Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          oMlHCn5qIY2slUOo12H8ySXca2zXbyvwQgjZUmKNPbE=
Subject key identifier:   F9:F7:50:08:98:DD:EF:3A:7E:41:B4:BE:12:7E:3F:09:1C:3B:29:E1
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       01988B0E6AED06F00384A5D2C1083F5F78ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          03AA
Signing time:             Fri 08 Aug 2025 19:00:34 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:34 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:34 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: O/h8BnIP8xcsiaB/LDx4TAuYgH7t6n8EJQ2i/1hmtDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:6a:ed:06:f0:03:84:a5:d2:c1:08:3f:5f:78:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Aug  8 19:00:34 2025 GMT
            Not After : Aug  9 19:00:34 2025 GMT
        Subject: CN=f9f7500898ddef3a7e41b4be127e3f091c3b29e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:34:42:6a:c2:4e:8f:b8:42:b5:e3:e8:5d:be:
                    e6:cb:d7:90:d5:bd:11:ea:11:98:50:0e:69:3c:31:
                    ad:32:02:a1:96:dd:b8:e6:1c:2a:d9:cd:92:bd:15:
                    55:36:2a:80:2b:3a:90:2b:d3:30:9b:59:74:53:db:
                    3b:65:76:ef:f3:67:ac:1b:0e:de:21:ee:66:2b:1c:
                    63:92:f3:31:a3:a8:a4:8c:d8:33:b8:58:f1:a7:1e:
                    5a:d9:65:1e:32:14:17:91:91:68:01:19:36:20:74:
                    a2:17:33:0c:0d:29:01:3f:81:97:5b:aa:bc:08:34:
                    ce:6d:12:cc:79:95:d2:3e:22:fc:88:9d:ac:19:59:
                    68:8d:18:8b:cb:6d:6b:6e:30:96:08:34:79:8d:ab:
                    4e:91:01:e4:62:6c:25:c2:22:4a:29:72:46:80:2d:
                    d6:af:f2:cf:a5:09:15:7c:29:c3:ca:31:78:ed:90:
                    69:52:e7:15:86:51:20:82:6b:55:e4:5a:ea:81:4d:
                    05:17:41:ed:6c:86:cd:1f:4b:0a:66:69:e3:8d:06:
                    37:c8:5f:4c:0b:e7:2d:80:84:6f:74:ba:c6:b7:5d:
                    59:1d:f5:f8:47:94:61:f2:70:80:78:49:f6:9d:ac:
                    3d:89:cc:a9:e6:9c:1b:f4:90:3d:b3:8a:64:f7:e0:
                    15:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F7:50:08:98:DD:EF:3A:7E:41:B4:BE:12:7E:3F:09:1C:3B:29:E1
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:68:7b:61:f5:7d:5c:f8:f7:95:4d:18:df:d9:a3:19:e6:d4:
         73:77:6b:ba:88:c4:0b:69:59:5c:c1:b8:81:65:14:dc:52:64:
         3e:76:95:e8:ec:c6:98:12:e3:3f:6f:2f:d9:7d:9e:74:ad:4b:
         7f:97:1e:01:db:d5:68:90:4e:3e:41:ce:9b:aa:66:0c:eb:42:
         0a:ff:c8:27:18:07:b2:e8:a5:86:3b:f5:14:2c:71:c1:15:b1:
         5b:05:70:1d:d9:aa:5c:6d:76:4b:4c:d9:39:07:c7:82:99:c5:
         02:d8:3a:02:18:09:ec:61:3d:41:16:77:1b:72:f3:b5:6e:b8:
         31:2a:d6:17:37:7f:b8:3e:f8:5f:11:db:2f:fb:6e:5c:2c:77:
         ca:9a:eb:28:75:cb:0d:e5:7f:25:50:3e:00:25:51:ca:cf:bb:
         00:f8:b5:87:df:10:fa:dc:01:9a:03:15:c7:56:17:87:d5:32:
         c5:c5:a1:62:2f:f1:12:cb:d2:87:d3:ed:5c:68:cb:0b:02:0b:
         4b:41:50:04:b0:92:44:6f:54:da:77:5e:d5:6c:70:92:2f:6e:
         22:0d:83:63:28:50:7c:f3:af:e8:fb:06:98:3b:ff:f9:a0:9b:
         d0:2d:5d:12:a4:c7:a7:20:99:a1:7b:99:93:d0:92:6e:b3:c8:
         2a:cc:97:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDmrtBvADhKXSwQg/X3jtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUwODA4MTkwMDM0WhcNMjUwODA5MTkwMDM0WjAzMTEwLwYDVQQD
EyhmOWY3NTAwODk4ZGRlZjNhN2U0MWI0YmUxMjdlM2YwOTFjM2IyOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzRCasJOj7hCtePoXb7my9eQ1b0R
6hGYUA5pPDGtMgKhlt245hwq2c2SvRVVNiqAKzqQK9Mwm1l0U9s7ZXbv82esGw7e
Ie5mKxxjkvMxo6ikjNgzuFjxpx5a2WUeMhQXkZFoARk2IHSiFzMMDSkBP4GXW6q8
CDTObRLMeZXSPiL8iJ2sGVlojRiLy21rbjCWCDR5jatOkQHkYmwlwiJKKXJGgC3W
r/LPpQkVfCnDyjF47ZBpUucVhlEggmtV5FrqgU0FF0HtbIbNH0sKZmnjjQY3yF9M
C+ctgIRvdLrGt11ZHfX4R5Rh8nCAeEn2naw9icyp5pwb9JA9s4pk9+AVgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn3UAiY3e86fkG0vhJ+PwkcOynhMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWh7YfV9
XPj3lU0Y39mjGebUc3druojEC2lZXMG4gWUU3FJkPnaV6OzGmBLjP28v2X2edK1L
f5ceAdvVaJBOPkHOm6pmDOtCCv/IJxgHsuilhjv1FCxxwRWxWwVwHdmqXG12S0zZ
OQfHgpnFAtg6AhgJ7GE9QRZ3G3LztW64MSrWFzd/uD74XxHbL/tuXCx3yprrKHXL
DeV/JVA+ACVRys+7APi1h98Q+twBmgMVx1YXh9UyxcWhYi/xEsvSh9PtXGjLCwIL
S0FQBLCSRG9U2nde1Wxwki9uIg2DYyhQfPOv6PsGmDv/+aCb0C1dEqTHpyCZoXuZ
k9CSbrPIKsyXNw==
-----END CERTIFICATE-----