Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          /4W+kTFfMTuZJaEqliSkyH2vNvuX/Q16hBO/7BdqGhg=
Subject key identifier:   F4:BC:C7:04:83:18:4C:F4:6D:D4:74:32:0E:F9:F6:9E:05:57:57:1D
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019880C2398445B94E32C06F00A6D55D006F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          161A
Signing time:             Wed 06 Aug 2025 19:01:08 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:08 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:08 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: lCzyab4elOxShpa18h/zLevw1hEQFOVfvHfavev/kGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:39:84:45:b9:4e:32:c0:6f:00:a6:d5:5d:00:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Aug  6 19:01:08 2025 GMT
            Not After : Aug  7 19:01:08 2025 GMT
        Subject: CN=f4bcc70483184cf46dd474320ef9f69e0557571d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f2:b1:42:46:ab:73:bc:35:f5:4f:2b:76:fa:
                    c3:e1:9e:8b:41:a8:02:24:ff:08:80:28:83:d8:05:
                    17:8d:a1:c8:db:7c:b5:b7:84:7f:b8:76:80:dd:d2:
                    e7:c6:7e:22:5c:ab:3a:05:80:59:4e:0a:95:28:09:
                    9f:6f:00:25:e8:2f:3e:1b:9f:72:10:f5:66:3e:48:
                    20:4a:41:f9:28:69:33:39:59:71:07:6d:52:b0:81:
                    7b:f5:f9:55:2a:73:fc:12:aa:0e:1c:00:88:96:3a:
                    8d:d7:d8:58:6d:09:e1:44:d3:72:4e:9f:3a:1e:bb:
                    de:7e:7c:3e:08:b9:be:b3:65:44:09:19:d6:2e:68:
                    02:26:87:2c:31:6b:49:04:52:74:00:a9:d3:88:97:
                    51:d1:de:a4:68:06:c3:ee:b1:1c:f1:fa:dd:53:7a:
                    73:05:ab:ea:b9:18:82:5b:fd:76:49:7c:9e:ac:51:
                    19:08:db:fa:65:84:ad:5d:02:d6:02:ac:c9:98:b1:
                    e0:63:84:22:e5:92:0a:6a:a6:15:5f:b0:0c:84:7b:
                    d0:d0:b5:d5:1e:8f:f6:72:b8:4a:d6:e7:0d:8a:95:
                    bc:3f:9a:a0:62:e1:a4:43:8b:ae:fd:79:87:1c:74:
                    24:b2:be:6e:3c:0b:b1:67:dd:f7:fd:21:10:61:75:
                    ec:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:BC:C7:04:83:18:4C:F4:6D:D4:74:32:0E:F9:F6:9E:05:57:57:1D
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:1d:37:07:c8:72:ed:c4:54:5a:2b:99:bb:fe:51:61:ea:ce:
         da:13:91:5b:df:d2:e5:b8:02:04:83:0c:5d:39:66:ea:e3:98:
         01:2a:48:b9:2e:8d:e2:06:cc:7e:54:4b:0f:ea:16:8b:06:de:
         b2:b1:be:da:fa:17:0c:48:46:1f:c0:81:05:da:7c:0d:6c:32:
         02:b2:cd:78:5f:07:df:54:92:bf:dc:87:36:56:8f:5f:e0:73:
         d9:57:de:71:55:42:a2:22:4a:75:ca:c4:e6:06:94:f7:43:11:
         a3:56:5c:86:6e:47:b0:39:5f:3c:5c:7c:4e:33:64:f4:cc:f0:
         e1:f0:98:b9:aa:fd:bb:02:e2:82:41:b3:a3:b5:9b:99:b7:f5:
         73:db:38:93:d5:d4:c6:0a:56:05:56:c0:92:0f:45:f3:30:47:
         db:75:65:10:72:83:83:a1:50:1e:59:0b:3c:88:68:32:f9:33:
         99:4f:5a:9e:32:5b:ef:ee:db:f0:65:41:82:ec:6c:23:dd:37:
         b1:0c:93:13:38:a6:da:dc:2e:ec:9d:73:12:7d:04:97:45:12:
         63:79:d5:95:19:71:0a:84:0c:80:99:71:0a:f1:e8:67:05:9e:
         09:f0:97:62:de:de:b3:9d:b4:c2:f8:b0:ad:8c:f1:eb:e4:a5:
         7c:5b:9e:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwjmERblOMsBvAKbVXQBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUwODA2MTkwMTA4WhcNMjUwODA3MTkwMTA4WjAzMTEwLwYDVQQD
EyhmNGJjYzcwNDgzMTg0Y2Y0NmRkNDc0MzIwZWY5ZjY5ZTA1NTc1NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/KxQkarc7w19U8rdvrD4Z6LQagC
JP8IgCiD2AUXjaHI23y1t4R/uHaA3dLnxn4iXKs6BYBZTgqVKAmfbwAl6C8+G59y
EPVmPkggSkH5KGkzOVlxB21SsIF79flVKnP8EqoOHACIljqN19hYbQnhRNNyTp86
Hrvefnw+CLm+s2VECRnWLmgCJocsMWtJBFJ0AKnTiJdR0d6kaAbD7rEc8frdU3pz
BavquRiCW/12SXyerFEZCNv6ZYStXQLWAqzJmLHgY4Qi5ZIKaqYVX7AMhHvQ0LXV
Ho/2crhK1ucNipW8P5qgYuGkQ4uu/XmHHHQksr5uPAuxZ933/SEQYXXsEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPS8xwSDGEz0bdR0Mg759p4FV1cdMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAox03B8hy
7cRUWiuZu/5RYerO2hORW9/S5bgCBIMMXTlm6uOYASpIuS6N4gbMflRLD+oWiwbe
srG+2voXDEhGH8CBBdp8DWwyArLNeF8H31SSv9yHNlaPX+Bz2VfecVVCoiJKdcrE
5gaU90MRo1Zchm5HsDlfPFx8TjNk9Mzw4fCYuar9uwLigkGzo7Wbmbf1c9s4k9XU
xgpWBVbAkg9F8zBH23VlEHKDg6FQHlkLPIhoMvkzmU9anjJb7+7b8GVBguxsI903
sQyTEzim2twu7J1zEn0El0USY3nVlRlxCoQMgJlxCvHoZwWeCfCXYt7es520wviw
rYzx6+SlfFue8g==
-----END CERTIFICATE-----