Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          PFLL32/9MPkj5eIKn78+nWzwC98q5GtTYOcRHvxe1a4=
Subject key identifier:   72:E5:F9:7E:C8:1E:9D:DC:EA:AC:43:EE:3F:65:51:A9:68:01:A9:4F
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0198911118B61842C9DFE80B135195199EA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          04BA
Signing time:             Sat 09 Aug 2025 23:01:13 +0000
Manifest this update:     Sat 09 Aug 2025 23:01:13 +0000
Manifest next update:     Sun 10 Aug 2025 23:01:13 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: SMsdDJ1+khnQ5CVIJlpWt7U4ZDBcyJ9auv7kdp9WS7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 23:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:11:18:b6:18:42:c9:df:e8:0b:13:51:95:19:9e:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Aug  9 23:01:13 2025 GMT
            Not After : Aug 10 23:01:13 2025 GMT
        Subject: CN=72e5f97ec81e9ddceaac43ee3f6551a96801a94f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:55:76:7c:bc:e8:aa:42:a0:a1:90:2c:39:72:
                    fa:00:2e:a2:41:d8:8e:97:65:5b:ae:18:61:5d:a7:
                    3d:3c:a0:9b:09:59:2c:07:d5:14:37:76:c7:d9:be:
                    82:6c:dd:8a:09:22:90:5c:32:c5:f7:34:4e:ba:7a:
                    eb:8d:4f:10:9f:f1:6c:b6:68:1b:fb:04:dd:83:ba:
                    52:47:08:f1:d9:84:e9:b5:62:72:25:c2:50:93:af:
                    36:60:0f:2c:60:33:8e:50:37:17:38:40:4c:c4:a5:
                    b0:a2:44:20:bc:5b:48:59:71:3a:56:6e:10:a8:7d:
                    27:72:a1:81:d0:76:9b:4e:f6:31:02:dd:1c:ed:2c:
                    fd:43:65:ec:41:18:b5:a0:63:d7:a1:f8:54:1a:39:
                    0b:b2:e7:36:85:8c:11:db:87:df:b0:1d:05:d3:e8:
                    9c:8a:18:7e:ca:92:35:4a:f6:02:7f:39:da:8b:69:
                    ce:a6:50:38:40:67:27:c2:4c:ea:b0:23:85:0d:fc:
                    a0:58:fd:f1:ae:8c:2f:0e:00:fa:f5:f2:4e:98:9d:
                    02:5b:3f:5c:2a:f1:d4:6a:74:17:7a:68:ff:15:12:
                    49:92:3c:37:2a:85:89:fd:00:14:e3:01:00:93:d3:
                    01:db:f0:a1:3e:8a:fb:ee:71:ff:28:fc:ae:84:d5:
                    ef:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E5:F9:7E:C8:1E:9D:DC:EA:AC:43:EE:3F:65:51:A9:68:01:A9:4F
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:04:d9:74:26:6e:7a:be:84:39:1a:26:0d:00:92:3d:29:04:
         0c:4f:2e:d6:be:00:49:e9:a7:81:39:43:70:3d:2c:3b:35:27:
         96:ec:a3:e3:65:f7:70:e4:f4:48:dc:7e:c8:fd:e4:3e:c7:1d:
         94:b8:9e:08:af:9c:8b:89:94:8d:b6:66:41:cc:61:33:cd:97:
         99:81:37:81:6c:b5:41:ff:a5:19:60:1b:0d:4c:21:32:15:f9:
         b5:cc:05:34:2d:1a:4d:c8:e8:30:74:26:48:dc:5e:84:88:c5:
         b5:86:d7:55:af:e2:95:b0:75:c9:d1:4b:aa:6b:95:eb:dc:ac:
         3a:10:ae:77:0e:93:53:eb:70:02:f9:ab:a9:17:62:ea:c1:93:
         d4:bf:8b:38:02:8d:d7:98:41:81:f6:4b:f4:a8:0d:8f:54:d9:
         8a:6a:9d:5c:3d:3c:6b:0b:b6:8c:c7:4b:f8:a4:55:55:3c:20:
         0d:ec:be:06:9d:4c:ef:99:97:62:3d:03:3c:c2:58:d1:e4:ed:
         c7:fd:a1:df:bd:ab:79:5a:67:99:4e:9b:be:83:3c:c8:74:3f:
         41:03:19:7c:21:72:05:f3:62:38:b1:56:10:96:b7:3d:20:eb:
         b4:86:b7:8e:8b:e6:32:f0:52:2f:d0:37:ed:92:f5:a2:9c:90:
         1d:f7:35:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRERi2GELJ3+gLE1GVGZ6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUwODA5MjMwMTEzWhcNMjUwODEwMjMwMTEzWjAzMTEwLwYDVQQD
Eyg3MmU1Zjk3ZWM4MWU5ZGRjZWFhYzQzZWUzZjY1NTFhOTY4MDFhOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV2fLzoqkKgoZAsOXL6AC6iQdiO
l2VbrhhhXac9PKCbCVksB9UUN3bH2b6CbN2KCSKQXDLF9zROunrrjU8Qn/Fstmgb
+wTdg7pSRwjx2YTptWJyJcJQk682YA8sYDOOUDcXOEBMxKWwokQgvFtIWXE6Vm4Q
qH0ncqGB0HabTvYxAt0c7Sz9Q2XsQRi1oGPXofhUGjkLsuc2hYwR24ffsB0F0+ic
ihh+ypI1SvYCfznai2nOplA4QGcnwkzqsCOFDfygWP3xrowvDgD69fJOmJ0CWz9c
KvHUanQXemj/FRJJkjw3KoWJ/QAU4wEAk9MB2/ChPor77nH/KPyuhNXvdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLl+X7IHp3c6qxD7j9lUaloAalPMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbQTZdCZu
er6EORomDQCSPSkEDE8u1r4ASemngTlDcD0sOzUnluyj42X3cOT0SNx+yP3kPscd
lLieCK+ci4mUjbZmQcxhM82XmYE3gWy1Qf+lGWAbDUwhMhX5tcwFNC0aTcjoMHQm
SNxehIjFtYbXVa/ilbB1ydFLqmuV69ysOhCudw6TU+twAvmrqRdi6sGT1L+LOAKN
15hBgfZL9KgNj1TZimqdXD08awu2jMdL+KRVVTwgDey+Bp1M75mXYj0DPMJY0eTt
x/2h372reVpnmU6bvoM8yHQ/QQMZfCFyBfNiOLFWEJa3PSDrtIa3jovmMvBSL9A3
7ZL1opyQHfc1Eg==
-----END CERTIFICATE-----