Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          IcujM5PNY/8j/EXRSb6WPL8XKf+zjB8gs2grmnzdH4c=
Subject key identifier:   08:13:2E:04:46:4F:A9:C2:E4:F5:57:0B:D8:91:FA:D6:B1:22:B5:85
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019921B10BE60DEA94ADB4B23EF00BA4D65A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0A36
Signing time:             Sun 07 Sep 2025 01:01:14 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:14 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:14 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: uu9v9vPn8ytyvIW6t0afXXhwwOj5r1sVdCXw2i58IEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:0b:e6:0d:ea:94:ad:b4:b2:3e:f0:0b:a4:d6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Sep  7 01:01:14 2025 GMT
            Not After : Sep  8 01:01:14 2025 GMT
        Subject: CN=08132e04464fa9c2e4f5570bd891fad6b122b585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7a:a1:37:25:84:d8:43:20:eb:9c:14:db:78:
                    f0:1e:78:05:e4:4a:a7:89:f6:4d:f8:d9:93:bf:05:
                    70:b8:db:2a:ac:c4:2a:aa:9c:5c:62:43:b9:3c:e0:
                    f5:f9:d5:21:a2:07:12:12:b5:8b:24:fd:1f:9b:a9:
                    ed:eb:e3:43:84:78:55:8c:d3:35:b1:16:22:67:1b:
                    2f:c4:ef:d2:8a:aa:e5:22:29:a0:9f:9b:03:7b:bc:
                    68:3f:b8:6d:73:b7:24:ca:30:92:5a:c8:35:2a:b9:
                    69:1a:d1:51:7d:6e:d1:32:39:a0:ef:60:f7:cd:1f:
                    f4:03:8c:03:61:29:ae:42:b0:09:1c:38:12:8c:c8:
                    ef:bb:14:ff:4b:dd:80:b9:6b:c7:13:b1:74:1e:c2:
                    b3:2c:7c:87:8a:1c:59:f5:9e:02:c1:29:22:41:f3:
                    d7:35:f2:48:c2:93:e8:1e:b8:c6:d0:d8:2b:35:49:
                    bd:5a:79:27:a1:bb:d4:79:4c:95:0d:55:d6:05:2f:
                    6b:12:c4:58:e6:1a:80:1a:24:22:e9:fe:a8:16:d3:
                    f0:64:2d:fc:b3:39:4c:0a:6c:d8:e2:24:b6:3f:cf:
                    1a:eb:46:12:8a:c6:b7:86:21:46:78:92:22:83:b2:
                    3d:af:2f:f7:1b:f7:a6:76:52:70:7f:ea:55:98:9c:
                    07:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:13:2E:04:46:4F:A9:C2:E4:F5:57:0B:D8:91:FA:D6:B1:22:B5:85
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:55:fa:ed:6d:d4:ee:91:e4:3f:b1:de:88:1f:86:81:d3:8c:
         85:42:b9:27:3e:c2:f3:30:69:fd:f7:41:7d:d2:aa:e9:6e:3b:
         66:ab:9c:4d:4f:c6:6f:b5:d7:68:5b:62:d2:88:da:fa:1b:e1:
         81:37:9e:7f:4a:f6:f7:08:6f:b8:7d:ca:c9:10:38:da:34:7a:
         e7:36:28:be:95:31:b6:b6:e1:f5:cf:23:bb:22:4c:58:9e:69:
         f3:61:4e:b4:19:5f:67:dc:56:8e:f0:55:be:1b:00:ee:0e:86:
         0f:28:52:2e:d7:5d:eb:31:f8:50:f1:26:d7:28:f1:e0:65:8d:
         07:a0:62:f6:d9:bf:10:6f:92:8b:8d:ce:3c:35:23:a2:37:2d:
         5d:fc:64:b7:5d:61:22:d8:8f:be:60:f3:a7:c7:d1:40:0f:ab:
         65:13:36:ef:a0:39:7d:b1:5c:cb:32:55:52:92:66:91:5e:07:
         f9:ec:74:5c:47:6e:77:da:bd:bb:1e:d2:cb:3d:a6:f7:17:5d:
         47:7c:cc:e0:fb:8d:d9:06:96:dd:06:58:26:13:7a:a3:9f:f3:
         39:4f:d4:05:ff:fc:5c:13:bf:69:d5:83:f0:fa:95:66:2d:f4:
         c0:99:9e:22:af:19:b8:03:89:f0:c8:7a:73:4b:23:41:d6:53:
         b5:a5:9c:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsQvmDeqUrbSyPvALpNZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUwOTA3MDEwMTE0WhcNMjUwOTA4MDEwMTE0WjAzMTEwLwYDVQQD
EygwODEzMmUwNDQ2NGZhOWMyZTRmNTU3MGJkODkxZmFkNmIxMjJiNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnqhNyWE2EMg65wU23jwHngF5Eqn
ifZN+NmTvwVwuNsqrMQqqpxcYkO5POD1+dUhogcSErWLJP0fm6nt6+NDhHhVjNM1
sRYiZxsvxO/SiqrlIimgn5sDe7xoP7htc7ckyjCSWsg1KrlpGtFRfW7RMjmg72D3
zR/0A4wDYSmuQrAJHDgSjMjvuxT/S92AuWvHE7F0HsKzLHyHihxZ9Z4CwSkiQfPX
NfJIwpPoHrjG0NgrNUm9WnknobvUeUyVDVXWBS9rEsRY5hqAGiQi6f6oFtPwZC38
szlMCmzY4iS2P88a60YSisa3hiFGeJIig7I9ry/3G/emdlJwf+pVmJwH2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgTLgRGT6nC5PVXC9iR+taxIrWFMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFX67W3U
7pHkP7HeiB+GgdOMhUK5Jz7C8zBp/fdBfdKq6W47ZqucTU/Gb7XXaFti0oja+hvh
gTeef0r29whvuH3KyRA42jR65zYovpUxtrbh9c8juyJMWJ5p82FOtBlfZ9xWjvBV
vhsA7g6GDyhSLtdd6zH4UPEm1yjx4GWNB6Bi9tm/EG+Si43OPDUjojctXfxkt11h
ItiPvmDzp8fRQA+rZRM276A5fbFcyzJVUpJmkV4H+ex0XEdud9q9ux7Syz2m9xdd
R3zM4PuN2QaW3QZYJhN6o5/zOU/UBf/8XBO/adWD8PqVZi30wJmeIq8ZuAOJ8Mh6
c0sjQdZTtaWc+w==
-----END CERTIFICATE-----