Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          b37tDTIvg7AQrNdwBwu+c+eP9szEg5OJTNruopmQOK8=
Subject key identifier:   AF:F6:98:D0:05:EA:6A:10:33:9B:EA:1F:F2:71:2A:84:8C:A8:46:02
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       01987F79876DE1C66BBF8C57A6FB1E6FC980
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          099F
Signing time:             Wed 06 Aug 2025 13:02:07 +0000
Manifest this update:     Wed 06 Aug 2025 13:02:07 +0000
Manifest next update:     Thu 07 Aug 2025 13:02:07 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: 48gtLDrPqCdyqHNCG9Qe22eRpTXoxLZTdlG2bT7aLcE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:79:87:6d:e1:c6:6b:bf:8c:57:a6:fb:1e:6f:c9:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Aug  6 13:02:07 2025 GMT
            Not After : Aug  7 13:02:07 2025 GMT
        Subject: CN=aff698d005ea6a10339bea1ff2712a848ca84602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e9:0c:7c:19:49:1f:93:bc:79:8f:06:13:f3:
                    ce:2a:32:54:ff:48:ce:79:3e:82:5b:e2:57:22:6f:
                    1c:a3:bd:19:62:b4:c4:76:c7:57:c3:67:24:82:ea:
                    68:2e:24:db:52:a0:24:1e:77:0e:70:02:28:96:16:
                    68:9b:a1:bf:df:45:c5:50:48:91:02:67:a6:34:ec:
                    8c:7e:d4:b5:4f:3f:10:72:b0:54:66:a4:dc:12:b7:
                    c2:f0:1f:4f:c7:93:bd:45:ac:fd:2b:ef:16:58:7c:
                    2a:fe:8f:af:9f:02:9a:5d:c6:52:82:15:5b:29:f8:
                    e3:e5:56:f2:5f:1b:01:6b:82:89:b4:b8:fa:c0:6e:
                    b7:83:65:2a:ff:96:2b:e3:f9:4f:12:5a:16:2c:2c:
                    60:4a:1a:3c:0c:de:8f:92:c7:d2:ee:8d:c3:38:74:
                    20:1f:0e:df:d2:82:6b:60:19:7a:1d:39:fc:6d:6e:
                    3d:be:32:4f:b8:0a:85:0f:7b:5d:dd:59:cb:2a:f5:
                    84:8f:1a:6b:29:93:b4:e2:b1:49:5f:a8:1b:de:7f:
                    1f:b8:37:40:ba:8d:dc:ca:ee:1f:5f:8d:92:95:78:
                    ab:76:7a:33:57:eb:17:51:21:15:24:d3:98:87:44:
                    1b:cf:23:c5:db:7f:41:44:47:e8:52:81:0e:ed:a4:
                    db:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F6:98:D0:05:EA:6A:10:33:9B:EA:1F:F2:71:2A:84:8C:A8:46:02
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:09:60:04:28:21:d2:3c:6a:f0:16:99:5b:de:08:26:d7:41:
         05:ca:e9:25:96:27:b9:1b:91:35:1c:db:38:5c:78:24:d5:9e:
         ba:d3:25:b4:62:9e:8a:d2:79:29:86:5d:f1:0d:bb:c7:6e:b5:
         2d:c6:35:ca:88:38:f2:bb:1c:b3:b1:80:4e:a9:45:b0:b6:81:
         d7:7b:0b:74:be:1f:e1:c0:71:33:38:78:16:e6:83:23:96:ab:
         da:05:3c:5e:1e:a2:65:a9:be:28:ef:7e:8a:f0:d2:ab:73:79:
         2b:52:83:9e:f3:38:a4:ad:14:d4:b4:2a:bb:45:e1:f0:8d:d0:
         ea:f6:6f:4e:40:b2:6f:43:25:0d:ac:7f:5d:1e:5a:94:e5:7f:
         36:7c:e2:a6:50:e1:a0:2c:6d:8f:81:2e:50:23:46:43:48:51:
         b2:e7:db:3f:d8:c9:c4:1f:58:31:76:19:4c:ed:6f:c8:cd:56:
         78:a1:86:12:fa:a5:26:47:3c:b7:35:0e:fe:92:3a:03:de:c8:
         74:a5:bb:97:61:83:5b:7e:74:a1:6c:fe:2f:92:17:3a:e4:a1:
         cb:27:41:58:3a:47:ab:f5:3d:df:68:5c:86:c7:6a:62:1e:b7:
         16:cd:e9:ae:46:84:70:a9:2e:aa:43:17:34:d7:fb:fb:06:91:
         47:5d:30:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/eYdt4cZrv4xXpvseb8mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjUwODA2MTMwMjA3WhcNMjUwODA3MTMwMjA3WjAzMTEwLwYDVQQD
EyhhZmY2OThkMDA1ZWE2YTEwMzM5YmVhMWZmMjcxMmE4NDhjYTg0NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOkMfBlJH5O8eY8GE/POKjJU/0jO
eT6CW+JXIm8co70ZYrTEdsdXw2ckgupoLiTbUqAkHncOcAIolhZom6G/30XFUEiR
AmemNOyMftS1Tz8QcrBUZqTcErfC8B9Px5O9Raz9K+8WWHwq/o+vnwKaXcZSghVb
Kfjj5VbyXxsBa4KJtLj6wG63g2Uq/5Yr4/lPEloWLCxgSho8DN6PksfS7o3DOHQg
Hw7f0oJrYBl6HTn8bW49vjJPuAqFD3td3VnLKvWEjxprKZO04rFJX6gb3n8fuDdA
uo3cyu4fX42SlXirdnozV+sXUSEVJNOYh0QbzyPF239BREfoUoEO7aTbkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/2mNAF6moQM5vqH/JxKoSMqEYCMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArwlgBCgh
0jxq8BaZW94IJtdBBcrpJZYnuRuRNRzbOFx4JNWeutMltGKeitJ5KYZd8Q27x261
LcY1yog48rscs7GATqlFsLaB13sLdL4f4cBxMzh4FuaDI5ar2gU8Xh6iZam+KO9+
ivDSq3N5K1KDnvM4pK0U1LQqu0Xh8I3Q6vZvTkCyb0MlDax/XR5alOV/NnziplDh
oCxtj4EuUCNGQ0hRsufbP9jJxB9YMXYZTO1vyM1WeKGGEvqlJkc8tzUO/pI6A97I
dKW7l2GDW350oWz+L5IXOuShyydBWDpHq/U932hchsdqYh63Fs3prkaEcKkuqkMX
NNf7+waRR10wbA==
-----END CERTIFICATE-----