Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          UWEJywGU2ykavNfPE+JOaVQwKHDcoZaxI0JAS+0T/x8=
Subject key identifier:   A6:0D:27:18:5C:89:23:98:28:7D:D0:05:54:9B:43:90:2E:2D:8C:63
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019922FAA1FA297A566D83AB42FB87AE688F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0A31
Signing time:             Sun 07 Sep 2025 07:01:14 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:14 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:14 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: HbF+SW6WpuZFQ17JMkMJU3Y3sbEWexXXdzHs7E/qrnE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:a1:fa:29:7a:56:6d:83:ab:42:fb:87:ae:68:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Sep  7 07:01:14 2025 GMT
            Not After : Sep  8 07:01:14 2025 GMT
        Subject: CN=a60d27185c892398287dd005549b43902e2d8c63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c6:67:4f:75:b8:d7:3c:be:2e:ea:3e:02:32:
                    be:fa:9b:e5:8d:6a:0f:b1:00:ee:35:b5:86:00:3e:
                    5a:06:fb:a7:87:00:1a:da:b8:19:e7:7e:f3:3e:27:
                    cf:86:a0:4c:09:fa:ed:b0:35:b0:1e:24:b7:0a:71:
                    89:45:73:42:fc:58:4a:f8:9b:81:c8:72:10:25:b4:
                    25:a4:11:2a:9d:4b:f0:78:60:3b:54:38:7e:fb:b4:
                    11:d0:b9:20:ff:0d:c3:b5:1e:d1:4e:2d:5f:28:44:
                    1c:3b:e8:76:cc:d9:42:74:29:31:b7:4a:a5:29:f1:
                    39:10:21:a7:5c:66:55:53:cb:c0:ba:5d:c7:12:e1:
                    67:90:ea:d2:55:f7:ab:e1:06:f5:54:27:7f:25:80:
                    e0:c4:c8:10:4b:56:f3:2c:77:60:ec:be:2c:b7:39:
                    fc:39:46:bc:c7:37:40:f0:80:14:60:74:e1:d1:73:
                    8e:89:38:1d:7b:96:4b:87:c3:c9:70:98:6f:4a:44:
                    9c:c3:cd:64:44:12:f9:63:8d:86:c6:e0:2a:45:9f:
                    b0:76:38:5b:14:58:51:56:9b:62:a0:42:d5:dd:72:
                    4a:cc:52:e3:b1:3a:fa:e8:b7:b1:38:e9:4a:c6:5f:
                    5e:51:31:a3:99:62:b1:a4:62:a8:bc:ac:3f:9b:83:
                    c1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:0D:27:18:5C:89:23:98:28:7D:D0:05:54:9B:43:90:2E:2D:8C:63
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:dd:ef:6f:1f:f9:bc:03:a5:a7:c9:4f:7d:1c:29:a5:44:2f:
         1b:d5:30:0d:62:e8:e6:96:8a:0d:d6:6c:d2:39:e5:4e:c3:29:
         5f:c5:b7:ea:4d:18:cc:a3:22:74:b2:64:c8:38:d1:a7:a2:48:
         cf:90:b6:ec:4f:fe:0b:e5:04:5c:6e:52:22:eb:b2:be:64:2e:
         e2:7a:fc:e7:eb:ef:14:a0:90:29:ef:8b:93:f8:0f:b0:3f:60:
         a0:e0:99:eb:fe:a2:cb:db:9e:8a:dd:94:f7:1b:43:ef:71:43:
         54:78:7f:34:5c:a7:0b:5f:c8:39:ea:1e:11:f0:b2:d9:15:db:
         b1:af:2d:a3:b9:04:06:c9:5d:de:e0:35:c9:86:98:86:3c:3e:
         6b:87:7c:26:0d:17:78:14:9e:fa:00:cd:d6:01:ae:e3:a4:4f:
         31:e1:1d:55:c4:80:00:01:ae:b8:2a:63:80:bf:72:a1:d0:c4:
         73:a6:b1:ae:0d:97:7a:3b:ce:a9:90:94:b0:b0:29:67:9f:05:
         3c:2e:1e:b4:01:d9:5f:20:93:74:93:68:3b:03:b6:5e:14:df:
         d4:a9:ee:97:38:42:a7:73:c2:b7:6d:f8:6a:b5:26:00:81:a8:
         e5:79:25:c6:2f:a7:ca:32:17:4e:10:13:10:f4:46:ab:d0:f1:
         60:eb:29:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+qH6KXpWbYOrQvuHrmiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwOTA3MDcwMTE0WhcNMjUwOTA4MDcwMTE0WjAzMTEwLwYDVQQD
EyhhNjBkMjcxODVjODkyMzk4Mjg3ZGQwMDU1NDliNDM5MDJlMmQ4YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMZnT3W41zy+Luo+AjK++pvljWoP
sQDuNbWGAD5aBvunhwAa2rgZ537zPifPhqBMCfrtsDWwHiS3CnGJRXNC/FhK+JuB
yHIQJbQlpBEqnUvweGA7VDh++7QR0Lkg/w3DtR7RTi1fKEQcO+h2zNlCdCkxt0ql
KfE5ECGnXGZVU8vAul3HEuFnkOrSVfer4Qb1VCd/JYDgxMgQS1bzLHdg7L4stzn8
OUa8xzdA8IAUYHTh0XOOiTgde5ZLh8PJcJhvSkScw81kRBL5Y42GxuAqRZ+wdjhb
FFhRVptioELV3XJKzFLjsTr66LexOOlKxl9eUTGjmWKxpGKovKw/m4PB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYNJxhciSOYKH3QBVSbQ5AuLYxjMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL93vbx/5
vAOlp8lPfRwppUQvG9UwDWLo5paKDdZs0jnlTsMpX8W36k0YzKMidLJkyDjRp6JI
z5C27E/+C+UEXG5SIuuyvmQu4nr85+vvFKCQKe+Lk/gPsD9goOCZ6/6iy9ueit2U
9xtD73FDVHh/NFynC1/IOeoeEfCy2RXbsa8to7kEBsld3uA1yYaYhjw+a4d8Jg0X
eBSe+gDN1gGu46RPMeEdVcSAAAGuuCpjgL9yodDEc6axrg2XejvOqZCUsLApZ58F
PC4etAHZXyCTdJNoOwO2XhTf1KnulzhCp3PCt234arUmAIGo5Xklxi+nyjIXThAT
EPRGq9DxYOsphA==
-----END CERTIFICATE-----