Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File:                     0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier:          NDB/YE1qgfpU8oSwGJWfk8wkCVMCNxEh6P9bMncrAbo=
Subject key identifier:   21:FF:E2:A7:3F:D5:2B:43:2F:B2:36:F3:A1:D5:D1:29:0F:FB:FF:13
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer:       /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial:       019897EED5EB213C04FCC15AF5288725F6A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number:          0131
Signing time:             Mon 11 Aug 2025 07:01:08 +0000
Manifest this update:     Mon 11 Aug 2025 07:01:08 +0000
Manifest next update:     Tue 12 Aug 2025 07:01:08 +0000
Files and hashes:         1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: h5uwUsGqfET+QcUVGndMwKpnddH+qSAr2e7KkxaDqOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:ee:d5:eb:21:3c:04:fc:c1:5a:f5:28:87:25:f6:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
        Validity
            Not Before: Aug 11 07:01:08 2025 GMT
            Not After : Aug 12 07:01:08 2025 GMT
        Subject: CN=21ffe2a73fd52b432fb236f3a1d5d1290ffbff13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c9:ca:f4:87:de:3f:cc:62:74:b2:7e:a5:8a:
                    99:23:ce:16:e2:a5:3c:47:78:23:f8:77:57:64:d1:
                    b2:e5:35:d5:a9:1b:58:e5:90:6f:9c:bc:88:e3:88:
                    50:d3:b3:c7:95:58:ef:2f:3e:3b:7e:d1:d2:2d:03:
                    09:7e:f9:87:0e:c6:a7:c8:97:ff:fa:98:62:ba:66:
                    b9:4c:6e:53:dd:69:91:5d:fa:1e:88:01:51:14:a4:
                    03:b1:67:67:a0:00:4f:e8:52:37:31:81:08:34:0e:
                    04:30:64:4e:1e:9f:f1:5e:fb:0f:4a:92:ec:eb:9a:
                    2e:42:85:29:f5:25:60:fa:f4:d6:f6:4c:e6:e2:e6:
                    3c:1d:d3:07:42:1f:d4:21:cd:6f:60:9c:55:d6:e8:
                    77:b3:b6:9c:1a:da:ef:48:9c:bc:32:77:94:6e:69:
                    f6:49:5d:4f:45:97:ba:19:2e:85:f0:14:e1:5f:85:
                    21:e7:5b:ab:cc:aa:d4:31:95:69:12:71:b0:0a:62:
                    89:f4:1a:fa:1d:dd:d7:69:92:04:02:23:4d:19:29:
                    43:eb:cc:89:e3:71:f3:2d:a7:3d:5e:d2:0a:0a:00:
                    13:aa:ea:00:10:ea:fb:5c:44:46:8f:3e:ae:8e:71:
                    6b:5b:08:ec:d4:a5:ca:16:e0:27:82:af:fb:7b:50:
                    22:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:FF:E2:A7:3F:D5:2B:43:2F:B2:36:F3:A1:D5:D1:29:0F:FB:FF:13
            X509v3 Authority Key Identifier:
                keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:14:1b:ad:0b:76:fb:64:63:9f:a8:b8:44:78:07:c1:69:95:
         6a:66:93:43:0f:75:83:4d:66:d8:82:2a:6e:9e:84:e4:e9:1b:
         4a:0f:45:dc:05:3b:b5:17:ff:54:1e:99:e4:75:3f:0b:b5:43:
         29:ee:a5:c8:59:4a:21:f4:e6:c2:e3:87:61:32:06:e9:5a:a4:
         6a:ed:70:c2:23:e9:3b:e9:2c:0d:e8:33:04:25:c1:ce:2a:47:
         9a:df:fe:43:8e:48:86:05:89:1f:b7:b0:f1:59:31:27:c3:73:
         e4:ec:3c:30:7a:0c:a9:d3:0d:a5:60:c7:bb:60:e0:ab:36:b9:
         3e:7f:e2:f3:06:c5:d3:48:06:56:77:54:cc:dc:8d:ff:49:e1:
         b5:3b:fd:95:a8:31:56:9e:86:be:0f:8a:72:40:6d:25:e1:5b:
         55:9e:9d:29:30:36:5c:0b:cb:4f:a6:2e:e6:15:1c:c2:f1:35:
         99:2c:79:17:ec:09:33:dd:8b:44:a2:65:47:98:84:9f:0a:58:
         37:71:be:86:2f:f5:62:cd:2f:ae:38:94:14:a2:de:95:57:50:
         6c:94:85:e2:b0:bd:26:9d:84:58:aa:e5:08:09:cc:50:f1:c2:
         74:fd:29:e1:d5:f8:b0:c5:31:8c:f7:d9:9e:0b:cf:7f:d7:92:
         03:06:ff:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiX7tXrITwE/MFa9SiHJfahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjUwODExMDcwMTA4WhcNMjUwODEyMDcwMTA4WjAzMTEwLwYDVQQD
EygyMWZmZTJhNzNmZDUyYjQzMmZiMjM2ZjNhMWQ1ZDEyOTBmZmJmZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysnK9IfeP8xidLJ+pYqZI84W4qU8
R3gj+HdXZNGy5TXVqRtY5ZBvnLyI44hQ07PHlVjvLz47ftHSLQMJfvmHDsanyJf/
+phiuma5TG5T3WmRXfoeiAFRFKQDsWdnoABP6FI3MYEINA4EMGROHp/xXvsPSpLs
65ouQoUp9SVg+vTW9kzm4uY8HdMHQh/UIc1vYJxV1uh3s7acGtrvSJy8MneUbmn2
SV1PRZe6GS6F8BThX4Uh51urzKrUMZVpEnGwCmKJ9Br6Hd3XaZIEAiNNGSlD68yJ
43HzLac9XtIKCgATquoAEOr7XERGjz6ujnFrWwjs1KXKFuAngq/7e1AirQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH/4qc/1StDL7I286HV0SkP+/8TMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARQbrQt2
+2Rjn6i4RHgHwWmVamaTQw91g01m2IIqbp6E5OkbSg9F3AU7tRf/VB6Z5HU/C7VD
Ke6lyFlKIfTmwuOHYTIG6Vqkau1wwiPpO+ksDegzBCXBzipHmt/+Q45IhgWJH7ew
8VkxJ8Nz5Ow8MHoMqdMNpWDHu2Dgqza5Pn/i8wbF00gGVndUzNyN/0nhtTv9lagx
Vp6Gvg+KckBtJeFbVZ6dKTA2XAvLT6Yu5hUcwvE1mSx5F+wJM92LRKJlR5iEnwpY
N3G+hi/1Ys0vrjiUFKLelVdQbJSF4rC9Jp2EWKrlCAnMUPHCdP0p4dX4sMUxjPfZ
ngvPf9eSAwb/uA==
-----END CERTIFICATE-----