Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
File:                     tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json)
Hash identifier:          iqA2IgoLz2Oq8CB/5579zfbSYEJMWtEztHJ9LiWJDHw=
Subject key identifier:   4F:82:B6:0D:B1:81:2B:FB:DC:DA:47:35:4D:BC:FE:CA:48:54:FF:0F
Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F
Certificate issuer:       /CN=b56daa6f850414a13f650df094506628a46dc12f
Certificate serial:       0198733D9DCE0729A135706085C309C2DD6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
Manifest number:          1112
Signing time:             Mon 04 Aug 2025 04:01:14 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:14 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:14 +0000
Files and hashes:         1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: 6H8huIOoCh7uUvhREhSKIDq7bXRz29Z8ZwfzxGKvl+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:9d:ce:07:29:a1:35:70:60:85:c3:09:c2:dd:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f
        Validity
            Not Before: Aug  4 04:01:14 2025 GMT
            Not After : Aug  5 04:01:14 2025 GMT
        Subject: CN=4f82b60db1812bfbdcda47354dbcfeca4854ff0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0b:0b:12:e5:6a:fe:0f:65:68:4a:3e:3c:e2:
                    37:c5:9a:04:89:97:e9:81:21:0f:9f:77:f0:2c:2c:
                    77:8a:31:38:3a:a5:fe:39:df:2e:b3:cf:1c:79:cb:
                    34:b6:bb:39:dc:46:53:1b:b2:20:d6:b6:a5:1e:28:
                    24:84:56:10:a6:db:39:e1:ba:69:af:01:f9:62:7c:
                    70:c5:ed:bd:b3:05:a2:98:51:08:a6:c2:ea:2a:60:
                    4e:2c:8c:01:e3:a1:61:e1:a7:d1:54:5b:d4:83:fc:
                    34:62:fd:47:5b:84:11:c2:0c:5e:da:6e:be:7d:0b:
                    9f:a3:de:03:18:73:2a:ce:fd:d0:8b:ca:f2:2f:5a:
                    8d:36:b5:7e:1c:2a:c3:65:69:c1:66:5d:0d:a8:23:
                    78:0f:46:15:fe:58:37:6b:a0:2f:e2:49:6c:65:60:
                    4f:cf:9c:e2:1e:ee:64:06:8b:2c:9d:ab:d0:d6:5d:
                    67:9d:aa:e8:7f:b1:50:c7:c0:d0:ab:31:bf:cc:4b:
                    da:1c:50:0c:16:02:e5:ea:4c:0a:13:6f:e2:ba:43:
                    e4:e5:bc:d8:9c:21:31:5d:34:75:0d:e8:e4:35:a8:
                    24:80:62:95:b8:9b:fe:51:e2:67:03:a4:1d:f6:d2:
                    80:38:ad:d5:20:e2:74:d6:b5:44:3f:4c:84:f2:00:
                    c6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:82:B6:0D:B1:81:2B:FB:DC:DA:47:35:4D:BC:FE:CA:48:54:FF:0F
            X509v3 Authority Key Identifier:
                keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:37:19:d3:aa:d7:78:69:29:c8:b3:45:9b:a6:b3:f4:2c:58:
         60:95:d2:5c:39:8a:ad:59:7b:9e:d5:91:e2:95:0f:3a:ce:a9:
         03:36:20:b8:13:86:e5:91:02:19:b9:11:d8:57:e8:f7:6b:75:
         a2:4f:db:8c:44:6b:5d:2c:a8:99:9a:c7:a3:19:ad:82:1d:52:
         82:2b:9b:b8:e7:65:99:61:20:25:cd:db:69:a9:75:07:3b:5e:
         e5:a4:3e:f7:05:4a:a6:d8:f8:02:cf:4b:73:0b:51:2a:33:bb:
         ed:94:c9:02:f5:4a:6c:f1:88:66:54:1c:2d:1a:5e:2e:63:f4:
         a1:97:09:49:cb:fe:55:55:bc:7a:96:50:dc:d4:88:f4:24:a3:
         d6:4a:5c:a1:fe:58:d4:f3:02:49:e3:85:c4:79:d2:15:66:71:
         7c:8f:a7:45:80:dd:e9:d9:8d:d3:97:35:34:af:c7:52:a3:74:
         fa:06:6e:b8:cd:82:64:4e:e3:76:ac:db:50:a1:a4:4a:44:bc:
         8e:4d:e6:fc:15:54:77:6c:07:7c:97:12:93:33:74:f7:4c:b3:
         df:64:7f:80:67:a8:ec:58:99:a6:fc:ce:8b:aa:80:a7:f3:94:
         b9:08:e9:0a:8c:03:3c:a9:9a:d5:9c:c7:f6:ac:c4:45:63:aa:
         48:10:1b:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPZ3OBymhNXBghcMJwt1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2
ZGMxMmYwHhcNMjUwODA0MDQwMTE0WhcNMjUwODA1MDQwMTE0WjAzMTEwLwYDVQQD
Eyg0ZjgyYjYwZGIxODEyYmZiZGNkYTQ3MzU0ZGJjZmVjYTQ4NTRmZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAsLEuVq/g9laEo+POI3xZoEiZfp
gSEPn3fwLCx3ijE4OqX+Od8us88cecs0trs53EZTG7Ig1ralHigkhFYQpts54bpp
rwH5Ynxwxe29swWimFEIpsLqKmBOLIwB46Fh4afRVFvUg/w0Yv1HW4QRwgxe2m6+
fQufo94DGHMqzv3Qi8ryL1qNNrV+HCrDZWnBZl0NqCN4D0YV/lg3a6Av4klsZWBP
z5ziHu5kBossnavQ1l1nnarof7FQx8DQqzG/zEvaHFAMFgLl6kwKE2/iukPk5bzY
nCExXTR1DejkNagkgGKVuJv+UeJnA6Qd9tKAOK3VIOJ01rVEP0yE8gDGowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+Ctg2xgSv73NpHNU28/spIVP8PMB8GA1UdIwQY
MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt
ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm
LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDcZ06rX
eGkpyLNFm6az9CxYYJXSXDmKrVl7ntWR4pUPOs6pAzYguBOG5ZECGbkR2Ffo92t1
ok/bjERrXSyomZrHoxmtgh1SgiubuOdlmWEgJc3baal1Bzte5aQ+9wVKptj4As9L
cwtRKjO77ZTJAvVKbPGIZlQcLRpeLmP0oZcJScv+VVW8epZQ3NSI9CSj1kpcof5Y
1PMCSeOFxHnSFWZxfI+nRYDd6dmN05c1NK/HUqN0+gZuuM2CZE7jdqzbUKGkSkS8
jk3m/BVUd2wHfJcSkzN090yz32R/gGeo7FiZpvzOi6qAp/OUuQjpCowDPKma1ZzH
9qzERWOqSBAb2Q==
-----END CERTIFICATE-----