Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          SHDYfiN9XHvj3TFXoWxs6lEktUzGpKPrgQ2dsWVWg0g=
Subject key identifier:   0F:03:8E:6B:35:85:87:BC:E6:F2:46:52:4C:5B:63:C3:DC:5A:A0:6E
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0199221E9D15CF6CA5CCC24B8F0ACE7D2A3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0948
Signing time:             Sun 07 Sep 2025 03:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:55 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: uFsvfNKp9+QBda1SS7ciMzVItulyanhrS7OWAx1UmEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:9d:15:cf:6c:a5:cc:c2:4b:8f:0a:ce:7d:2a:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Sep  7 03:00:55 2025 GMT
            Not After : Sep  8 03:00:55 2025 GMT
        Subject: CN=0f038e6b358587bce6f246524c5b63c3dc5aa06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:96:3b:dc:a7:4a:cc:97:8d:d6:d0:70:4b:86:
                    78:8e:7e:ea:50:8e:4a:e2:ef:fd:d6:9e:2f:17:d8:
                    22:f5:1c:43:19:99:a5:5e:ad:44:bc:4d:0e:df:47:
                    72:d4:08:69:f0:ec:17:98:2e:44:b4:15:aa:9b:53:
                    61:0c:06:25:56:bb:06:b6:60:13:28:01:91:8f:32:
                    ef:90:54:3e:f4:25:9f:95:34:e2:20:cb:4b:c2:9c:
                    82:18:d3:ef:8a:2a:4e:56:fd:9c:b1:19:58:cb:48:
                    79:d5:d7:50:b6:97:78:f3:ff:fe:2e:4c:0f:41:be:
                    16:b5:c0:0d:35:f0:dd:c8:c2:e4:98:0a:56:49:9f:
                    11:a7:75:79:d2:43:13:43:48:eb:d1:a1:62:b9:73:
                    b2:74:b1:1b:50:57:03:9f:a0:b5:9e:87:0f:d1:bd:
                    5f:a8:e3:14:fe:d2:41:fc:00:1a:a7:8b:9c:6c:57:
                    26:db:6f:14:d5:70:0b:38:cb:ca:2f:85:87:c7:12:
                    47:4b:9e:64:af:10:53:ae:39:30:22:2c:df:5e:fe:
                    a1:f4:6d:4b:b1:eb:d6:ba:67:7f:02:79:4b:56:0c:
                    52:03:17:4f:59:fa:04:a6:7d:3d:16:4a:d6:e0:b2:
                    81:34:c1:49:b5:56:2f:08:9a:a6:4a:b9:58:75:74:
                    dc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:03:8E:6B:35:85:87:BC:E6:F2:46:52:4C:5B:63:C3:DC:5A:A0:6E
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:19:2a:b8:64:d2:58:ee:5f:d4:26:ee:d3:de:45:b8:59:33:
         eb:84:c3:01:3a:fb:b0:d8:5a:a3:eb:3a:83:6b:f6:eb:01:8f:
         71:62:e8:0d:49:d5:67:1d:09:bf:8e:ef:05:95:cd:15:c9:05:
         39:d8:70:6e:f3:74:39:39:b9:e7:01:d0:ff:c0:12:32:d1:47:
         25:7b:9b:a3:c8:d6:f5:73:e1:65:09:dc:72:a5:3c:65:e8:cc:
         9f:fc:eb:f1:a8:11:9b:32:75:18:6a:1b:f0:c6:88:40:09:ed:
         3d:7b:c1:ba:a6:d8:99:6a:f8:e0:a7:8b:06:c4:c1:79:68:03:
         1e:73:b1:0c:8d:1f:8f:e1:82:76:af:e4:44:a2:a0:98:25:62:
         0b:cf:7d:b9:70:f2:c1:75:13:d8:ab:14:96:73:0c:c4:eb:06:
         8b:21:96:5f:08:3d:bf:d8:6c:e6:0c:c4:06:9d:61:82:a2:57:
         99:22:5c:1e:e3:6b:ac:f6:20:a9:0f:55:de:7a:52:6b:60:65:
         1c:5c:03:90:55:9b:9e:c2:66:85:db:f5:8e:ff:c4:e1:98:39:
         04:d3:38:93:a3:9b:46:9f:8d:27:ca:63:84:36:6c:b2:e0:6e:
         f6:e1:9d:6c:be:25:92:d8:b0:42:85:2e:af:71:63:79:b3:72:
         ac:5a:ae:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHp0Vz2ylzMJLjwrOfSo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwOTA3MDMwMDU1WhcNMjUwOTA4MDMwMDU1WjAzMTEwLwYDVQQD
EygwZjAzOGU2YjM1ODU4N2JjZTZmMjQ2NTI0YzViNjNjM2RjNWFhMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZY73KdKzJeN1tBwS4Z4jn7qUI5K
4u/91p4vF9gi9RxDGZmlXq1EvE0O30dy1Ahp8OwXmC5EtBWqm1NhDAYlVrsGtmAT
KAGRjzLvkFQ+9CWflTTiIMtLwpyCGNPviipOVv2csRlYy0h51ddQtpd48//+LkwP
Qb4WtcANNfDdyMLkmApWSZ8Rp3V50kMTQ0jr0aFiuXOydLEbUFcDn6C1nocP0b1f
qOMU/tJB/AAap4ucbFcm228U1XALOMvKL4WHxxJHS55krxBTrjkwIizfXv6h9G1L
sevWumd/AnlLVgxSAxdPWfoEpn09FkrW4LKBNMFJtVYvCJqmSrlYdXTclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8Djms1hYe85vJGUkxbY8PcWqBuMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhkquGTS
WO5f1Cbu095FuFkz64TDATr7sNhao+s6g2v26wGPcWLoDUnVZx0Jv47vBZXNFckF
OdhwbvN0OTm55wHQ/8ASMtFHJXubo8jW9XPhZQnccqU8ZejMn/zr8agRmzJ1GGob
8MaIQAntPXvBuqbYmWr44KeLBsTBeWgDHnOxDI0fj+GCdq/kRKKgmCViC899uXDy
wXUT2KsUlnMMxOsGiyGWXwg9v9hs5gzEBp1hgqJXmSJcHuNrrPYgqQ9V3npSa2Bl
HFwDkFWbnsJmhdv1jv/E4Zg5BNM4k6ObRp+NJ8pjhDZssuBu9uGdbL4lktiwQoUu
r3FjebNyrFquwg==
-----END CERTIFICATE-----