Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          F1UZuEMWkogpJInWUtByeMIhNDofinOSeolgbkuLxIM=
Subject key identifier:   82:C4:0F:7F:40:7E:52:9E:8A:D1:27:C1:A7:8D:A2:69:E6:67:97:E5
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019879AE6A47B1F14AACEF418E8BBA47A30F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          1618
Signing time:             Tue 05 Aug 2025 10:02:10 +0000
Manifest this update:     Tue 05 Aug 2025 10:02:10 +0000
Manifest next update:     Wed 06 Aug 2025 10:02:10 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: sPRC+wGahvUv0wZrZYt4rW69YXZbW3RaUWNy4x25oHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 10:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:79:ae:6a:47:b1:f1:4a:ac:ef:41:8e:8b:ba:47:a3:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Aug  5 10:02:10 2025 GMT
            Not After : Aug  6 10:02:10 2025 GMT
        Subject: CN=82c40f7f407e529e8ad127c1a78da269e66797e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2c:7d:ef:f2:3b:4a:28:e5:a7:59:f3:03:b0:
                    d1:47:7d:6b:8b:d9:a5:4c:43:8e:1c:ed:02:7a:b2:
                    f3:0b:3a:98:da:b2:89:3e:9e:1c:ec:3b:13:59:5e:
                    6e:93:e9:95:d4:97:5d:7e:fa:ef:88:02:b5:98:36:
                    d0:1d:f1:29:0d:38:c0:bd:e5:cc:0c:f8:65:85:a7:
                    79:e9:ce:6f:51:5f:d0:c5:0d:dd:96:c1:b7:54:9d:
                    0b:d2:9b:cc:52:43:43:15:e0:ba:78:da:e7:a3:bd:
                    3e:3d:06:45:49:73:68:1a:01:94:ad:33:2b:67:a4:
                    a9:2c:95:b1:97:13:8a:33:be:24:0b:63:a3:9d:55:
                    71:61:4d:c3:f8:2f:bd:63:61:0c:ad:94:08:d9:c9:
                    d7:6a:ce:9c:f6:2d:52:54:7b:e4:61:bf:a4:71:a8:
                    7e:35:31:d8:13:00:ff:b2:cc:e8:b8:a6:6b:f5:3a:
                    80:f8:79:c0:37:f7:cf:c8:aa:5d:bd:fd:de:a5:93:
                    56:d7:a5:fa:30:be:9c:99:c7:8b:3f:cf:a9:7c:dd:
                    ac:38:f6:53:bb:ba:5c:ef:94:27:51:4e:04:67:3a:
                    dd:58:6a:12:1f:c0:3d:96:29:bd:3b:81:e0:9c:02:
                    08:41:59:63:e0:7a:17:7a:f2:ee:98:9e:4a:52:ae:
                    ea:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C4:0F:7F:40:7E:52:9E:8A:D1:27:C1:A7:8D:A2:69:E6:67:97:E5
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:47:03:1c:bd:c1:44:a5:0e:10:24:10:af:f0:46:24:c6:e9:
         5a:7f:24:60:dd:3b:27:f8:46:71:37:e9:9d:b5:95:8b:ab:d3:
         d1:c5:cd:bc:24:af:3b:5f:88:8f:5b:5f:e2:ee:cc:a0:dc:43:
         8f:82:70:31:43:26:0f:03:ed:88:4c:f6:65:13:87:e4:60:d4:
         68:85:43:0f:57:e1:3d:fb:95:e7:cc:3a:a6:fe:13:71:01:31:
         82:f6:f6:d1:51:65:b8:87:13:c2:10:e8:cb:2f:2b:95:a6:bc:
         9c:85:bc:46:28:7b:44:dc:0e:fb:66:09:6f:c5:54:30:d7:16:
         d8:29:27:33:05:4c:f0:72:6c:4d:0a:e7:51:97:24:ee:72:ce:
         e9:74:89:77:51:1c:9f:e0:af:10:9c:30:ba:35:91:63:5a:5b:
         b8:f6:e1:6f:ab:34:0d:4b:af:b3:b6:87:38:e5:4c:a0:a6:9b:
         43:7a:04:27:14:a8:39:c0:ef:95:75:92:f9:4b:22:1b:b3:2d:
         5c:01:d8:7e:02:f7:d1:9f:30:28:3b:4b:67:48:05:29:e4:8e:
         87:85:24:ca:eb:ef:45:af:93:e0:09:58:f9:ba:34:0c:84:4b:
         50:33:59:dc:33:f2:fe:1c:2c:35:61:59:c2:21:63:fe:6f:fa:
         47:bf:a7:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh5rmpHsfFKrO9Bjou6R6MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwODA1MTAwMjEwWhcNMjUwODA2MTAwMjEwWjAzMTEwLwYDVQQD
Eyg4MmM0MGY3ZjQwN2U1MjllOGFkMTI3YzFhNzhkYTI2OWU2Njc5N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArix97/I7Sijlp1nzA7DRR31ri9ml
TEOOHO0CerLzCzqY2rKJPp4c7DsTWV5uk+mV1JddfvrviAK1mDbQHfEpDTjAveXM
DPhlhad56c5vUV/QxQ3dlsG3VJ0L0pvMUkNDFeC6eNrno70+PQZFSXNoGgGUrTMr
Z6SpLJWxlxOKM74kC2OjnVVxYU3D+C+9Y2EMrZQI2cnXas6c9i1SVHvkYb+kcah+
NTHYEwD/sszouKZr9TqA+HnAN/fPyKpdvf3epZNW16X6ML6cmceLP8+pfN2sOPZT
u7pc75QnUU4EZzrdWGoSH8A9lim9O4HgnAIIQVlj4HoXevLumJ5KUq7qSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILED39AflKeitEnwaeNomnmZ5flMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACEcDHL3B
RKUOECQQr/BGJMbpWn8kYN07J/hGcTfpnbWVi6vT0cXNvCSvO1+Ij1tf4u7MoNxD
j4JwMUMmDwPtiEz2ZROH5GDUaIVDD1fhPfuV58w6pv4TcQExgvb20VFluIcTwhDo
yy8rlaa8nIW8Rih7RNwO+2YJb8VUMNcW2CknMwVM8HJsTQrnUZck7nLO6XSJd1Ec
n+CvEJwwujWRY1pbuPbhb6s0DUuvs7aHOOVMoKabQ3oEJxSoOcDvlXWS+UsiG7Mt
XAHYfgL30Z8wKDtLZ0gFKeSOh4UkyuvvRa+T4AlY+bo0DIRLUDNZ3DPy/hwsNWFZ
wiFj/m/6R7+nvw==
-----END CERTIFICATE-----