Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          VowJr5311NQiwrZ0Q5wMGQytEsu53H6ml3PLO5DIx5I=
Subject key identifier:   A6:98:3A:14:FF:A5:A9:43:C2:C4:E1:6D:3B:59:68:FA:A7:FC:F7:79
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       01992330F0D481B164026B138EFEF6065128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          04A5
Signing time:             Sun 07 Sep 2025 08:00:33 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:33 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:33 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: lU8JzY+pc8fhA7slhbKeNfj+Dk9Yc/iNg+K+m25AA5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:30:f0:d4:81:b1:64:02:6b:13:8e:fe:f6:06:51:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Sep  7 08:00:33 2025 GMT
            Not After : Sep  8 08:00:33 2025 GMT
        Subject: CN=a6983a14ffa5a943c2c4e16d3b5968faa7fcf779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0a:0a:b3:68:73:a1:f2:86:04:92:75:31:88:
                    c0:df:ec:d0:ba:4a:2f:6f:01:4a:24:e7:a8:ec:28:
                    c2:f5:05:86:f3:ae:9f:7d:d8:cd:24:34:1a:a3:ae:
                    2d:d9:8d:96:93:ed:de:de:c9:5a:15:b1:9d:4c:db:
                    15:7c:13:d4:7f:70:34:89:72:d3:db:39:b5:b4:b4:
                    a1:32:96:d3:ec:06:2e:70:4a:d4:9f:3c:8d:0a:ba:
                    fe:67:fe:ee:2d:9f:fc:aa:dd:90:8f:25:bb:90:3b:
                    d5:48:d4:e2:99:92:b5:5e:21:10:78:00:dd:21:b3:
                    c2:8b:0b:f9:f0:b5:d5:90:3f:14:39:bf:37:84:e0:
                    cb:29:94:d5:e3:0e:9c:a7:82:b4:fd:39:ad:55:96:
                    6d:33:8d:ff:a6:23:08:00:44:1f:53:23:b2:96:df:
                    77:be:98:d3:36:c0:46:53:81:1d:cb:14:9b:1f:99:
                    94:cc:9d:42:68:68:69:45:34:bd:28:32:3e:93:2c:
                    c6:77:15:64:60:e9:80:2b:a2:68:bf:81:71:59:85:
                    22:fa:80:f3:f4:c7:f3:c7:ca:dc:d0:ef:01:df:50:
                    10:63:e8:92:11:59:12:ac:e3:7b:cd:c4:d5:cd:c6:
                    0a:cc:04:76:34:8d:43:7a:46:0b:7b:38:0a:a7:62:
                    24:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:98:3A:14:FF:A5:A9:43:C2:C4:E1:6D:3B:59:68:FA:A7:FC:F7:79
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:c7:ae:61:97:f6:bb:e1:11:4b:df:4a:52:4b:cd:88:3d:17:
         ae:cb:cc:53:04:78:02:49:6e:da:52:00:85:02:da:54:f0:e1:
         3e:f5:11:4c:2b:12:5d:4c:64:d5:84:9f:30:4b:51:f2:1c:d0:
         a9:49:c3:18:23:c9:5a:a3:3a:a9:9f:f7:5f:1c:23:c1:fc:69:
         01:84:64:3d:ac:92:88:6a:f2:fb:a0:17:b4:c7:f0:76:33:89:
         22:29:cd:fa:89:bb:42:8b:8a:3c:45:4a:9e:0a:26:47:f2:94:
         b0:50:e4:5c:8e:5f:c6:6d:f1:ab:83:e3:e8:6e:12:3c:28:0a:
         5a:91:0e:6e:fe:13:3b:21:26:7e:77:c3:ab:e4:76:b3:2b:54:
         e4:77:f7:0d:70:b9:d3:05:41:af:9d:43:61:a2:f6:f4:e9:f4:
         2c:b1:8f:99:d0:8a:84:2a:da:3c:ad:43:01:81:33:40:f0:31:
         e4:64:fe:74:3e:cb:80:99:f3:6e:cc:be:56:fb:17:0e:25:1b:
         bd:49:7b:5b:d9:1b:c2:33:3d:68:06:ea:88:a3:95:fa:4a:c3:
         12:7f:71:01:68:17:5f:18:2b:77:af:24:98:93:05:e9:f4:06:
         41:69:27:17:ed:05:14:e0:fd:c1:9e:a6:e0:48:bf:95:0d:2d:
         84:68:dd:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMPDUgbFkAmsTjv72BlEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjUwOTA3MDgwMDMzWhcNMjUwOTA4MDgwMDMzWjAzMTEwLwYDVQQD
EyhhNjk4M2ExNGZmYTVhOTQzYzJjNGUxNmQzYjU5NjhmYWE3ZmNmNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgoKs2hzofKGBJJ1MYjA3+zQukov
bwFKJOeo7CjC9QWG866ffdjNJDQao64t2Y2Wk+3e3slaFbGdTNsVfBPUf3A0iXLT
2zm1tLShMpbT7AYucErUnzyNCrr+Z/7uLZ/8qt2QjyW7kDvVSNTimZK1XiEQeADd
IbPCiwv58LXVkD8UOb83hODLKZTV4w6cp4K0/TmtVZZtM43/piMIAEQfUyOylt93
vpjTNsBGU4EdyxSbH5mUzJ1CaGhpRTS9KDI+kyzGdxVkYOmAK6Jov4FxWYUi+oDz
9Mfzx8rc0O8B31AQY+iSEVkSrON7zcTVzcYKzAR2NI1DekYLezgKp2IkQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaYOhT/palDwsThbTtZaPqn/Pd5MB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMeuYZf2
u+ERS99KUkvNiD0XrsvMUwR4Aklu2lIAhQLaVPDhPvURTCsSXUxk1YSfMEtR8hzQ
qUnDGCPJWqM6qZ/3XxwjwfxpAYRkPaySiGry+6AXtMfwdjOJIinN+om7QouKPEVK
ngomR/KUsFDkXI5fxm3xq4Pj6G4SPCgKWpEObv4TOyEmfnfDq+R2sytU5Hf3DXC5
0wVBr51DYaL29On0LLGPmdCKhCraPK1DAYEzQPAx5GT+dD7LgJnzbsy+VvsXDiUb
vUl7W9kbwjM9aAbqiKOV+krDEn9xAWgXXxgrd68kmJMF6fQGQWknF+0FFOD9wZ6m
4Ei/lQ0thGjdNQ==
-----END CERTIFICATE-----