Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          4vKVmLhgSGuHjcuG2yf8z2nXTnO7sciV648Ozh7AF+U=
Subject key identifier:   70:73:4E:9C:EE:DC:42:A8:FB:61:B8:91:B8:DF:90:02:9C:63:1C:08
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019873E2E475DE732838366618AB2C552726
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1612
Signing time:             Mon 04 Aug 2025 07:01:46 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:46 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:46 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: APF7zXJX2bV//6y3s2izjnLlpFB1Ejql+HffzdDrTIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:e4:75:de:73:28:38:36:66:18:ab:2c:55:27:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Aug  4 07:01:46 2025 GMT
            Not After : Aug  5 07:01:46 2025 GMT
        Subject: CN=70734e9ceedc42a8fb61b891b8df90029c631c08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a6:fe:b4:44:29:e2:ac:a2:04:f6:9b:c2:1a:
                    bd:1d:fa:95:35:43:17:5a:a7:43:dc:49:99:74:5f:
                    de:9a:48:ee:16:c2:07:2c:55:b0:52:b8:58:04:05:
                    9c:9d:0a:bc:94:e5:7e:e2:2c:66:36:ba:f1:22:b8:
                    a0:ed:2e:e7:76:48:87:a7:4c:00:ec:5a:fc:7f:f3:
                    e5:27:a1:5c:7d:69:97:e7:f5:28:8b:fd:d1:0a:31:
                    f0:19:07:f8:a4:8c:ef:45:56:82:a8:4f:90:57:75:
                    63:80:a6:5a:d3:a4:5a:66:de:e5:88:ed:f7:b3:fb:
                    88:16:26:ce:83:a9:fb:da:9a:8e:99:ed:67:d5:ea:
                    90:e8:72:d2:1d:93:50:2b:0c:85:f6:e8:7a:be:17:
                    1d:1b:2e:27:90:84:1f:3f:a1:d0:ad:12:0c:61:52:
                    db:83:6b:89:d5:42:c4:e7:06:c7:de:60:60:95:67:
                    eb:3d:74:d8:3b:b7:05:61:dc:14:d5:8c:78:01:e3:
                    84:57:78:01:bc:0d:fa:86:29:5a:fd:e1:d0:05:a5:
                    e9:3b:19:b4:88:37:fb:51:04:8b:ab:f9:59:37:bf:
                    c6:12:76:e0:84:cc:30:72:9b:92:22:14:2f:53:90:
                    a4:9e:d0:b9:87:7e:bc:d8:3b:d3:f0:32:ef:6c:f1:
                    13:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:73:4E:9C:EE:DC:42:A8:FB:61:B8:91:B8:DF:90:02:9C:63:1C:08
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:06:ec:27:29:8c:94:a2:6f:4c:46:2e:57:4a:a2:f6:c3:42:
         95:6c:a7:6e:a3:e3:d2:31:ff:b7:0a:d0:4f:45:f4:9b:24:51:
         68:78:8e:a2:88:37:d8:3c:69:39:1f:e5:a3:61:f2:4a:ee:bc:
         18:68:86:00:2d:59:7b:91:7e:e8:fd:f0:fb:36:b2:b6:43:7c:
         f3:4a:6b:1b:59:99:ef:eb:ba:56:dc:d8:7f:fa:0f:dc:ee:8b:
         99:41:2f:cb:32:f9:cb:59:e9:37:ca:e5:3a:1d:64:a7:16:e0:
         23:09:36:6f:db:1e:5c:96:46:6a:61:0b:96:6a:b0:88:15:62:
         cb:a9:38:2a:3a:05:41:18:94:be:7c:c3:0b:8a:50:79:38:71:
         57:dc:e8:a9:59:dd:c7:1a:dc:f6:fc:42:72:a6:0f:d0:75:a0:
         15:65:bf:e2:76:35:8b:7c:7b:c6:76:8c:18:ca:50:46:82:74:
         bd:81:cd:f5:67:c3:2b:57:e4:78:0f:4a:f7:42:0b:d4:93:fc:
         0b:2d:eb:be:bc:cc:60:04:00:2b:d8:f1:30:cd:b6:e2:8b:d8:
         5e:ad:c9:45:83:04:64:5b:51:33:e3:da:af:19:b7:b2:c6:98:
         92:c9:3f:c0:b0:83:4e:e5:3a:61:08:81:3e:bf:b5:a9:48:6e:
         ae:93:2f:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4uR13nMoODZmGKssVScmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwODA0MDcwMTQ2WhcNMjUwODA1MDcwMTQ2WjAzMTEwLwYDVQQD
Eyg3MDczNGU5Y2VlZGM0MmE4ZmI2MWI4OTFiOGRmOTAwMjljNjMxYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6b+tEQp4qyiBPabwhq9HfqVNUMX
WqdD3EmZdF/emkjuFsIHLFWwUrhYBAWcnQq8lOV+4ixmNrrxIrig7S7ndkiHp0wA
7Fr8f/PlJ6FcfWmX5/Uoi/3RCjHwGQf4pIzvRVaCqE+QV3VjgKZa06RaZt7liO33
s/uIFibOg6n72pqOme1n1eqQ6HLSHZNQKwyF9uh6vhcdGy4nkIQfP6HQrRIMYVLb
g2uJ1ULE5wbH3mBglWfrPXTYO7cFYdwU1Yx4AeOEV3gBvA36hila/eHQBaXpOxm0
iDf7UQSLq/lZN7/GEnbghMwwcpuSIhQvU5CkntC5h3682DvT8DLvbPETSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBzTpzu3EKo+2G4kbjfkAKcYxwIMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAbsJymM
lKJvTEYuV0qi9sNClWynbqPj0jH/twrQT0X0myRRaHiOoog32DxpOR/lo2HySu68
GGiGAC1Ze5F+6P3w+zaytkN880prG1mZ7+u6VtzYf/oP3O6LmUEvyzL5y1npN8rl
Oh1kpxbgIwk2b9seXJZGamELlmqwiBViy6k4KjoFQRiUvnzDC4pQeThxV9zoqVnd
xxrc9vxCcqYP0HWgFWW/4nY1i3x7xnaMGMpQRoJ0vYHN9WfDK1fkeA9K90IL1JP8
Cy3rvrzMYAQAK9jxMM224ovYXq3JRYMEZFtRM+Parxm3ssaYksk/wLCDTuU6YQiB
Pr+1qUhurpMvwg==
-----END CERTIFICATE-----