Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          +yd2mx6Tp8GeE602Hsco43QZ67pRmyZtJgRnTVfkdRc=
Subject key identifier:   FD:AA:69:78:22:22:96:D6:51:EC:55:62:44:0A:9C:AE:06:79:10:E7
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       01988B0F02BC106120198B89A38E56A90978
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          08EF
Signing time:             Fri 08 Aug 2025 19:01:13 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:13 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:13 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: Z/1loEl/xu1zH4hq35eZlKcbXS3uQ5LfVYdbcp8+WdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:02:bc:10:61:20:19:8b:89:a3:8e:56:a9:09:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Aug  8 19:01:13 2025 GMT
            Not After : Aug  9 19:01:13 2025 GMT
        Subject: CN=fdaa6978222296d651ec5562440a9cae067910e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f1:ed:c0:ab:af:62:45:0c:29:78:11:06:67:
                    b3:b2:68:78:4d:0c:c3:81:6b:12:b7:65:ca:9d:2d:
                    27:25:ec:0b:82:cb:2f:f3:d2:8f:25:57:e2:a0:71:
                    ac:a3:54:73:53:17:57:c7:fe:06:08:88:b0:fa:d4:
                    b8:c7:91:fa:46:2e:a4:c8:37:1b:31:30:4a:b3:bb:
                    df:19:ce:8b:d8:b1:5c:8b:80:f3:5c:96:83:60:f0:
                    65:09:64:5f:08:2c:e6:8c:4e:0d:64:e6:17:ff:18:
                    40:e0:51:85:e3:43:50:76:cb:1d:5f:b1:3b:2c:e6:
                    45:04:6f:b3:a9:4d:e3:05:97:b2:58:80:fa:34:eb:
                    30:55:c9:ae:a8:fc:2e:5f:9e:eb:5d:ad:48:19:7a:
                    db:a7:f4:ce:91:f1:88:3e:32:bb:98:a3:5f:c0:e7:
                    21:17:e3:0b:fd:ae:8a:32:ef:36:1f:f5:97:3d:65:
                    8c:0d:bb:7c:34:cf:10:2a:e0:4e:2f:31:1c:d1:65:
                    52:36:36:f3:f7:cb:41:86:0e:ad:79:3e:e7:7b:ab:
                    c2:18:89:0a:da:93:cd:6d:3f:c9:97:54:5f:ce:aa:
                    ec:5a:49:df:5e:7f:94:2b:03:76:8c:4e:ca:d6:9c:
                    46:0c:94:7b:49:4c:30:4f:ac:62:12:11:3a:a4:e7:
                    53:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:AA:69:78:22:22:96:D6:51:EC:55:62:44:0A:9C:AE:06:79:10:E7
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:30:da:a9:2d:80:e0:1c:5c:1d:f8:02:f4:b5:f4:58:d5:e3:
         f5:aa:94:55:c5:58:c6:9c:b1:40:68:4a:82:32:15:f0:47:2a:
         9d:23:03:4e:62:d8:5a:21:a8:a6:6d:bc:50:14:71:1a:a2:6e:
         e0:90:ad:28:2d:e2:92:0b:c5:00:18:22:8e:e5:15:19:54:d7:
         b9:8a:e6:7e:3c:c8:b5:94:83:89:7d:77:fc:e5:20:b3:46:d6:
         6b:b3:ba:f5:da:5b:e1:c0:f2:2a:9b:ac:ca:35:aa:96:69:0d:
         a8:6a:46:2e:61:32:60:22:ab:d2:fa:c9:e8:a8:cd:40:9b:05:
         30:97:5f:62:cc:eb:80:fc:ec:05:29:34:4d:af:22:3b:df:b1:
         49:fb:9a:52:7d:0a:28:2e:52:b6:e4:69:b3:47:21:39:b4:3c:
         1a:a1:5f:65:e0:8e:e4:f2:f9:55:b5:86:c6:4f:b9:5d:67:9d:
         1a:08:c7:a9:5f:5e:e4:66:6e:f9:c3:4c:98:ee:8b:f2:73:7f:
         56:ef:f8:3f:c5:10:6c:31:bc:f6:c8:e3:59:8b:60:87:36:eb:
         91:d1:33:cb:39:a9:e8:b4:84:88:66:55:f3:70:c7:f3:b4:59:
         14:89:d5:68:0f:87:76:97:b0:33:ce:fa:0f:79:85:78:00:f6:
         f6:a3:5c:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDwK8EGEgGYuJo45WqQl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUwODA4MTkwMTEzWhcNMjUwODA5MTkwMTEzWjAzMTEwLwYDVQQD
EyhmZGFhNjk3ODIyMjI5NmQ2NTFlYzU1NjI0NDBhOWNhZTA2NzkxMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPHtwKuvYkUMKXgRBmezsmh4TQzD
gWsSt2XKnS0nJewLgssv89KPJVfioHGso1RzUxdXx/4GCIiw+tS4x5H6Ri6kyDcb
MTBKs7vfGc6L2LFci4DzXJaDYPBlCWRfCCzmjE4NZOYX/xhA4FGF40NQdssdX7E7
LOZFBG+zqU3jBZeyWID6NOswVcmuqPwuX57rXa1IGXrbp/TOkfGIPjK7mKNfwOch
F+ML/a6KMu82H/WXPWWMDbt8NM8QKuBOLzEc0WVSNjbz98tBhg6teT7ne6vCGIkK
2pPNbT/Jl1RfzqrsWknfXn+UKwN2jE7K1pxGDJR7SUwwT6xiEhE6pOdTBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2qaXgiIpbWUexVYkQKnK4GeRDnMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTDaqS2A
4BxcHfgC9LX0WNXj9aqUVcVYxpyxQGhKgjIV8EcqnSMDTmLYWiGopm28UBRxGqJu
4JCtKC3ikgvFABgijuUVGVTXuYrmfjzItZSDiX13/OUgs0bWa7O69dpb4cDyKpus
yjWqlmkNqGpGLmEyYCKr0vrJ6KjNQJsFMJdfYszrgPzsBSk0Ta8iO9+xSfuaUn0K
KC5StuRps0chObQ8GqFfZeCO5PL5VbWGxk+5XWedGgjHqV9e5GZu+cNMmO6L8nN/
Vu/4P8UQbDG89sjjWYtghzbrkdEzyzmp6LSEiGZV83DH87RZFInVaA+HdpewM876
D3mFeAD29qNcOA==
-----END CERTIFICATE-----