Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          kN5D3V1IsN5vXPWN+moNP/VKRfpM86bRwXbxddSx2zU=
Subject key identifier:   6D:97:B9:24:E7:05:A7:D7:DB:06:34:23:D3:96:4E:31:6E:40:7C:14
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019895922748A1F68E4DF50BB9CB5CEED28A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          034F
Signing time:             Sun 10 Aug 2025 20:00:39 +0000
Manifest this update:     Sun 10 Aug 2025 20:00:39 +0000
Manifest next update:     Mon 11 Aug 2025 20:00:39 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: hO2DNhB+wh3dkSNWuGBQ70Z6P2O1q1FBeE84mSo3Eww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:92:27:48:a1:f6:8e:4d:f5:0b:b9:cb:5c:ee:d2:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Aug 10 20:00:39 2025 GMT
            Not After : Aug 11 20:00:39 2025 GMT
        Subject: CN=6d97b924e705a7d7db063423d3964e316e407c14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1e:96:0a:6b:e4:c7:fe:d8:aa:e7:fd:cf:65:
                    a9:1f:10:88:6e:b7:9f:ba:88:29:99:25:cf:93:6c:
                    2f:39:a8:40:77:73:01:ae:6f:97:58:3a:3e:e7:53:
                    4a:10:0a:0c:e4:88:4b:38:b7:d9:e8:f8:0c:d9:63:
                    07:36:a1:5f:f6:26:e3:92:e5:c2:5b:b6:c9:92:29:
                    23:d5:79:68:b9:38:1a:48:e8:71:f7:ba:2b:8f:e4:
                    f9:a6:81:85:86:76:23:3c:aa:41:e1:2b:0f:31:9f:
                    11:5b:e7:a5:d6:1d:e6:77:fd:25:02:3d:72:1c:7b:
                    b1:bc:2f:9b:84:19:92:84:f1:b7:c0:35:f9:e5:4a:
                    56:8e:67:cc:a1:d1:7d:f7:55:64:7e:80:7c:af:08:
                    81:82:5e:cc:92:b5:13:36:35:64:81:04:7b:5b:65:
                    f9:e6:6e:c5:36:29:0e:fc:a4:4d:7d:16:48:6e:71:
                    d0:12:ed:a1:43:5d:c2:7a:d7:9f:13:74:f8:1e:df:
                    52:c1:c5:7f:aa:4a:38:6e:08:35:9a:9c:8a:22:7a:
                    37:ad:e3:5a:bd:70:11:48:8c:7c:d9:3e:9e:d9:f0:
                    3d:2b:21:b6:56:11:04:3f:56:78:1d:d2:09:67:d6:
                    56:d7:75:99:d5:7b:c7:d8:01:1f:0c:c3:b9:80:17:
                    e7:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:97:B9:24:E7:05:A7:D7:DB:06:34:23:D3:96:4E:31:6E:40:7C:14
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f6:a1:c5:17:dc:b7:d8:7d:4c:76:41:45:6a:4a:c4:18:d1:
         71:a5:63:4f:d9:ca:82:c1:5e:58:5c:e4:04:10:0a:ad:78:94:
         1f:63:32:6e:dd:f2:77:d9:5a:8f:03:4a:a7:f2:ad:8b:f0:40:
         5b:00:03:c9:11:81:aa:1f:bd:b9:f9:3d:e2:02:63:83:68:71:
         e4:bf:49:f7:aa:99:87:1c:e4:a8:39:1b:78:b4:53:96:b5:97:
         37:97:dd:1a:fd:7f:a2:f1:25:31:2b:91:78:92:c8:b3:23:ad:
         37:ee:39:96:b6:20:e3:a1:6b:ec:50:29:af:28:96:67:14:3b:
         eb:61:be:9d:f1:58:f9:e6:d5:b9:b5:1b:09:9b:67:b2:99:c1:
         d2:16:03:17:b1:07:00:47:fb:49:c1:f6:71:2d:4a:ef:2f:e9:
         5e:1c:cb:90:1f:cb:c5:2c:3c:da:a7:14:ad:93:f1:39:fa:e2:
         38:af:8a:d0:5b:d4:f8:63:06:20:46:0e:dd:d7:23:0b:b0:d7:
         07:d4:49:f9:2a:ed:61:ea:f4:76:d6:80:d6:4f:c8:08:fc:7f:
         f8:7a:24:76:db:e1:a4:2d:7f:e8:af:1f:01:16:6f:da:d2:d4:
         49:e8:20:da:28:42:94:e6:0d:fe:42:c9:86:c1:4b:9d:be:70:
         a5:9e:5a:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVkidIofaOTfULuctc7tKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwODEwMjAwMDM5WhcNMjUwODExMjAwMDM5WjAzMTEwLwYDVQQD
Eyg2ZDk3YjkyNGU3MDVhN2Q3ZGIwNjM0MjNkMzk2NGUzMTZlNDA3YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB6WCmvkx/7Yquf9z2WpHxCIbref
uogpmSXPk2wvOahAd3MBrm+XWDo+51NKEAoM5IhLOLfZ6PgM2WMHNqFf9ibjkuXC
W7bJkikj1XlouTgaSOhx97orj+T5poGFhnYjPKpB4SsPMZ8RW+el1h3md/0lAj1y
HHuxvC+bhBmShPG3wDX55UpWjmfModF991VkfoB8rwiBgl7MkrUTNjVkgQR7W2X5
5m7FNikO/KRNfRZIbnHQEu2hQ13CetefE3T4Ht9SwcV/qko4bgg1mpyKIno3reNa
vXARSIx82T6e2fA9KyG2VhEEP1Z4HdIJZ9ZW13WZ1XvH2AEfDMO5gBfn5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2XuSTnBafX2wY0I9OWTjFuQHwUMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/ahxRfc
t9h9THZBRWpKxBjRcaVjT9nKgsFeWFzkBBAKrXiUH2Mybt3yd9lajwNKp/Kti/BA
WwADyRGBqh+9ufk94gJjg2hx5L9J96qZhxzkqDkbeLRTlrWXN5fdGv1/ovElMSuR
eJLIsyOtN+45lrYg46Fr7FApryiWZxQ762G+nfFY+ebVubUbCZtnspnB0hYDF7EH
AEf7ScH2cS1K7y/pXhzLkB/LxSw82qcUrZPxOfriOK+K0FvU+GMGIEYO3dcjC7DX
B9RJ+SrtYer0dtaA1k/ICPx/+HokdtvhpC1/6K8fARZv2tLUSegg2ihClOYN/kLJ
hsFLnb5wpZ5aZQ==
-----END CERTIFICATE-----