Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          NfaWKfC1GkyY7Q1EFKI1P1KIERfg9vHtO5BgRORoEPw=
Subject key identifier:   3D:20:73:C4:5F:A5:16:A3:07:56:FB:A4:6E:5A:DB:69:78:1D:29:B4
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       0198D54DEE1618D454F1B15085F6D9440429
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          1383
Signing time:             Sat 23 Aug 2025 05:01:50 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:50 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:50 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: 6Cvp0MAexGjXzlHF6xYBHYj1uac8Zj7oDZM1v5MgVvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:ee:16:18:d4:54:f1:b1:50:85:f6:d9:44:04:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: Aug 23 05:01:50 2025 GMT
            Not After : Aug 24 05:01:50 2025 GMT
        Subject: CN=3d2073c45fa516a30756fba46e5adb69781d29b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6c:16:94:0b:fc:9b:06:c8:f5:20:fe:12:aa:
                    28:7e:26:1d:cf:46:eb:cd:89:ae:f8:d7:13:28:28:
                    86:f0:59:53:d7:95:68:cb:23:db:bb:77:78:fc:b8:
                    93:7c:f2:03:72:a5:2f:29:dc:57:c4:97:86:89:e3:
                    79:3a:2a:5b:be:1f:aa:ca:c1:6b:91:8a:20:9c:7d:
                    45:47:9e:74:e3:cd:15:89:f6:f0:81:a6:35:0a:a8:
                    c6:24:c3:29:7e:a3:cd:f3:ba:17:c7:79:5f:da:c7:
                    b7:38:ee:cc:76:44:b8:d4:3c:0f:91:c8:5c:7d:97:
                    27:aa:d2:15:9e:e6:32:ca:bc:93:e8:bf:fd:98:21:
                    c8:b6:a5:f9:e6:be:b3:49:84:0b:99:08:f6:ec:c1:
                    c9:45:90:50:ac:c5:14:33:20:e2:87:b8:cd:5d:2c:
                    ce:56:8e:0a:af:b8:23:bc:99:2c:f1:bc:fe:8b:b9:
                    a4:ee:fd:fa:4f:14:41:4d:a4:9b:6e:0a:f7:f3:a1:
                    18:f0:af:0f:79:e4:a9:e6:53:26:18:e1:cb:9e:1d:
                    a7:6c:a1:09:28:6e:c5:43:c6:a8:98:36:10:7d:15:
                    ad:d7:93:a7:39:15:5d:0e:1b:8f:d1:f2:8e:62:48:
                    6a:e6:69:5c:d1:d1:4b:c0:a5:a9:fd:76:40:31:cd:
                    5c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:20:73:C4:5F:A5:16:A3:07:56:FB:A4:6E:5A:DB:69:78:1D:29:B4
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:b8:f3:98:dc:6e:e0:eb:e5:d5:e9:c4:70:da:e0:2f:72:84:
         77:0d:e6:5b:81:76:e1:9e:52:b2:a4:6f:5b:2f:95:3d:f5:71:
         77:d9:32:30:1a:42:aa:d0:78:c3:36:5e:72:0c:1a:7d:99:d0:
         87:c6:da:a9:eb:7b:69:00:7c:d4:ae:a6:09:eb:3a:3b:dc:b6:
         e7:aa:d2:d7:81:6d:f2:36:88:fd:ee:9e:d7:39:ba:62:91:52:
         06:03:82:5c:c0:f1:bb:66:9e:53:1b:56:7d:e8:90:31:68:73:
         c4:8d:97:6f:cd:92:a5:fa:94:e4:37:e1:7c:e1:bc:9b:01:0b:
         25:a1:a0:ad:fa:fa:de:6a:73:b5:90:48:76:92:90:ca:7c:e8:
         cd:e6:36:2a:e5:44:fa:b3:be:0e:60:7f:ca:26:42:eb:3a:c1:
         75:82:a7:01:72:53:43:e0:5e:b6:1d:91:90:6e:79:94:2f:54:
         9e:b9:92:59:86:5d:15:77:e8:42:9b:37:dd:04:98:06:c7:ac:
         27:c5:9f:c2:ef:d5:a7:73:d4:b4:a2:b8:9f:e9:66:51:27:9e:
         c6:7b:3b:3e:c8:11:55:9c:63:72:84:81:cd:39:a2:ad:87:ce:
         69:11:a1:cf:55:76:b4:a8:1c:8a:cc:6e:c0:3a:02:f4:bf:47:
         03:5c:15:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTe4WGNRU8bFQhfbZRAQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjUwODIzMDUwMTUwWhcNMjUwODI0MDUwMTUwWjAzMTEwLwYDVQQD
EygzZDIwNzNjNDVmYTUxNmEzMDc1NmZiYTQ2ZTVhZGI2OTc4MWQyOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWwWlAv8mwbI9SD+EqoofiYdz0br
zYmu+NcTKCiG8FlT15VoyyPbu3d4/LiTfPIDcqUvKdxXxJeGieN5Oipbvh+qysFr
kYognH1FR550480VifbwgaY1CqjGJMMpfqPN87oXx3lf2se3OO7MdkS41DwPkchc
fZcnqtIVnuYyyryT6L/9mCHItqX55r6zSYQLmQj27MHJRZBQrMUUMyDih7jNXSzO
Vo4Kr7gjvJks8bz+i7mk7v36TxRBTaSbbgr386EY8K8PeeSp5lMmGOHLnh2nbKEJ
KG7FQ8aomDYQfRWt15OnORVdDhuP0fKOYkhq5mlc0dFLwKWp/XZAMc1cSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0gc8RfpRajB1b7pG5a22l4HSm0MB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7jzmNxu
4Ovl1enEcNrgL3KEdw3mW4F24Z5SsqRvWy+VPfVxd9kyMBpCqtB4wzZecgwafZnQ
h8baqet7aQB81K6mCes6O9y256rS14Ft8jaI/e6e1zm6YpFSBgOCXMDxu2aeUxtW
feiQMWhzxI2Xb82SpfqU5DfhfOG8mwELJaGgrfr63mpztZBIdpKQynzozeY2KuVE
+rO+DmB/yiZC6zrBdYKnAXJTQ+Beth2RkG55lC9UnrmSWYZdFXfoQps33QSYBses
J8Wfwu/Vp3PUtKK4n+lmUSeexns7PsgRVZxjcoSBzTmirYfOaRGhz1V2tKgcisxu
wDoC9L9HA1wVTg==
-----END CERTIFICATE-----