Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          YSRJWerAcBlbvI007DvMrG06v7Yz/L+ydEn4xwB6nQ0=
Subject key identifier:   89:B8:76:5B:19:2E:47:A0:27:B9:37:B7:11:4C:19:46:7E:19:99:3D
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       019879AD0EFB4EC876C51F3AC312EACFE7A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          0269
Signing time:             Tue 05 Aug 2025 10:00:41 +0000
Manifest this update:     Tue 05 Aug 2025 10:00:41 +0000
Manifest next update:     Wed 06 Aug 2025 10:00:41 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: Cncd4OnDS/NQ1V2PbWVALC/Wie5xVf6QtzCvCgxW+98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:79:ad:0e:fb:4e:c8:76:c5:1f:3a:c3:12:ea:cf:e7:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Aug  5 10:00:41 2025 GMT
            Not After : Aug  6 10:00:41 2025 GMT
        Subject: CN=89b8765b192e47a027b937b7114c19467e19993d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e5:eb:c2:51:82:49:b6:0d:ad:4e:80:a4:64:
                    9c:61:17:b6:97:c4:b5:25:38:6a:3f:ad:12:77:bb:
                    b8:4b:ad:eb:24:7a:cd:e0:85:58:bb:65:8b:4d:83:
                    d4:64:a7:40:f6:dd:b8:8b:89:64:ba:5c:a1:24:bb:
                    ab:df:c2:11:81:28:ee:e8:de:10:62:6b:5e:78:68:
                    ff:34:2b:cd:cf:85:c8:eb:0a:5e:61:c9:42:ca:d5:
                    9c:07:1b:b4:76:52:81:d4:22:8b:ac:74:eb:68:31:
                    82:d7:15:0b:cb:9a:5e:46:99:85:d5:8f:98:28:f5:
                    7f:a0:e8:69:49:36:75:40:7a:7a:6e:af:9c:6b:01:
                    06:cc:d4:5d:f0:3b:9d:a2:63:bb:be:f0:69:6b:48:
                    00:46:ea:29:f2:e7:06:6d:21:8c:30:91:fd:de:f4:
                    7c:20:34:42:cb:a4:00:ee:f9:4c:98:87:2c:23:47:
                    83:d4:23:85:13:66:f5:8b:1a:52:d1:42:dc:a9:39:
                    93:68:75:db:79:88:bb:2b:e0:5a:06:9b:d3:9e:61:
                    de:f6:67:cd:11:b9:b3:08:6e:a7:18:e2:ea:bd:bc:
                    fa:dc:14:03:5f:d2:15:32:7a:f8:28:40:c1:b1:fe:
                    03:3c:59:16:19:1d:b4:75:b7:66:0f:76:d9:99:8d:
                    ad:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:B8:76:5B:19:2E:47:A0:27:B9:37:B7:11:4C:19:46:7E:19:99:3D
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:68:47:e7:24:60:5a:63:6f:7d:e7:14:68:d8:4b:89:d3:91:
         40:6e:8d:2b:86:62:93:13:f1:e6:8e:56:3a:13:dc:c2:4a:26:
         95:b6:64:bc:1b:33:53:dc:bd:46:ff:a8:99:4a:07:ca:af:52:
         ff:bf:c4:dd:75:ac:17:2e:39:32:ab:14:0b:df:b7:46:75:9e:
         4b:12:bc:59:ce:a9:a3:4c:4c:4f:45:c7:d2:69:be:87:67:12:
         4b:d1:34:e1:ef:8e:ec:29:df:95:45:e9:a2:84:d5:70:72:11:
         88:b0:99:ef:f8:0d:a8:d2:87:3c:76:b4:0c:53:45:bd:bd:bf:
         fb:6b:82:8e:fe:55:13:04:30:05:c9:60:3f:ad:99:48:42:57:
         d0:60:3b:bc:bd:75:fd:14:a9:b8:cf:1d:31:32:87:14:e5:94:
         15:6c:1c:0d:80:f4:f0:6f:09:22:60:09:a1:c6:bb:f2:b7:94:
         14:d4:e0:cd:57:94:a1:7e:a8:38:8a:80:d5:1c:22:5f:9c:7c:
         d9:63:e9:e0:80:75:25:a7:fc:19:86:10:ea:61:b5:62:48:7e:
         a4:f3:83:6d:54:fb:3d:70:63:ce:b4:b9:46:ae:fc:1b:e1:1f:
         ff:16:b7:0d:b6:0f:10:47:01:b4:d4:c0:a8:5b:83:68:e5:ec:
         37:90:35:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh5rQ77Tsh2xR86wxLqz+egMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwODA1MTAwMDQxWhcNMjUwODA2MTAwMDQxWjAzMTEwLwYDVQQD
Eyg4OWI4NzY1YjE5MmU0N2EwMjdiOTM3YjcxMTRjMTk0NjdlMTk5OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eXrwlGCSbYNrU6ApGScYRe2l8S1
JThqP60Sd7u4S63rJHrN4IVYu2WLTYPUZKdA9t24i4lkulyhJLur38IRgSju6N4Q
YmteeGj/NCvNz4XI6wpeYclCytWcBxu0dlKB1CKLrHTraDGC1xULy5peRpmF1Y+Y
KPV/oOhpSTZ1QHp6bq+cawEGzNRd8DudomO7vvBpa0gARuop8ucGbSGMMJH93vR8
IDRCy6QA7vlMmIcsI0eD1COFE2b1ixpS0ULcqTmTaHXbeYi7K+BaBpvTnmHe9mfN
EbmzCG6nGOLqvbz63BQDX9IVMnr4KEDBsf4DPFkWGR20dbdmD3bZmY2tuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIm4dlsZLkegJ7k3txFMGUZ+GZk9MB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWhH5yRg
WmNvfecUaNhLidORQG6NK4ZikxPx5o5WOhPcwkomlbZkvBszU9y9Rv+omUoHyq9S
/7/E3XWsFy45MqsUC9+3RnWeSxK8Wc6po0xMT0XH0mm+h2cSS9E04e+O7CnflUXp
ooTVcHIRiLCZ7/gNqNKHPHa0DFNFvb2/+2uCjv5VEwQwBclgP62ZSEJX0GA7vL11
/RSpuM8dMTKHFOWUFWwcDYD08G8JImAJoca78reUFNTgzVeUoX6oOIqA1RwiX5x8
2WPp4IB1Jaf8GYYQ6mG1Ykh+pPODbVT7PXBjzrS5Rq78G+Ef/xa3DbYPEEcBtNTA
qFuDaOXsN5A1Jg==
-----END CERTIFICATE-----