Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          zTOPDqIDWuAjJVTFsrYsdzw9iYRJFvYDtAKmBXMNx0Y=
Subject key identifier:   9C:FB:A4:86:2F:B2:B5:CA:90:B4:56:6C:2D:61:C3:26:9C:7A:33:11
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       01988168612D3CFA726CD6AEF70144F29FD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          04CF
Signing time:             Wed 06 Aug 2025 22:02:38 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:38 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:38 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: MtYGdd6SQL/ELL7oHU1akrU4USZslWiJ1qO3FYH8MvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:68:61:2d:3c:fa:72:6c:d6:ae:f7:01:44:f2:9f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Aug  6 22:02:38 2025 GMT
            Not After : Aug  7 22:02:38 2025 GMT
        Subject: CN=9cfba4862fb2b5ca90b4566c2d61c3269c7a3311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0a:d1:70:d1:2a:20:98:ac:87:e4:bc:da:c3:
                    58:c1:cd:93:a1:6b:2a:f0:30:f2:98:15:43:25:30:
                    a9:6c:1c:a3:02:5f:b5:d7:4f:9b:db:5e:a9:e2:ad:
                    4d:25:95:9e:b8:df:39:e5:d8:36:be:b5:c2:39:4d:
                    a4:08:ad:61:7f:d9:e5:2f:1a:39:66:c5:4a:7e:32:
                    32:7f:14:34:d4:4e:eb:5c:41:d0:22:d9:d9:5b:c8:
                    7c:f9:6b:d2:92:52:ce:38:a3:b7:85:6f:8c:b4:ca:
                    4d:55:27:79:fb:f7:00:0e:3a:fc:1d:d3:d7:51:a4:
                    1e:35:7a:2a:67:4c:64:1b:12:68:16:50:66:91:b3:
                    32:b2:37:f9:38:c0:c5:a0:0a:04:04:da:09:84:0e:
                    b1:e0:18:83:55:0f:70:f5:1e:0b:d9:6a:bf:a1:02:
                    e1:5f:90:35:8b:5d:17:7f:76:5f:c0:96:71:dc:ca:
                    fe:16:be:2d:fc:1f:59:9a:48:63:71:fb:f7:45:06:
                    fd:51:cc:36:fb:b9:71:00:d0:47:63:90:5a:9d:88:
                    58:85:a7:33:6b:2a:86:05:8c:46:a6:6a:e8:a6:48:
                    7e:95:45:5b:54:bc:b2:59:b0:e1:88:95:b0:72:88:
                    5b:5d:f3:c3:b8:ed:87:06:11:5f:89:19:c0:bd:a3:
                    c8:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:FB:A4:86:2F:B2:B5:CA:90:B4:56:6C:2D:61:C3:26:9C:7A:33:11
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:8c:8f:71:f5:7e:cf:d8:61:a4:41:75:a5:86:b1:2f:91:b4:
         28:65:e5:df:b0:59:6d:37:b9:97:a2:54:04:44:8f:e7:eb:3c:
         6a:72:63:65:29:16:a4:4e:cd:b8:74:dc:d4:79:b8:72:3e:f5:
         98:05:0f:85:20:42:69:0f:29:81:04:e3:ae:01:06:cd:d3:05:
         30:be:22:fb:c6:48:9a:08:08:17:35:b0:47:3a:4b:fd:94:40:
         61:a3:a4:d1:27:da:a0:47:59:92:be:53:e3:f5:f9:79:13:d9:
         9a:d9:ef:8b:32:17:01:fe:fd:cb:c1:c6:c7:be:0e:6b:5e:f4:
         da:da:3b:3c:1f:ce:bd:d8:82:b8:24:0a:ab:63:6f:37:be:ce:
         28:82:bf:58:30:f6:56:5d:21:a8:ec:7c:8a:ee:bb:70:39:c9:
         96:da:06:74:64:a2:56:66:37:08:c7:c8:a3:c5:3b:97:00:cd:
         64:0c:f3:67:a6:9f:a2:32:99:b2:0e:cc:34:b1:b8:25:e6:65:
         14:b5:ee:0d:97:55:df:43:1f:6d:51:73:56:20:8b:00:08:a9:
         c2:23:13:e3:3b:c3:6b:45:1b:06:e3:2d:14:4e:7c:ab:68:fd:
         c4:98:f3:50:da:0f:07:e4:30:60:cc:eb:a7:60:1c:1e:5f:05:
         71:b1:eb:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBaGEtPPpybNau9wFE8p/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjUwODA2MjIwMjM4WhcNMjUwODA3MjIwMjM4WjAzMTEwLwYDVQQD
Eyg5Y2ZiYTQ4NjJmYjJiNWNhOTBiNDU2NmMyZDYxYzMyNjljN2EzMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgrRcNEqIJish+S82sNYwc2ToWsq
8DDymBVDJTCpbByjAl+110+b216p4q1NJZWeuN855dg2vrXCOU2kCK1hf9nlLxo5
ZsVKfjIyfxQ01E7rXEHQItnZW8h8+WvSklLOOKO3hW+MtMpNVSd5+/cADjr8HdPX
UaQeNXoqZ0xkGxJoFlBmkbMysjf5OMDFoAoEBNoJhA6x4BiDVQ9w9R4L2Wq/oQLh
X5A1i10Xf3ZfwJZx3Mr+Fr4t/B9Zmkhjcfv3RQb9Ucw2+7lxANBHY5BanYhYhacz
ayqGBYxGpmropkh+lUVbVLyyWbDhiJWwcohbXfPDuO2HBhFfiRnAvaPI1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJz7pIYvsrXKkLRWbC1hwyacejMRMB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoyPcfV+
z9hhpEF1pYaxL5G0KGXl37BZbTe5l6JUBESP5+s8anJjZSkWpE7NuHTc1Hm4cj71
mAUPhSBCaQ8pgQTjrgEGzdMFML4i+8ZImggIFzWwRzpL/ZRAYaOk0SfaoEdZkr5T
4/X5eRPZmtnvizIXAf79y8HGx74Oa1702to7PB/OvdiCuCQKq2NvN77OKIK/WDD2
Vl0hqOx8iu67cDnJltoGdGSiVmY3CMfIo8U7lwDNZAzzZ6afojKZsg7MNLG4JeZl
FLXuDZdV30MfbVFzViCLAAipwiMT4zvDa0UbBuMtFE58q2j9xJjzUNoPB+QwYMzr
p2AcHl8FcbHrlg==
-----END CERTIFICATE-----