Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
File:                     hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft (raw, json)
Hash identifier:          2OCko8PiZtlyjlQnbHN9B6xFblhD41ErPh3aNO5L1jI=
Subject key identifier:   1F:CF:15:99:14:93:C2:47:05:83:1E:F1:56:CC:E0:71:5B:07:4A:A8
Authority key identifier: 84:99:B6:6A:26:99:6E:BD:5C:AB:0C:2E:C3:B6:7C:02:5B:F1:09:4E
Certificate issuer:       /CN=8499b66a26996ebd5cab0c2ec3b67c025bf1094e
Certificate serial:       0198752B759BB0325D0386C88A1379361E4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
Manifest number:          0149
Signing time:             Mon 04 Aug 2025 13:00:38 +0000
Manifest this update:     Mon 04 Aug 2025 13:00:38 +0000
Manifest next update:     Tue 05 Aug 2025 13:00:38 +0000
Files and hashes:         1: hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl (hash: 28OzILpT91pigLUCFxLD8S2DBmmaf4atbbkowqthgRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:75:9b:b0:32:5d:03:86:c8:8a:13:79:36:1e:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8499b66a26996ebd5cab0c2ec3b67c025bf1094e
        Validity
            Not Before: Aug  4 13:00:38 2025 GMT
            Not After : Aug  5 13:00:38 2025 GMT
        Subject: CN=1fcf15991493c24705831ef156cce0715b074aa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:14:b9:10:a3:48:22:35:59:02:71:67:e5:
                    7f:76:67:8b:d4:52:61:4e:59:e4:b4:2d:5c:51:71:
                    3f:d9:74:2c:64:de:99:6d:96:55:3a:28:b1:0b:9f:
                    81:63:e0:e2:76:55:f5:70:ed:45:f4:fe:80:d9:5d:
                    e1:38:06:32:3c:9c:d5:35:31:86:c6:09:ca:c8:d0:
                    0b:09:9d:be:f4:ff:a1:14:de:db:53:ba:18:e5:1e:
                    6d:9d:c8:83:21:bb:eb:d8:ee:d0:7b:29:a5:82:f4:
                    04:9b:56:55:98:94:1f:2a:e8:a4:71:34:de:40:a5:
                    04:30:42:ae:f4:38:d8:b1:af:b7:5c:a9:ab:3d:09:
                    dd:9d:25:3f:0b:75:1f:fd:9c:c5:4d:c5:f6:0b:bf:
                    25:24:fe:33:a1:72:d6:00:dd:4f:9d:66:30:3e:2e:
                    a1:d6:9c:17:2f:59:5b:c6:6d:f4:c4:3a:c1:ee:46:
                    a8:0e:fc:c9:86:8b:fb:d8:a1:48:3c:3f:d8:b9:5e:
                    e4:17:a5:10:d3:ab:46:83:7b:3e:3f:4c:a8:6e:ca:
                    58:a0:8b:d5:04:88:19:ac:1a:cc:69:f1:5e:87:ce:
                    1e:84:2f:be:43:53:96:96:24:06:c7:76:ef:97:c4:
                    55:57:00:cf:52:74:3e:75:2b:fa:d5:b8:1e:c7:36:
                    56:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:CF:15:99:14:93:C2:47:05:83:1E:F1:56:CC:E0:71:5B:07:4A:A8
            X509v3 Authority Key Identifier:
                keyid:84:99:B6:6A:26:99:6E:BD:5C:AB:0C:2E:C3:B6:7C:02:5B:F1:09:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:3b:49:cd:a2:ad:0b:a8:41:5a:68:ed:b1:7b:a0:88:21:e3:
         81:73:b9:41:e8:d4:00:cd:ac:cd:af:ca:15:aa:cc:bd:7d:92:
         6c:10:25:30:01:d8:22:ec:f6:12:86:36:0d:58:32:b4:81:b9:
         93:38:d3:29:3b:3f:76:4d:76:a8:a0:58:4d:f8:7d:e5:51:79:
         d9:2b:e7:64:68:c8:1e:a9:b9:28:5b:46:56:2e:06:22:6e:eb:
         f3:69:24:9e:fe:19:ce:fe:5b:11:87:0e:8e:c0:dd:21:73:7a:
         26:76:6e:0c:fc:01:55:c2:d0:0a:36:27:fd:c1:7c:54:93:cb:
         15:fc:4f:bb:ed:62:3f:ed:85:f7:87:db:16:3d:6d:c0:02:65:
         6d:5f:8b:f1:9c:b9:20:d7:c1:d6:c9:69:ac:62:ac:26:f3:49:
         ce:ec:3e:24:11:72:f2:34:ab:ec:6d:8f:f5:90:17:9c:66:0f:
         7e:5b:ac:35:6e:0a:c6:87:d2:4a:7d:3b:7d:05:fc:6e:70:0a:
         a1:0b:98:80:1f:ce:87:ea:3b:09:46:2b:c1:04:7e:af:4f:1e:
         98:60:96:f4:f1:3a:19:af:1b:d9:e8:2b:df:60:6a:eb:d1:58:
         4c:6e:3e:73:15:6d:6d:c8:a2:fe:84:47:c2:83:f4:5f:8d:e1:
         37:c8:0f:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K3WbsDJdA4bIihN5Nh5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OTliNjZhMjY5OTZlYmQ1Y2FiMGMyZWMzYjY3YzAyNWJm
MTA5NGUwHhcNMjUwODA0MTMwMDM4WhcNMjUwODA1MTMwMDM4WjAzMTEwLwYDVQQD
EygxZmNmMTU5OTE0OTNjMjQ3MDU4MzFlZjE1NmNjZTA3MTViMDc0YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1EUuRCjSCI1WQJxZ+V/dmeL1FJh
TlnktC1cUXE/2XQsZN6ZbZZVOiixC5+BY+DidlX1cO1F9P6A2V3hOAYyPJzVNTGG
xgnKyNALCZ2+9P+hFN7bU7oY5R5tnciDIbvr2O7QeymlgvQEm1ZVmJQfKuikcTTe
QKUEMEKu9DjYsa+3XKmrPQndnSU/C3Uf/ZzFTcX2C78lJP4zoXLWAN1PnWYwPi6h
1pwXL1lbxm30xDrB7kaoDvzJhov72KFIPD/YuV7kF6UQ06tGg3s+P0yobspYoIvV
BIgZrBrMafFeh84ehC++Q1OWliQGx3bvl8RVVwDPUnQ+dSv61bgexzZWmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/PFZkUk8JHBYMe8VbM4HFbB0qoMB8GA1UdIwQY
MBaAFISZtmommW69XKsMLsO2fAJb8QlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wMWJkYWUtODZjNS00YzE1LWE5OTgt
NWM5ZjliYjJkYjExLzEvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wMWJkYWUtODZjNS00YzE1LWE5OTgtNWM5ZjliYjJkYjEx
LzEvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEjtJzaKt
C6hBWmjtsXugiCHjgXO5QejUAM2sza/KFarMvX2SbBAlMAHYIuz2EoY2DVgytIG5
kzjTKTs/dk12qKBYTfh95VF52SvnZGjIHqm5KFtGVi4GIm7r82kknv4Zzv5bEYcO
jsDdIXN6JnZuDPwBVcLQCjYn/cF8VJPLFfxPu+1iP+2F94fbFj1twAJlbV+L8Zy5
INfB1slprGKsJvNJzuw+JBFy8jSr7G2P9ZAXnGYPflusNW4KxofSSn07fQX8bnAK
oQuYgB/Oh+o7CUYrwQR+r08emGCW9PE6Ga8b2egr32Bq69FYTG4+cxVtbcii/oRH
woP0X43hN8gPtQ==
-----END CERTIFICATE-----