Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          rzR9DRjA2jt+pKC2VNDaIHn8xAMurTyDg8J5Pxruspc=
Subject key identifier:   3B:BE:D4:32:66:D0:0B:51:25:5B:13:AE:1B:1C:9D:02:DA:77:63:2E
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0198820BACA650E349E8201BCFC090B41290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          0703
Signing time:             Thu 07 Aug 2025 01:00:59 +0000
Manifest this update:     Thu 07 Aug 2025 01:00:59 +0000
Manifest next update:     Fri 08 Aug 2025 01:00:59 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: 8J4LBD3hHbSPHsBFlqJWBQd04XurbevpKGQg57XLM6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:0b:ac:a6:50:e3:49:e8:20:1b:cf:c0:90:b4:12:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Aug  7 01:00:59 2025 GMT
            Not After : Aug  8 01:00:59 2025 GMT
        Subject: CN=3bbed43266d00b51255b13ae1b1c9d02da77632e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:21:c3:e8:5c:d4:05:00:06:ce:47:1b:22:81:
                    6a:74:9e:72:2f:eb:77:cc:5e:b9:a0:c8:2d:96:f7:
                    3a:53:a3:ae:4e:37:fd:91:59:51:b7:3c:eb:e5:c8:
                    72:39:85:c9:55:34:45:fd:54:ed:fd:64:5a:5a:b0:
                    0d:5d:27:c0:85:a0:a9:4e:ed:19:e5:3e:0d:e3:18:
                    39:61:32:88:1a:a4:13:7b:8c:4b:2a:4d:1d:5d:c0:
                    7a:aa:bf:4c:e3:55:a6:b8:70:1f:ca:84:9f:3e:4d:
                    97:08:3f:8b:e3:0e:6e:b3:4c:56:42:dc:d2:31:16:
                    57:05:a5:97:03:6e:33:72:9c:be:5e:64:8c:ff:c6:
                    a7:c1:78:64:08:73:d6:95:65:90:eb:08:de:56:ce:
                    93:d8:8f:b4:bd:8b:cf:4b:9f:26:c1:b3:e6:47:05:
                    93:df:c1:9b:14:b8:ed:8b:55:88:ac:1c:02:a9:3f:
                    a4:63:8c:03:dd:00:3e:0c:42:bb:f8:31:69:cf:03:
                    56:dd:53:3e:f9:a3:9c:66:90:63:b2:c7:75:e4:4c:
                    6b:4b:3e:71:60:a9:d5:61:26:15:9d:f1:e6:58:d7:
                    10:53:a5:cf:69:1f:a0:9c:37:56:05:e9:fa:ec:17:
                    f3:6f:8c:5b:b0:41:6c:f7:a7:42:02:3e:96:b5:6e:
                    8f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BE:D4:32:66:D0:0B:51:25:5B:13:AE:1B:1C:9D:02:DA:77:63:2E
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:7f:ee:2a:b5:ad:12:6b:33:d4:ad:07:db:9f:38:02:8d:98:
         79:a1:45:b5:3c:dc:0b:30:28:44:41:9a:91:e3:3a:5c:97:87:
         14:6e:e2:f6:7c:00:0e:3a:18:f8:b9:a2:8d:45:75:e0:a3:9b:
         f3:1d:4b:21:be:e2:81:d3:46:d0:38:b4:a7:37:dc:c0:7a:20:
         34:9c:a2:4a:34:4b:bc:1a:d5:41:f9:17:c0:2b:57:5f:3e:5b:
         fd:d6:de:51:11:5c:ab:73:db:9f:86:84:e7:7c:d7:63:83:6a:
         ad:71:88:2e:4e:8d:8a:f0:ab:b3:2f:e9:ce:f5:30:97:8a:c4:
         aa:f8:58:d6:d1:f1:4e:c0:e0:08:82:61:5a:ce:1d:35:36:1c:
         bc:c0:2c:f7:e7:93:40:02:8e:01:33:17:2e:c7:8e:3f:fd:1c:
         3f:2c:77:c9:09:d1:a2:a2:47:4b:b4:af:c8:99:8c:c3:c3:20:
         19:60:3a:63:bb:60:74:e0:68:a5:75:ae:2f:22:79:2b:ae:94:
         1d:c6:94:cf:c9:2c:d1:f3:af:4d:93:f0:44:a3:a3:3a:5c:12:
         8d:3e:b6:82:97:e8:78:3a:54:a2:8f:8d:68:a7:75:57:b5:b6:
         05:d5:c9:23:96:23:c9:de:d1:2f:e8:c1:51:ee:02:7e:8c:dd:
         64:a6:c5:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCC6ymUONJ6CAbz8CQtBKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwODA3MDEwMDU5WhcNMjUwODA4MDEwMDU5WjAzMTEwLwYDVQQD
EygzYmJlZDQzMjY2ZDAwYjUxMjU1YjEzYWUxYjFjOWQwMmRhNzc2MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yHD6FzUBQAGzkcbIoFqdJ5yL+t3
zF65oMgtlvc6U6OuTjf9kVlRtzzr5chyOYXJVTRF/VTt/WRaWrANXSfAhaCpTu0Z
5T4N4xg5YTKIGqQTe4xLKk0dXcB6qr9M41WmuHAfyoSfPk2XCD+L4w5us0xWQtzS
MRZXBaWXA24zcpy+XmSM/8anwXhkCHPWlWWQ6wjeVs6T2I+0vYvPS58mwbPmRwWT
38GbFLjti1WIrBwCqT+kY4wD3QA+DEK7+DFpzwNW3VM++aOcZpBjssd15ExrSz5x
YKnVYSYVnfHmWNcQU6XPaR+gnDdWBen67Bfzb4xbsEFs96dCAj6WtW6PXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDu+1DJm0AtRJVsTrhscnQLad2MuMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl3/uKrWt
Emsz1K0H2584Ao2YeaFFtTzcCzAoREGakeM6XJeHFG7i9nwADjoY+LmijUV14KOb
8x1LIb7igdNG0Di0pzfcwHogNJyiSjRLvBrVQfkXwCtXXz5b/dbeURFcq3Pbn4aE
53zXY4NqrXGILk6NivCrsy/pzvUwl4rEqvhY1tHxTsDgCIJhWs4dNTYcvMAs9+eT
QAKOATMXLseOP/0cPyx3yQnRoqJHS7SvyJmMw8MgGWA6Y7tgdOBopXWuLyJ5K66U
HcaUz8ks0fOvTZPwRKOjOlwSjT62gpfoeDpUoo+NaKd1V7W2BdXJI5Yjyd7RL+jB
Ue4CfozdZKbFAg==
-----END CERTIFICATE-----