Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
File:                     cs3rVmQuM1iXcef9pxu3HgF_nZY.mft (raw, json)
Hash identifier:          uWFZI2V1Qu6aBNN8Imw7ugGeKDKcZfMZjVcqY9wt0WM=
Subject key identifier:   D1:AE:8E:BC:20:AE:44:34:1D:F2:7E:FA:70:53:3F:F7:99:1E:53:13
Authority key identifier: 72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96
Certificate issuer:       /CN=72cdeb56642e33589771e7fda71bb71e017f9d96
Certificate serial:       01987306AAB507B8DB7F3FFB991D921A1719
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
Manifest number:          0B34
Signing time:             Mon 04 Aug 2025 03:01:13 +0000
Manifest this update:     Mon 04 Aug 2025 03:01:13 +0000
Manifest next update:     Tue 05 Aug 2025 03:01:13 +0000
Files and hashes:         1: cs3rVmQuM1iXcef9pxu3HgF_nZY.crl (hash: X6OnVInQytJr/5Pst30taNGwmEedPDVq1zebVYjYYuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:06:aa:b5:07:b8:db:7f:3f:fb:99:1d:92:1a:17:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cdeb56642e33589771e7fda71bb71e017f9d96
        Validity
            Not Before: Aug  4 03:01:13 2025 GMT
            Not After : Aug  5 03:01:13 2025 GMT
        Subject: CN=d1ae8ebc20ae44341df27efa70533ff7991e5313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:2f:f3:98:3b:b6:dd:b6:89:e3:1b:d3:20:e1:
                    1c:6e:f1:8b:82:09:b5:bd:c6:56:3f:c3:ef:46:8a:
                    83:ac:1b:91:e8:43:e9:5b:a6:6e:29:d1:5c:f1:31:
                    1c:69:03:92:5f:f4:e7:48:36:56:2e:75:21:26:fb:
                    a3:26:f4:a3:91:23:2d:3d:d2:5f:be:42:2e:9d:64:
                    2a:81:f7:cb:03:1c:42:9d:c1:68:1a:cf:7f:ac:ee:
                    be:87:db:92:f8:ce:c7:c9:f1:a0:33:86:29:cb:49:
                    88:16:b6:b3:cb:36:b0:fe:a7:e0:d1:68:b5:b4:48:
                    a2:34:aa:0d:6e:df:c1:61:3f:3d:57:ba:a1:f6:6d:
                    da:61:c6:28:bb:63:0c:96:3f:3c:a7:bb:ac:cd:71:
                    07:14:5b:2c:66:15:c2:2e:78:62:36:01:82:f8:38:
                    c5:7d:33:be:01:ee:3f:b0:93:93:92:87:cf:fb:52:
                    58:1f:79:1d:e5:78:22:a0:ee:3b:ee:e1:44:ab:99:
                    f9:70:87:b7:25:86:b6:de:aa:57:a6:7f:78:a3:0f:
                    e1:85:40:cc:7a:d2:3c:70:4c:f4:81:71:dc:aa:52:
                    da:58:22:9e:7a:ab:56:10:6a:ca:43:74:21:46:7b:
                    8f:58:a1:04:02:49:58:07:c2:f5:5d:d7:ae:bc:35:
                    c5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AE:8E:BC:20:AE:44:34:1D:F2:7E:FA:70:53:3F:F7:99:1E:53:13
            X509v3 Authority Key Identifier:
                keyid:72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:8c:6b:34:f5:d6:39:6e:ab:bc:16:6f:87:43:3d:86:8a:22:
         ea:af:66:06:f3:63:dc:d9:25:09:1c:c5:83:25:f3:bc:9b:68:
         10:0f:eb:59:e2:4b:36:dd:63:17:94:d3:a3:c2:fc:68:b1:7b:
         32:97:5d:ab:87:5e:3f:2c:5d:56:50:6a:38:1a:f1:59:00:26:
         84:0a:e9:77:05:b4:5c:ff:de:7f:55:cd:8f:f1:64:c2:70:a2:
         9d:93:5c:a4:bd:08:95:84:05:f1:38:16:5e:ca:a2:c4:13:a9:
         0b:14:a5:cc:f4:11:7b:cf:d9:56:f6:03:c5:3a:8f:05:84:c0:
         4d:a6:29:71:c7:d7:96:45:0c:fd:0f:d2:e9:b4:33:a9:63:73:
         1f:77:72:5b:7e:39:9f:c3:05:23:74:36:05:b7:66:82:86:70:
         e9:e4:9e:00:98:f7:65:3b:c5:2f:61:e0:d0:d9:4c:63:cb:4c:
         d1:bf:4e:ad:39:cc:a5:3a:d9:70:61:b1:08:1f:8e:70:4b:68:
         f2:0f:0c:df:52:d0:01:0b:c9:2e:9e:e1:fa:56:38:e4:3f:a4:
         f1:a5:06:c3:ac:97:15:51:a3:09:59:7b:1b:96:f5:1c:4e:8d:
         b0:fd:ab:1a:e2:fe:2b:f6:c0:d9:5a:b0:4a:c0:8b:fe:55:5d:
         18:46:c2:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzBqq1B7jbfz/7mR2SGhcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2RlYjU2NjQyZTMzNTg5NzcxZTdmZGE3MWJiNzFlMDE3
ZjlkOTYwHhcNMjUwODA0MDMwMTEzWhcNMjUwODA1MDMwMTEzWjAzMTEwLwYDVQQD
EyhkMWFlOGViYzIwYWU0NDM0MWRmMjdlZmE3MDUzM2ZmNzk5MWU1MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8i/zmDu23baJ4xvTIOEcbvGLggm1
vcZWP8PvRoqDrBuR6EPpW6ZuKdFc8TEcaQOSX/TnSDZWLnUhJvujJvSjkSMtPdJf
vkIunWQqgffLAxxCncFoGs9/rO6+h9uS+M7HyfGgM4Ypy0mIFrazyzaw/qfg0Wi1
tEiiNKoNbt/BYT89V7qh9m3aYcYou2MMlj88p7uszXEHFFssZhXCLnhiNgGC+DjF
fTO+Ae4/sJOTkofP+1JYH3kd5XgioO477uFEq5n5cIe3JYa23qpXpn94ow/hhUDM
etI8cEz0gXHcqlLaWCKeeqtWEGrKQ3QhRnuPWKEEAklYB8L1XdeuvDXFvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGujrwgrkQ0HfJ++nBTP/eZHlMTMB8GA1UdIwQY
MBaAFHLN61ZkLjNYl3Hn/acbtx4Bf52WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEt
ZTgyNzc0YTE2YTU3LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEtZTgyNzc0YTE2YTU3
LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoxrNPXW
OW6rvBZvh0M9hooi6q9mBvNj3NklCRzFgyXzvJtoEA/rWeJLNt1jF5TTo8L8aLF7
Mpddq4dePyxdVlBqOBrxWQAmhArpdwW0XP/ef1XNj/FkwnCinZNcpL0IlYQF8TgW
XsqixBOpCxSlzPQRe8/ZVvYDxTqPBYTATaYpccfXlkUM/Q/S6bQzqWNzH3dyW345
n8MFI3Q2BbdmgoZw6eSeAJj3ZTvFL2Hg0NlMY8tM0b9OrTnMpTrZcGGxCB+OcEto
8g8M31LQAQvJLp7h+lY45D+k8aUGw6yXFVGjCVl7G5b1HE6NsP2rGuL+K/bA2Vqw
SsCL/lVdGEbC+g==
-----END CERTIFICATE-----