2chPFg
qqsXOY5bX/xteWiG18GcgMK9bf/usrbjysBt68TZmLjfhKIGLIC9CIhz2YeqeqZv
tOggT3HG4hWtH3XbUVLsWnGhvPreAgL59VSLRsA1Hzm/UHombqa5dDhIULgZdfP6
W4/fPpFbNrlIhw==
-----END CERTIFICATE-----