Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          TiuPm+opz+xUpHlFZfmuRhTiz79nWs6eVeWmEJ+IqdI=
Subject key identifier:   F5:9A:2B:C7:62:69:EF:C6:E7:63:DA:39:E2:3F:73:B9:00:78:1E:A4
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       0199221F3CF60A689D9548C13CF96F0AD5AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0BE8
Signing time:             Sun 07 Sep 2025 03:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:36 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: I6SapFwNUS2510xAXxlbUMrzP6tbZD1cOQsNR4n+p/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:3c:f6:0a:68:9d:95:48:c1:3c:f9:6f:0a:d5:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Sep  7 03:01:36 2025 GMT
            Not After : Sep  8 03:01:36 2025 GMT
        Subject: CN=f59a2bc76269efc6e763da39e23f73b900781ea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d2:74:09:64:ee:0f:13:80:0a:a3:69:86:77:
                    3a:eb:2a:c5:b9:17:b0:da:69:5e:b3:98:dc:dd:72:
                    e1:36:66:9a:0d:ed:65:e0:13:b7:78:94:91:d2:ce:
                    c2:d4:f0:e1:78:a9:54:f2:70:9d:b0:8d:12:71:1f:
                    eb:ac:63:c4:e7:ad:99:0c:2b:68:dd:6d:0a:88:f3:
                    30:0e:58:c2:e2:12:f1:ae:3d:6d:5a:6d:89:d8:7d:
                    4f:28:eb:49:2c:a5:64:ba:87:9d:6b:d2:92:d6:91:
                    44:4b:bf:57:2b:6d:ea:66:28:42:9a:a4:22:a2:13:
                    c5:b4:66:38:82:d7:96:ad:da:d4:d5:01:32:74:5e:
                    db:e5:7a:dc:98:0d:16:56:c8:6b:0b:32:fb:c1:7a:
                    9c:3d:6c:6f:05:ac:5a:2a:97:7a:a4:4e:4f:21:df:
                    a7:a2:f1:b1:fd:14:dc:c5:3f:7a:5b:75:58:1f:46:
                    00:a0:69:4f:32:eb:2e:e7:6a:af:2c:37:3a:b1:82:
                    3e:1f:a5:33:c2:be:b8:c9:8d:9c:e0:40:d9:a9:69:
                    bc:03:24:88:7f:03:3a:29:8c:6e:e4:b5:4f:53:43:
                    5a:c3:97:54:de:4b:fd:c0:30:02:bb:82:a0:e3:5f:
                    cc:d3:28:2b:f9:80:32:bc:51:bd:82:f5:1b:aa:c7:
                    cd:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:9A:2B:C7:62:69:EF:C6:E7:63:DA:39:E2:3F:73:B9:00:78:1E:A4
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:03:40:1f:03:e0:dc:0b:fb:db:1a:dd:3b:25:cc:7b:f6:68:
         85:38:16:bc:da:4f:b6:2d:f4:5e:31:81:b2:d4:7c:a3:d9:6b:
         6f:f5:cd:35:98:a8:e1:fd:b4:36:44:95:0b:9e:ac:3d:9c:be:
         96:72:3f:60:dc:07:26:88:60:5b:05:37:a6:40:f1:dd:a9:ae:
         ec:50:27:eb:60:70:ca:2a:51:8f:e5:0f:7c:52:f9:6d:ec:76:
         93:5f:89:b6:6a:ef:d0:29:c5:b3:33:45:c8:e8:f1:10:4c:4d:
         b6:3e:bd:da:86:e6:c2:da:34:10:48:29:35:47:fb:90:28:3a:
         1d:04:23:a1:ce:f4:b2:0e:0b:6b:e7:65:f6:2c:68:a3:4d:cc:
         f6:39:3e:f2:b2:cb:7a:c6:d0:26:b9:56:23:5c:e1:c7:e9:c6:
         1c:c4:75:d7:6a:7e:fa:2a:34:3f:3e:f0:e9:0c:45:f8:1b:c5:
         cd:cf:92:cb:54:fb:3b:e8:ef:1a:e8:98:ac:c4:59:34:e9:f3:
         82:2f:ff:62:46:07:75:0b:95:86:73:00:49:c5:4f:65:14:f1:
         63:54:3d:1f:f8:be:0e:2a:fe:38:84:d5:62:a0:11:a9:81:dc:
         3d:58:3a:c4:02:39:c4:94:77:14:ae:91:17:18:19:9b:5c:2f:
         91:3f:0f:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHzz2CmidlUjBPPlvCtWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwOTA3MDMwMTM2WhcNMjUwOTA4MDMwMTM2WjAzMTEwLwYDVQQD
EyhmNTlhMmJjNzYyNjllZmM2ZTc2M2RhMzllMjNmNzNiOTAwNzgxZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptJ0CWTuDxOACqNphnc66yrFuRew
2mles5jc3XLhNmaaDe1l4BO3eJSR0s7C1PDheKlU8nCdsI0ScR/rrGPE562ZDCto
3W0KiPMwDljC4hLxrj1tWm2J2H1PKOtJLKVkuoeda9KS1pFES79XK23qZihCmqQi
ohPFtGY4gteWrdrU1QEydF7b5XrcmA0WVshrCzL7wXqcPWxvBaxaKpd6pE5PId+n
ovGx/RTcxT96W3VYH0YAoGlPMusu52qvLDc6sYI+H6Uzwr64yY2c4EDZqWm8AySI
fwM6KYxu5LVPU0Naw5dU3kv9wDACu4Kg41/M0ygr+YAyvFG9gvUbqsfNdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWaK8diae/G52PaOeI/c7kAeB6kMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnANAHwPg
3Av72xrdOyXMe/ZohTgWvNpPti30XjGBstR8o9lrb/XNNZio4f20NkSVC56sPZy+
lnI/YNwHJohgWwU3pkDx3amu7FAn62BwyipRj+UPfFL5bex2k1+Jtmrv0CnFszNF
yOjxEExNtj692obmwto0EEgpNUf7kCg6HQQjoc70sg4La+dl9ixoo03M9jk+8rLL
esbQJrlWI1zhx+nGHMR112p++io0Pz7w6QxF+BvFzc+Sy1T7O+jvGuiYrMRZNOnz
gi//YkYHdQuVhnMAScVPZRTxY1Q9H/i+Dir+OITVYqARqYHcPVg6xAI5xJR3FK6R
FxgZm1wvkT8Pwg==
-----END CERTIFICATE-----