Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File:                     1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier:          /dqk/cS93X0OKjf23j/O5mqjcole3k9L0JaiLdR3Er0=
Subject key identifier:   8C:8A:09:61:49:92:66:C0:6E:8F:EB:5B:89:86:4D:39:F9:8A:0E:C4
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer:       /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial:       019918090C898AB29382BF8D184A5843F19C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number:          0CE2
Signing time:             Fri 05 Sep 2025 04:01:10 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:10 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:10 +0000
Files and hashes:         1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: N8SsAP/QGdllIjR00pJDZyOhPTerRR1gDtpRfNF/WTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:0c:89:8a:b2:93:82:bf:8d:18:4a:58:43:f1:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
        Validity
            Not Before: Sep  5 04:01:10 2025 GMT
            Not After : Sep  6 04:01:10 2025 GMT
        Subject: CN=8c8a0961499266c06e8feb5b89864d39f98a0ec4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:65:d3:c5:a2:0d:f7:45:d7:ce:ac:92:8a:40:
                    2b:65:52:22:c5:34:9c:e5:e5:ad:9e:46:3b:a4:de:
                    e7:81:6b:60:c6:6f:09:c0:95:02:cf:f4:b0:3d:06:
                    3a:d1:af:28:63:22:f7:a2:80:54:13:e7:3d:4d:3c:
                    fe:65:59:17:db:c2:3f:4c:dd:7c:cd:f8:5d:e4:23:
                    f1:4a:a4:a5:20:6e:d0:34:da:13:30:c9:c2:69:86:
                    5d:90:2e:d0:f2:19:9e:87:06:1d:ec:ff:08:6a:47:
                    23:b2:db:1c:6c:e6:77:9e:ed:83:03:bb:11:e5:b8:
                    ba:21:4f:f7:1a:b0:2f:31:d8:c2:d7:f2:00:d3:4e:
                    43:d8:65:02:ba:ca:eb:11:da:88:d3:69:bf:cb:34:
                    82:6f:2a:24:ba:41:cb:49:6b:87:f6:0b:de:2f:23:
                    2d:18:ec:86:bd:e3:ae:dc:6e:24:e3:06:e5:f3:aa:
                    bb:ab:82:79:55:42:8d:6e:45:94:73:d8:75:db:44:
                    80:89:bc:fc:8d:1b:b1:95:59:72:93:61:38:72:e8:
                    29:a1:24:7b:72:b6:ba:31:7b:f4:11:e8:43:53:66:
                    51:62:84:05:50:a7:9f:93:af:4a:18:7f:c9:d2:59:
                    f8:d3:5d:87:2e:29:47:08:9d:4b:0b:ef:95:c7:b2:
                    32:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:8A:09:61:49:92:66:C0:6E:8F:EB:5B:89:86:4D:39:F9:8A:0E:C4
            X509v3 Authority Key Identifier:
                keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:98:af:a6:af:c8:13:09:9d:ee:29:76:8a:39:ab:de:bc:55:
         e7:af:06:18:23:aa:1b:ef:3d:23:48:a3:2d:19:73:bf:9f:0f:
         d6:ae:4d:2b:44:ac:54:8e:03:0c:eb:d2:44:11:05:5a:a2:fa:
         7f:5b:a3:ed:11:c5:bc:2e:da:73:3f:4f:b2:2e:81:74:50:ab:
         72:98:64:db:1c:07:91:12:7f:22:6f:2e:a0:8d:3a:6a:a1:b8:
         85:4c:b2:49:6b:fd:f0:78:7c:f4:2c:8f:a3:09:57:93:fd:ff:
         d6:94:07:f4:ee:7e:92:dc:76:20:0e:fc:68:6f:13:33:6a:e5:
         00:89:15:2a:b3:77:8f:37:60:63:53:19:30:64:80:45:81:22:
         47:9e:c3:d8:fc:29:57:91:b5:14:4b:29:61:d0:9e:6a:63:c0:
         b6:09:de:d4:30:f2:46:78:be:7b:98:5e:d7:96:ee:b7:02:a0:
         22:37:81:3f:de:ea:fa:b2:1e:01:64:c7:30:3a:a6:57:4b:91:
         d1:e7:70:97:0b:d7:64:36:b8:06:69:44:48:22:5e:f8:d4:eb:
         e1:f7:77:b5:3a:54:26:86:aa:30:85:5c:15:b2:53:bb:66:c3:
         e5:1d:42:50:62:91:41:9a:cf:b5:34:ed:ac:2f:12:9e:e6:2d:
         38:a0:e5:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCQyJirKTgr+NGEpYQ/GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjUwOTA1MDQwMTEwWhcNMjUwOTA2MDQwMTEwWjAzMTEwLwYDVQQD
Eyg4YzhhMDk2MTQ5OTI2NmMwNmU4ZmViNWI4OTg2NGQzOWY5OGEwZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGXTxaIN90XXzqySikArZVIixTSc
5eWtnkY7pN7ngWtgxm8JwJUCz/SwPQY60a8oYyL3ooBUE+c9TTz+ZVkX28I/TN18
zfhd5CPxSqSlIG7QNNoTMMnCaYZdkC7Q8hmehwYd7P8IakcjstscbOZ3nu2DA7sR
5bi6IU/3GrAvMdjC1/IA005D2GUCusrrEdqI02m/yzSCbyokukHLSWuH9gveLyMt
GOyGveOu3G4k4wbl86q7q4J5VUKNbkWUc9h120SAibz8jRuxlVlyk2E4cugpoSR7
cra6MXv0EehDU2ZRYoQFUKefk69KGH/J0ln4012HLilHCJ1LC++Vx7Iy0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyKCWFJkmbAbo/rW4mGTTn5ig7EMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5ivpq/I
Ewmd7il2ijmr3rxV568GGCOqG+89I0ijLRlzv58P1q5NK0SsVI4DDOvSRBEFWqL6
f1uj7RHFvC7acz9Psi6BdFCrcphk2xwHkRJ/Im8uoI06aqG4hUyySWv98Hh89CyP
owlXk/3/1pQH9O5+ktx2IA78aG8TM2rlAIkVKrN3jzdgY1MZMGSARYEiR57D2Pwp
V5G1FEspYdCeamPAtgne1DDyRni+e5he15butwKgIjeBP97q+rIeAWTHMDqmV0uR
0edwlwvXZDa4BmlESCJe+NTr4fd3tTpUJoaqMIVcFbJTu2bD5R1CUGKRQZrPtTTt
rC8SnuYtOKDl0A==
-----END CERTIFICATE-----