Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          /wKSDQGZhfKrBcSaQ5Y4OWQC2CnPZ8R8XIag9EgK0UQ=
Subject key identifier:   78:96:3A:CD:53:13:10:E6:11:DE:08:FA:6F:03:CA:90:80:31:10:5A
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       019921B24132A94E74D2512B1E2ADF9A7E08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0BCD
Signing time:             Sun 07 Sep 2025 01:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:34 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: XB9DeNRpRkaeJ/VAX92QQXUBzR6Yex77WhaDrJJ02Uc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:41:32:a9:4e:74:d2:51:2b:1e:2a:df:9a:7e:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Sep  7 01:02:34 2025 GMT
            Not After : Sep  8 01:02:34 2025 GMT
        Subject: CN=78963acd531310e611de08fa6f03ca908031105a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:84:c7:5f:28:14:f6:49:78:6c:b0:d5:8a:7d:
                    69:38:8d:27:37:a2:15:97:18:24:0e:0b:b5:b6:e5:
                    19:53:f5:7c:2a:ae:d9:0f:29:70:62:86:2f:15:61:
                    d1:ba:2f:c1:fb:57:91:cc:20:66:1a:92:66:f0:fb:
                    61:fe:36:2d:23:ec:97:36:32:72:56:1b:a0:eb:9e:
                    25:a7:da:c8:55:49:ee:5a:35:e0:cf:fd:40:91:1b:
                    f1:aa:56:7f:dc:71:73:a0:6f:52:5d:73:a4:b8:c0:
                    f5:19:d5:22:68:c7:e2:60:f3:6b:b9:d4:21:d6:f8:
                    c6:c2:5f:ad:db:77:de:16:e2:ac:fb:3a:be:51:1d:
                    58:ba:84:57:f4:e0:f9:1b:3e:13:4a:9e:d6:7d:22:
                    26:41:df:28:af:c0:ad:ac:52:d9:28:3d:04:40:01:
                    77:fb:5d:6e:cd:2b:4f:b8:aa:28:81:b3:0e:be:b5:
                    27:db:73:7b:f2:9c:38:a2:ec:af:21:09:c3:42:b1:
                    76:15:cd:e8:e3:8d:1b:b2:17:83:d1:53:bf:bf:2d:
                    5d:e5:2e:d6:c9:80:d8:ce:2e:2d:73:10:b1:8c:d1:
                    b2:2a:7d:20:c4:d2:a0:8a:44:6b:c5:39:76:d8:a1:
                    e0:0d:83:84:4f:0c:1c:aa:31:ce:fe:d2:82:89:f4:
                    0c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:96:3A:CD:53:13:10:E6:11:DE:08:FA:6F:03:CA:90:80:31:10:5A
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:da:0c:e3:c3:d9:3f:a4:ef:67:c3:67:1c:49:9f:47:51:27:
         5a:b4:b9:c3:01:3b:1b:9f:30:10:51:d3:f6:e3:20:b7:34:7c:
         76:0a:a0:09:f6:75:e6:57:2b:88:56:80:af:6c:1d:68:3d:8b:
         69:8a:c9:78:a8:42:5b:86:57:ec:ef:2e:84:d3:f5:cd:92:37:
         57:8a:7d:55:a9:dc:20:35:7f:be:50:b2:c7:58:3b:a9:70:a6:
         78:a2:b3:7c:47:a5:53:ef:7a:be:ee:b1:c2:1a:d5:2c:99:0a:
         16:c2:36:3a:97:05:98:5e:a1:4e:34:50:bf:e0:06:6a:3c:78:
         f9:9f:66:9c:ec:fa:b7:f5:57:3d:12:90:1b:be:a6:b6:09:fb:
         fd:3b:d3:ed:ea:cd:b9:a8:a3:4b:ba:8a:a9:86:34:3b:e7:2b:
         3a:4a:a7:21:ce:8d:a5:b9:eb:92:40:51:73:f1:ad:a8:a1:cc:
         aa:f6:45:3b:91:1c:4b:71:5f:ad:6a:ee:88:1c:95:f4:12:91:
         d1:d4:3a:a6:71:ab:78:72:3e:a5:d6:0e:65:8a:66:f4:af:4f:
         24:ed:74:29:03:5a:40:c4:9a:3d:75:21:55:c8:6f:c8:b1:bd:
         6c:0c:a8:72:7d:0a:9d:e3:da:b6:c3:d3:30:00:aa:8e:f9:98:
         0f:6d:a0:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhskEyqU500lErHirfmn4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwOTA3MDEwMjM0WhcNMjUwOTA4MDEwMjM0WjAzMTEwLwYDVQQD
Eyg3ODk2M2FjZDUzMTMxMGU2MTFkZTA4ZmE2ZjAzY2E5MDgwMzExMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmITHXygU9kl4bLDVin1pOI0nN6IV
lxgkDgu1tuUZU/V8Kq7ZDylwYoYvFWHRui/B+1eRzCBmGpJm8Pth/jYtI+yXNjJy
Vhug654lp9rIVUnuWjXgz/1AkRvxqlZ/3HFzoG9SXXOkuMD1GdUiaMfiYPNrudQh
1vjGwl+t23feFuKs+zq+UR1YuoRX9OD5Gz4TSp7WfSImQd8or8CtrFLZKD0EQAF3
+11uzStPuKoogbMOvrUn23N78pw4ouyvIQnDQrF2Fc3o440bsheD0VO/vy1d5S7W
yYDYzi4tcxCxjNGyKn0gxNKgikRrxTl22KHgDYOETwwcqjHO/tKCifQMzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiWOs1TExDmEd4I+m8DypCAMRBaMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtoM48PZ
P6TvZ8NnHEmfR1EnWrS5wwE7G58wEFHT9uMgtzR8dgqgCfZ15lcriFaAr2wdaD2L
aYrJeKhCW4ZX7O8uhNP1zZI3V4p9VancIDV/vlCyx1g7qXCmeKKzfEelU+96vu6x
whrVLJkKFsI2OpcFmF6hTjRQv+AGajx4+Z9mnOz6t/VXPRKQG76mtgn7/TvT7erN
uaijS7qKqYY0O+crOkqnIc6NpbnrkkBRc/GtqKHMqvZFO5EcS3FfrWruiByV9BKR
0dQ6pnGreHI+pdYOZYpm9K9PJO10KQNaQMSaPXUhVchvyLG9bAyocn0KnePatsPT
MACqjvmYD22gBg==
-----END CERTIFICATE-----