Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
File:                     EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft (raw, json)
Hash identifier:          atKPvmNHaFJWGzmahZXuFLamGO9takLUyJPSsMiVddc=
Subject key identifier:   AC:C2:C7:02:48:08:BA:46:33:65:69:05:FC:97:92:D5:F2:16:D0:B9
Authority key identifier: 10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D
Certificate issuer:       /CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
Certificate serial:       01988F8FE65E104F5A8D7ED161B9EF3260CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
Manifest number:          1621
Signing time:             Sat 09 Aug 2025 16:00:29 +0000
Manifest this update:     Sat 09 Aug 2025 16:00:29 +0000
Manifest next update:     Sun 10 Aug 2025 16:00:29 +0000
Files and hashes:         1: EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl (hash: Y8f3HaZySFTPnQO7a0Jv+gtDUxd2vA59XziWfecyLP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:8f:e6:5e:10:4f:5a:8d:7e:d1:61:b9:ef:32:60:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
        Validity
            Not Before: Aug  9 16:00:29 2025 GMT
            Not After : Aug 10 16:00:29 2025 GMT
        Subject: CN=acc2c7024808ba4633656905fc9792d5f216d0b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:74:32:47:6d:23:c5:1d:ee:1e:e3:9d:94:7c:
                    e4:88:fe:3f:12:96:81:4a:99:9b:58:94:58:73:d3:
                    ac:70:de:fc:86:35:ae:46:ac:f2:9d:f3:ca:a1:6f:
                    72:04:2d:18:bd:8e:8f:d2:d2:31:cd:f8:e1:e6:ab:
                    23:ee:7d:95:92:56:27:95:39:06:99:6d:39:d4:bb:
                    93:e8:27:48:20:cd:f5:73:cf:de:47:b4:b7:97:d4:
                    87:61:5d:69:e7:dd:bf:57:26:54:07:c7:31:e8:93:
                    00:58:e8:58:1f:31:44:3f:c8:81:05:f5:db:08:c1:
                    2c:23:11:5b:12:4f:7d:f6:56:7a:56:15:e2:7b:5b:
                    be:6d:77:be:7b:c5:2a:84:c1:dc:a8:b1:ca:c9:0b:
                    73:27:c9:6f:bb:41:e8:10:af:8e:87:d7:e7:02:a6:
                    80:e2:a4:b1:be:ee:e8:f7:e4:10:be:39:1f:ae:c5:
                    7f:46:46:b4:5c:29:0c:54:33:3e:7d:60:97:1b:18:
                    ed:13:f3:73:52:c8:31:e4:b5:4f:f3:8e:44:63:dd:
                    cc:22:3e:1b:80:ba:eb:c3:66:86:e5:8a:70:2b:30:
                    0a:c9:88:6e:2b:77:5d:7e:bc:75:9d:40:44:fe:88:
                    0f:cd:96:8b:34:da:12:9b:9b:25:cf:57:69:46:b8:
                    bb:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C2:C7:02:48:08:BA:46:33:65:69:05:FC:97:92:D5:F2:16:D0:B9
            X509v3 Authority Key Identifier:
                keyid:10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:aa:b1:05:6c:5d:0d:43:fb:7c:c8:5e:65:52:03:73:ab:b7:
         19:92:ec:b5:c2:da:39:fd:6f:59:86:f4:f7:f3:51:44:2d:aa:
         83:6f:c5:4e:19:6f:8a:d7:92:0e:23:ca:74:d3:76:dd:b5:d8:
         44:a9:f6:6c:46:fa:60:f2:80:42:62:91:2c:5a:6b:5e:40:8e:
         79:e2:7a:5b:4c:ca:9a:d1:9b:09:ff:f9:a1:9c:7a:13:0a:53:
         29:65:f1:9f:4f:36:2e:e4:06:a5:42:bd:5f:9a:c3:3a:b9:53:
         26:29:89:46:1d:7e:70:8b:e4:f6:ea:91:56:9a:1a:bb:8b:a3:
         bd:0f:73:e4:e3:d8:22:a2:96:a8:00:cd:22:3c:c2:7e:ca:08:
         c2:02:4e:a8:48:e2:6f:7e:0d:1f:cd:7a:dc:07:97:9b:63:cb:
         5c:d0:10:cf:1b:06:e0:31:72:7f:a9:7a:ef:2a:a7:88:97:fd:
         b2:5a:31:35:2f:6d:3f:46:6e:cc:3d:1c:3e:0f:9b:3e:7c:39:
         ca:65:82:72:b4:4e:e3:df:12:d9:a5:c4:1e:1e:60:08:15:68:
         2e:3b:a2:43:ed:fd:a4:a3:4e:ca:a4:4b:4b:b2:71:6f:14:54:
         5c:f7:be:c4:54:ed:16:21:a8:37:a6:62:2d:f3:c3:c9:16:48:
         5e:d9:fd:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPj+ZeEE9ajX7RYbnvMmDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTMwZDAwNDliYTg3MDA0Y2NjOWU1YmU1MjZjMzUwY2M4
M2ZhOGQwHhcNMjUwODA5MTYwMDI5WhcNMjUwODEwMTYwMDI5WjAzMTEwLwYDVQQD
EyhhY2MyYzcwMjQ4MDhiYTQ2MzM2NTY5MDVmYzk3OTJkNWYyMTZkMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nQyR20jxR3uHuOdlHzkiP4/EpaB
SpmbWJRYc9OscN78hjWuRqzynfPKoW9yBC0YvY6P0tIxzfjh5qsj7n2VklYnlTkG
mW051LuT6CdIIM31c8/eR7S3l9SHYV1p592/VyZUB8cx6JMAWOhYHzFEP8iBBfXb
CMEsIxFbEk999lZ6VhXie1u+bXe+e8UqhMHcqLHKyQtzJ8lvu0HoEK+Oh9fnAqaA
4qSxvu7o9+QQvjkfrsV/Rka0XCkMVDM+fWCXGxjtE/NzUsgx5LVP845EY93MIj4b
gLrrw2aG5YpwKzAKyYhuK3ddfrx1nUBE/ogPzZaLNNoSm5slz1dpRri7DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzCxwJICLpGM2VpBfyXktXyFtC5MB8GA1UdIwQY
MBaAFBCTDQBJuocATMyeW+Umw1DMg/qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYt
NTcyZWRiNTcwZjdlLzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYtNTcyZWRiNTcwZjdl
LzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6qxBWxd
DUP7fMheZVIDc6u3GZLstcLaOf1vWYb09/NRRC2qg2/FThlviteSDiPKdNN23bXY
RKn2bEb6YPKAQmKRLFprXkCOeeJ6W0zKmtGbCf/5oZx6EwpTKWXxn082LuQGpUK9
X5rDOrlTJimJRh1+cIvk9uqRVpoau4ujvQ9z5OPYIqKWqADNIjzCfsoIwgJOqEji
b34NH8163AeXm2PLXNAQzxsG4DFyf6l67yqniJf9sloxNS9tP0ZuzD0cPg+bPnw5
ymWCcrRO498S2aXEHh5gCBVoLjuiQ+39pKNOyqRLS7JxbxRUXPe+xFTtFiGoN6Zi
LfPDyRZIXtn9ug==
-----END CERTIFICATE-----