Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          k+Q44VgZATFmsm1lShhUGrI4POhlS2o0yqFI7qvrjbk=
Subject key identifier:   A4:71:98:3E:0C:F4:C0:36:70:6B:9C:3D:2D:7C:05:92:B1:0C:A2:AD
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       01988167F86ED702C9E44DD8C3F9C5628332
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0CFE
Signing time:             Wed 06 Aug 2025 22:02:11 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:11 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:11 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: ds3COm1EXrFC5Pll0TXUNGScAXc+A2x029uQA4aUR1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:f8:6e:d7:02:c9:e4:4d:d8:c3:f9:c5:62:83:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Aug  6 22:02:11 2025 GMT
            Not After : Aug  7 22:02:11 2025 GMT
        Subject: CN=a471983e0cf4c036706b9c3d2d7c0592b10ca2ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cc:68:7b:51:17:92:5d:cf:f8:36:8c:23:fb:
                    5a:37:c9:a5:0d:37:ca:1d:f2:bf:7b:b1:68:5f:36:
                    d2:13:93:de:67:47:3c:72:19:8a:b3:1c:14:a5:26:
                    be:18:45:62:c9:38:d7:d8:33:79:70:83:d2:42:13:
                    65:f3:59:fe:28:41:93:dc:1b:66:fa:85:ca:5f:57:
                    09:f8:81:ad:c5:70:aa:c2:d5:94:35:3c:e4:4c:4f:
                    18:ac:c5:ca:19:54:e8:8b:8a:f3:eb:38:c0:80:eb:
                    fa:34:5b:4f:6e:b0:87:b0:21:99:dc:80:44:c5:ee:
                    5d:8b:3f:92:df:43:24:15:93:e4:b7:22:b9:e1:d2:
                    40:03:81:1a:8e:b5:14:b5:03:67:d5:44:65:1d:c9:
                    6d:08:8b:e5:fe:fc:25:ab:44:c0:1c:39:39:42:97:
                    00:a6:3a:ca:dd:9d:4c:14:1c:15:a9:6d:77:d0:ba:
                    dc:5d:50:33:40:85:e4:9e:08:2c:7e:a4:07:37:16:
                    c8:ea:c7:76:15:20:6b:94:95:65:0c:8d:72:8e:3b:
                    73:c7:32:a7:f5:b9:7c:c4:2f:ad:31:2f:9b:c3:e8:
                    0e:df:cc:14:84:d9:5e:e4:5a:6a:97:a0:f8:fe:43:
                    1b:56:79:06:bf:09:4d:37:e9:ba:b2:81:45:a0:c0:
                    e9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:71:98:3E:0C:F4:C0:36:70:6B:9C:3D:2D:7C:05:92:B1:0C:A2:AD
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:6a:ed:d0:b8:88:27:21:33:4f:01:96:5d:23:ee:c0:6e:49:
         ca:fa:3f:c5:cd:c7:a8:33:fe:c0:78:44:ce:af:54:5c:e8:18:
         06:8c:15:5d:10:36:26:2f:3c:ca:a4:a7:50:45:f1:3b:53:1e:
         48:97:d5:a6:d0:3a:3e:2e:13:bc:56:cd:62:77:77:4f:2d:21:
         3d:b0:b0:d3:76:48:f4:64:c6:17:3c:d8:e3:c3:aa:13:58:f8:
         1b:56:4c:fa:25:43:bf:a2:12:a5:18:14:ae:de:97:76:f9:68:
         46:c5:81:e7:0f:06:c5:2e:b4:71:97:93:83:ba:d9:2b:c0:dd:
         63:75:6b:0b:e4:59:c1:4d:27:3e:da:95:32:d5:68:4f:7a:60:
         90:f8:01:04:85:be:c8:f8:7d:ef:bc:b0:03:33:2a:84:a2:81:
         a1:a3:43:9b:76:61:f2:5b:16:23:6c:7c:33:72:a3:66:41:00:
         63:3f:70:88:02:a6:b2:4b:70:ed:96:77:61:02:fa:33:58:8b:
         c3:be:4b:09:6c:e9:77:03:4d:a4:d2:68:35:94:5e:67:fc:d1:
         0f:2c:09:eb:4e:0a:e3:41:da:56:1f:ba:54:f8:05:f9:fc:79:
         c1:43:16:69:3d:6d:a2:2d:18:13:ac:91:86:07:5c:8a:94:e5:
         94:27:11:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ/hu1wLJ5E3Yw/nFYoMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjUwODA2MjIwMjExWhcNMjUwODA3MjIwMjExWjAzMTEwLwYDVQQD
EyhhNDcxOTgzZTBjZjRjMDM2NzA2YjljM2QyZDdjMDU5MmIxMGNhMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMxoe1EXkl3P+DaMI/taN8mlDTfK
HfK/e7FoXzbSE5PeZ0c8chmKsxwUpSa+GEViyTjX2DN5cIPSQhNl81n+KEGT3Btm
+oXKX1cJ+IGtxXCqwtWUNTzkTE8YrMXKGVToi4rz6zjAgOv6NFtPbrCHsCGZ3IBE
xe5diz+S30MkFZPktyK54dJAA4EajrUUtQNn1URlHcltCIvl/vwlq0TAHDk5QpcA
pjrK3Z1MFBwVqW130LrcXVAzQIXknggsfqQHNxbI6sd2FSBrlJVlDI1yjjtzxzKn
9bl8xC+tMS+bw+gO38wUhNle5Fpql6D4/kMbVnkGvwlNN+m6soFFoMDp8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRxmD4M9MA2cGucPS18BZKxDKKtMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMmrt0LiI
JyEzTwGWXSPuwG5Jyvo/xc3HqDP+wHhEzq9UXOgYBowVXRA2Ji88yqSnUEXxO1Me
SJfVptA6Pi4TvFbNYnd3Ty0hPbCw03ZI9GTGFzzY48OqE1j4G1ZM+iVDv6ISpRgU
rt6XdvloRsWB5w8GxS60cZeTg7rZK8DdY3VrC+RZwU0nPtqVMtVoT3pgkPgBBIW+
yPh977ywAzMqhKKBoaNDm3Zh8lsWI2x8M3KjZkEAYz9wiAKmsktw7ZZ3YQL6M1iL
w75LCWzpdwNNpNJoNZReZ/zRDywJ604K40HaVh+6VPgF+fx5wUMWaT1toi0YE6yR
hgdcipTllCcRcQ==
-----END CERTIFICATE-----