Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
File:                     3tvumMupuOYloRR7s7VRl9LQoFc.mft (raw, json)
Hash identifier:          y3do6fdoNAWj1PdYTvUobAer/2UYUVpLo027pLkQa8s=
Subject key identifier:   81:41:B3:FB:2C:B4:79:DC:DA:D1:A9:FD:55:0B:4B:E3:13:CD:63:3F
Authority key identifier: DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
Certificate issuer:       /CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
Certificate serial:       0198A04E58DEB4CD8D9869A233955A1014D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
Manifest number:          0696
Signing time:             Tue 12 Aug 2025 22:02:25 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:25 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:25 +0000
Files and hashes:         1: 3tvumMupuOYloRR7s7VRl9LQoFc.crl (hash: isnEf5iff0jXmIyBzfMOxyuBX9QwvhN54B7GyXJjlIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:58:de:b4:cd:8d:98:69:a2:33:95:5a:10:14:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
        Validity
            Not Before: Aug 12 22:02:25 2025 GMT
            Not After : Aug 13 22:02:25 2025 GMT
        Subject: CN=8141b3fb2cb479dcdad1a9fd550b4be313cd633f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3b:b9:81:e1:a8:48:2f:02:38:9c:51:ec:ca:
                    28:8e:c1:95:f3:41:d2:86:cf:75:cc:dd:e0:67:c6:
                    28:67:8d:cf:89:12:85:c6:64:69:14:13:20:0b:0d:
                    31:bc:65:84:f3:5f:ef:30:88:cb:b9:b4:49:62:42:
                    97:3a:cf:31:10:94:a3:e2:62:93:b8:3d:90:1c:27:
                    25:f1:50:6d:19:bb:42:ad:fa:5f:0b:d9:78:05:4b:
                    fa:60:43:cf:66:49:c8:69:de:8f:69:d9:5d:66:d7:
                    99:ac:aa:bf:91:01:e2:24:dc:12:e3:ee:87:e8:59:
                    d8:b4:f9:3e:00:6f:94:43:89:76:d2:ab:bc:2e:3d:
                    d2:37:c8:a5:d9:34:8a:76:d3:ad:b7:26:2f:58:ab:
                    ee:41:c4:12:19:f9:89:05:f6:ce:8d:88:c7:64:85:
                    70:84:6d:21:09:1c:ac:c1:55:df:0d:c5:d2:26:b1:
                    71:d1:45:54:5d:7c:e6:d9:9d:17:55:8d:6e:59:a8:
                    0f:0d:cf:73:d5:e0:ab:37:48:b0:48:e8:e5:33:78:
                    d3:56:99:d0:cf:f8:67:90:c2:2c:da:2f:09:71:6f:
                    66:24:d3:2c:f7:eb:fd:f4:6a:62:46:d7:cd:ae:20:
                    09:fd:b7:5c:5e:70:5b:2b:37:6f:55:40:23:e3:06:
                    f7:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:41:B3:FB:2C:B4:79:DC:DA:D1:A9:FD:55:0B:4B:E3:13:CD:63:3F
            X509v3 Authority Key Identifier:
                keyid:DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:f3:85:f7:c7:89:3a:8b:77:05:05:ec:06:7b:d9:9b:88:e1:
         b9:4e:6c:00:82:9d:c0:92:54:b7:ac:fe:21:88:08:cb:d3:a1:
         f5:12:14:5e:cf:2e:6a:80:1c:ae:8c:84:37:e1:3b:de:dc:b7:
         a3:da:be:5a:f8:9b:58:65:ea:5f:d3:a8:98:91:e1:68:55:40:
         c0:e5:aa:9f:7a:1d:f0:70:ff:0a:b1:8f:ea:f3:44:7d:5b:1e:
         67:77:6c:cd:4f:ac:e5:14:3b:19:e4:ce:41:48:e7:bd:07:40:
         35:c3:be:32:57:0d:c6:16:f1:29:f9:9d:f2:e4:2f:83:76:4a:
         52:83:10:41:b7:0d:6b:5b:a2:08:3d:98:61:db:88:88:1d:62:
         1e:aa:24:09:c4:38:7f:37:68:7d:62:f1:a5:2d:8b:d1:46:6c:
         76:7f:c2:29:86:42:c1:07:e5:4b:dc:5b:c3:1c:57:99:a3:8d:
         22:e5:12:e1:49:65:cb:ef:4b:eb:5f:e1:30:03:23:4a:36:ad:
         dc:3b:ea:47:d1:7e:6b:3e:3f:a5:17:7a:ea:26:6e:8d:04:78:
         35:c3:d8:51:8f:9e:64:8b:6b:13:51:05:3d:db:cd:b7:a5:62:
         25:3d:ce:05:a9:0d:ef:7f:a9:ad:2e:a4:cb:57:c5:67:90:ba:
         4a:85:67:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTljetM2NmGmiM5VaEBTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGJlZTk4Y2JhOWI4ZTYyNWExMTQ3YmIzYjU1MTk3ZDJk
MGEwNTcwHhcNMjUwODEyMjIwMjI1WhcNMjUwODEzMjIwMjI1WjAzMTEwLwYDVQQD
Eyg4MTQxYjNmYjJjYjQ3OWRjZGFkMWE5ZmQ1NTBiNGJlMzEzY2Q2MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszu5geGoSC8COJxR7MoojsGV80HS
hs91zN3gZ8YoZ43PiRKFxmRpFBMgCw0xvGWE81/vMIjLubRJYkKXOs8xEJSj4mKT
uD2QHCcl8VBtGbtCrfpfC9l4BUv6YEPPZknIad6PadldZteZrKq/kQHiJNwS4+6H
6FnYtPk+AG+UQ4l20qu8Lj3SN8il2TSKdtOttyYvWKvuQcQSGfmJBfbOjYjHZIVw
hG0hCRyswVXfDcXSJrFx0UVUXXzm2Z0XVY1uWagPDc9z1eCrN0iwSOjlM3jTVpnQ
z/hnkMIs2i8JcW9mJNMs9+v99GpiRtfNriAJ/bdcXnBbKzdvVUAj4wb3XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFBs/sstHnc2tGp/VULS+MTzWM/MB8GA1UdIwQY
MBaAFN7b7pjLqbjmJaEUe7O1UZfS0KBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUt
MThmMGI4MGYyNTBkLzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUtMThmMGI4MGYyNTBk
LzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABPOF98eJ
Oot3BQXsBnvZm4jhuU5sAIKdwJJUt6z+IYgIy9Oh9RIUXs8uaoAcroyEN+E73ty3
o9q+WvibWGXqX9OomJHhaFVAwOWqn3od8HD/CrGP6vNEfVseZ3dszU+s5RQ7GeTO
QUjnvQdANcO+MlcNxhbxKfmd8uQvg3ZKUoMQQbcNa1uiCD2YYduIiB1iHqokCcQ4
fzdofWLxpS2L0UZsdn/CKYZCwQflS9xbwxxXmaONIuUS4Ully+9L61/hMAMjSjat
3DvqR9F+az4/pRd66iZujQR4NcPYUY+eZItrE1EFPdvNt6ViJT3OBakN73+prS6k
y1fFZ5C6SoVnFA==
-----END CERTIFICATE-----