Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          Twp1jGli6B+LDifM5BbbUijfbUIJo10WxkwGWnN3gfM=
Subject key identifier:   75:88:7B:70:4A:75:90:6A:F1:46:4B:5A:70:0D:1D:F2:BD:0C:E5:7B
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0198D4729DB8B632D139BCC562A9708B72EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 01:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:17 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: 8703IkqNFkUqi+QFIVK0hsW31ek47bXSaJ0GYGN0/v4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:9d:b8:b6:32:d1:39:bc:c5:62:a9:70:8b:72:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Aug 23 01:02:17 2025 GMT
            Not After : Aug 24 01:02:17 2025 GMT
        Subject: CN=75887b704a75906af1464b5a700d1df2bd0ce57b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:8f:cf:28:47:dd:10:11:f1:65:35:54:71:ea:
                    e2:ba:9d:57:43:a8:ec:dc:53:5f:54:80:cc:30:ab:
                    ba:92:4c:aa:7c:be:d4:fc:1b:c6:5b:c3:27:03:50:
                    43:c7:89:8d:9f:c0:c3:f6:aa:fd:86:99:22:11:0d:
                    a5:0f:98:e9:56:66:10:75:71:86:05:6e:ef:5d:ab:
                    79:d6:45:00:ee:db:b3:4d:e2:22:71:91:1c:65:5d:
                    93:ce:26:0d:ea:a8:99:1e:41:66:6a:92:66:d6:ec:
                    00:5a:d8:1f:02:48:04:27:16:0a:dc:95:de:d9:e0:
                    17:ec:4a:40:01:b0:e7:43:41:d8:d8:b9:36:fd:4e:
                    e2:f2:5d:2c:59:23:2e:bd:9c:51:d1:ef:d0:71:db:
                    eb:c5:4b:47:ef:ac:ed:61:1b:85:9b:e1:dc:e9:7f:
                    48:b8:a1:f0:20:7f:23:3a:8e:ac:23:3d:2b:c2:40:
                    ce:5f:24:11:59:18:d8:94:45:68:3d:23:3d:cc:77:
                    a5:89:72:97:22:82:31:71:a1:02:29:80:79:8f:9c:
                    34:02:4d:2f:09:00:6d:e5:0a:f9:73:f9:d9:5f:78:
                    55:41:bd:3d:41:58:82:f1:2c:b9:61:a0:a2:7e:d3:
                    8b:25:28:10:da:70:86:c8:3b:c1:33:b3:1e:7a:42:
                    c9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:88:7B:70:4A:75:90:6A:F1:46:4B:5A:70:0D:1D:F2:BD:0C:E5:7B
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:eb:c7:89:79:58:3c:7e:4c:1f:b1:d5:b1:d2:2d:75:83:bc:
         d2:3e:b6:84:d4:f9:b5:22:9c:53:37:3b:88:01:10:16:0d:e8:
         d2:25:2a:bd:1c:3d:2b:29:d9:31:a3:f2:3c:97:d9:08:15:5f:
         08:02:a7:8e:86:43:c7:d9:20:59:0d:49:a2:90:33:30:fe:54:
         f8:ea:09:b8:30:95:d5:47:a3:36:2e:51:db:a2:7b:ff:37:bd:
         5d:c7:e8:70:c3:37:d2:f0:b6:8a:c6:7e:24:49:db:b7:8d:ad:
         06:b5:1c:2b:dd:ab:ce:21:92:c4:0b:02:3a:46:6a:f5:11:48:
         01:ff:e1:4d:52:5f:58:6e:aa:6a:fa:0c:67:ad:15:de:4f:57:
         8c:f4:bb:29:b9:df:de:8d:d4:10:2f:62:70:25:b7:c0:27:5c:
         60:0b:f7:01:bd:d5:7d:36:1f:56:4a:c3:73:12:b8:c6:83:b4:
         4a:e4:43:17:7f:31:87:89:f4:ce:9a:cd:fe:ed:83:44:7c:1e:
         e2:35:a4:c6:ec:61:4f:36:89:df:64:15:48:76:91:f1:39:ea:
         c7:39:cc:c6:eb:46:b4:c2:ff:80:7e:04:c5:7f:df:d0:a8:59:
         83:91:67:7e:cf:f1:c2:da:ec:4d:ef:2b:b8:39:d7:0d:03:02:
         71:9c:1c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcp24tjLRObzFYqlwi3LrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUwODIzMDEwMjE3WhcNMjUwODI0MDEwMjE3WjAzMTEwLwYDVQQD
Eyg3NTg4N2I3MDRhNzU5MDZhZjE0NjRiNWE3MDBkMWRmMmJkMGNlNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y/PKEfdEBHxZTVUceriup1XQ6js
3FNfVIDMMKu6kkyqfL7U/BvGW8MnA1BDx4mNn8DD9qr9hpkiEQ2lD5jpVmYQdXGG
BW7vXat51kUA7tuzTeIicZEcZV2TziYN6qiZHkFmapJm1uwAWtgfAkgEJxYK3JXe
2eAX7EpAAbDnQ0HY2Lk2/U7i8l0sWSMuvZxR0e/QcdvrxUtH76ztYRuFm+Hc6X9I
uKHwIH8jOo6sIz0rwkDOXyQRWRjYlEVoPSM9zHeliXKXIoIxcaECKYB5j5w0Ak0v
CQBt5Qr5c/nZX3hVQb09QViC8Sy5YaCiftOLJSgQ2nCGyDvBM7MeekLJgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWIe3BKdZBq8UZLWnANHfK9DOV7MB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl+vHiXlY
PH5MH7HVsdItdYO80j62hNT5tSKcUzc7iAEQFg3o0iUqvRw9KynZMaPyPJfZCBVf
CAKnjoZDx9kgWQ1JopAzMP5U+OoJuDCV1UejNi5R26J7/ze9XcfocMM30vC2isZ+
JEnbt42tBrUcK92rziGSxAsCOkZq9RFIAf/hTVJfWG6qavoMZ60V3k9XjPS7Kbnf
3o3UEC9icCW3wCdcYAv3Ab3VfTYfVkrDcxK4xoO0SuRDF38xh4n0zprN/u2DRHwe
4jWkxuxhTzaJ32QVSHaR8TnqxznMxutGtML/gH4ExX/f0KhZg5Fnfs/xwtrsTe8r
uDnXDQMCcZwc1g==
-----END CERTIFICATE-----