Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
File:                     PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft (raw, json)
Hash identifier:          efHgl650+IpUwa3WJIijCl2nfmjWwvMH8wbXrzkejPM=
Subject key identifier:   19:16:A6:57:90:9C:22:49:E8:50:19:6F:94:43:C3:A5:40:46:D4:34
Authority key identifier: 3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6
Certificate issuer:       /CN=3d2d1ada614c68e174c4dedf55996a954316eae6
Certificate serial:       01987B9D8C6CC885676AEB6DFF3B9015D0A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
Manifest number:          1618
Signing time:             Tue 05 Aug 2025 19:02:59 +0000
Manifest this update:     Tue 05 Aug 2025 19:02:59 +0000
Manifest next update:     Wed 06 Aug 2025 19:02:59 +0000
Files and hashes:         1: PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl (hash: ey4N5snI1rkEqDaEn6EQcevymLm043Q/P20jYevdmbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9d:8c:6c:c8:85:67:6a:eb:6d:ff:3b:90:15:d0:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2d1ada614c68e174c4dedf55996a954316eae6
        Validity
            Not Before: Aug  5 19:02:59 2025 GMT
            Not After : Aug  6 19:02:59 2025 GMT
        Subject: CN=1916a657909c2249e850196f9443c3a54046d434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3e:28:75:f4:36:de:49:5f:1a:1d:4d:a5:80:
                    64:66:67:15:6a:b6:56:e5:80:c2:8e:c2:e7:27:90:
                    84:23:de:d4:63:cc:74:ac:2b:ea:d2:5c:cf:77:78:
                    28:1a:4d:8f:73:22:7c:82:9b:c8:8e:48:e5:3f:3c:
                    9a:b7:46:cb:5f:3e:6f:1d:b4:70:37:0f:ac:b3:09:
                    f8:85:27:c0:6f:a1:c5:d1:58:a5:af:e3:ab:fb:aa:
                    ae:38:6a:36:3e:c5:3b:4d:a6:c4:61:15:92:ca:76:
                    82:cc:7f:65:56:8a:13:91:c5:58:dc:8b:0a:8a:d4:
                    b1:31:1a:15:17:c4:4f:c2:d6:e2:e5:35:f0:aa:58:
                    40:4c:26:61:8e:80:82:cb:93:84:7e:09:c5:80:29:
                    e2:55:e8:a1:79:03:13:64:a7:fc:32:57:90:dd:9c:
                    52:80:57:98:bc:e9:a0:1e:26:ef:fa:6f:3f:18:7e:
                    58:bf:ba:80:fe:7f:f6:c1:73:77:30:30:61:a2:84:
                    3c:fa:41:1b:78:57:ea:90:91:64:62:8a:11:f7:6e:
                    d3:87:f7:a6:27:f1:aa:27:a7:cd:19:13:cc:d3:b0:
                    12:f9:d2:a2:25:27:b3:c9:ee:e1:c1:3c:4a:06:74:
                    17:4a:bf:72:8b:43:48:86:8a:ce:23:39:19:11:37:
                    6e:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:16:A6:57:90:9C:22:49:E8:50:19:6F:94:43:C3:A5:40:46:D4:34
            X509v3 Authority Key Identifier:
                keyid:3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:3e:53:27:10:9c:11:96:54:2e:d8:e3:54:d1:a0:3e:03:de:
         8e:67:f2:66:e4:6b:11:7d:4e:1e:13:0e:86:1b:27:88:be:e7:
         67:fe:6f:3a:7d:09:e3:62:ac:12:43:69:f1:49:1a:c3:de:db:
         2b:9b:aa:6b:71:19:23:0a:99:ad:ce:7e:3d:76:51:10:96:74:
         78:41:2a:10:98:dc:86:61:c1:e6:5b:00:6b:63:fc:f4:0a:c9:
         8d:c5:a3:98:47:84:3b:88:82:aa:73:87:98:87:98:5a:05:10:
         b4:69:78:57:53:81:1b:ae:2b:35:00:88:4a:bc:e9:64:64:7c:
         fa:90:7a:20:a5:fc:27:a7:c5:f2:01:aa:fa:2c:f5:7e:47:ee:
         29:86:cc:f2:17:a7:1b:3e:fb:f8:38:b3:47:6c:de:d6:b2:6a:
         49:73:8c:1b:e6:12:0d:69:45:a0:7b:98:25:53:00:6f:34:5f:
         84:72:b5:32:1d:c4:7f:b7:77:cf:f3:93:c0:ac:97:7a:8a:02:
         89:1c:26:ad:60:88:2b:15:f8:44:54:1c:b0:c6:a6:45:fc:83:
         8e:17:6c:4e:b8:7e:75:ca:13:c4:fc:c5:66:f2:e2:33:7f:36:
         83:cb:9b:d7:0f:fd:21:c5:81:13:2b:b0:f9:56:92:ee:cd:d2:
         e3:5f:27:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nYxsyIVnautt/zuQFdCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMmQxYWRhNjE0YzY4ZTE3NGM0ZGVkZjU1OTk2YTk1NDMx
NmVhZTYwHhcNMjUwODA1MTkwMjU5WhcNMjUwODA2MTkwMjU5WjAzMTEwLwYDVQQD
EygxOTE2YTY1NzkwOWMyMjQ5ZTg1MDE5NmY5NDQzYzNhNTQwNDZkNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1z4odfQ23klfGh1NpYBkZmcVarZW
5YDCjsLnJ5CEI97UY8x0rCvq0lzPd3goGk2PcyJ8gpvIjkjlPzyat0bLXz5vHbRw
Nw+sswn4hSfAb6HF0Vilr+Or+6quOGo2PsU7TabEYRWSynaCzH9lVooTkcVY3IsK
itSxMRoVF8RPwtbi5TXwqlhATCZhjoCCy5OEfgnFgCniVeiheQMTZKf8MleQ3ZxS
gFeYvOmgHibv+m8/GH5Yv7qA/n/2wXN3MDBhooQ8+kEbeFfqkJFkYooR927Th/em
J/GqJ6fNGRPM07AS+dKiJSezye7hwTxKBnQXSr9yi0NIhorOIzkZETduywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkWpleQnCJJ6FAZb5RDw6VARtQ0MB8GA1UdIwQY
MBaAFD0tGtphTGjhdMTe31WZapVDFurmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9mY2JmZDctZDc4NS00YjA2LTg4YzUt
NDg2Y2FlMDQxZTBlLzEvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9mY2JmZDctZDc4NS00YjA2LTg4YzUtNDg2Y2FlMDQxZTBl
LzEvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXD5TJxCc
EZZULtjjVNGgPgPejmfyZuRrEX1OHhMOhhsniL7nZ/5vOn0J42KsEkNp8Ukaw97b
K5uqa3EZIwqZrc5+PXZREJZ0eEEqEJjchmHB5lsAa2P89ArJjcWjmEeEO4iCqnOH
mIeYWgUQtGl4V1OBG64rNQCISrzpZGR8+pB6IKX8J6fF8gGq+iz1fkfuKYbM8hen
Gz77+DizR2ze1rJqSXOMG+YSDWlFoHuYJVMAbzRfhHK1Mh3Ef7d3z/OTwKyXeooC
iRwmrWCIKxX4RFQcsMamRfyDjhdsTrh+dcoTxPzFZvLiM382g8ub1w/9IcWBEyuw
+VaS7s3S418nyw==
-----END CERTIFICATE-----