Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
File:                     w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft (raw, json)
Hash identifier:          VA/AYM3zSRUgny+Ic/eU0qZQZqqIkgPeO9DbRPMXt0o=
Subject key identifier:   D5:DD:BE:41:7E:FA:34:BA:53:9B:80:71:1D:2A:A5:8F:95:60:E4:94
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Certificate issuer:       /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial:       0198D4A781BA71704C921728AADDAD6E08E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
Manifest number:          08FC
Signing time:             Sat 23 Aug 2025 02:00:04 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:04 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:04 +0000
Files and hashes:         1: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl (hash: itzZhOBqPeYqtv1belkpQbJrkjObYc0NrzR7hWWTDQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:81:ba:71:70:4c:92:17:28:aa:dd:ad:6e:08:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
        Validity
            Not Before: Aug 23 02:00:04 2025 GMT
            Not After : Aug 24 02:00:04 2025 GMT
        Subject: CN=d5ddbe417efa34ba539b80711d2aa58f9560e494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1a:51:96:ef:f4:03:69:57:fa:84:49:cb:f8:
                    79:ba:d7:ee:a3:c2:b8:db:14:ce:14:cf:9c:0b:f7:
                    f7:5d:f6:d2:57:b3:52:f7:5e:a7:07:96:5c:4c:d7:
                    38:c3:02:28:9c:35:3b:69:da:6c:99:bd:fa:45:71:
                    b9:dc:28:e2:e9:8e:6a:89:08:66:b4:62:98:71:13:
                    f5:21:91:31:65:1a:14:b7:88:e2:6d:1f:ab:2e:1a:
                    f4:73:9d:2b:75:ed:93:3e:35:53:cc:c2:4b:3e:c0:
                    3c:26:5a:e5:31:32:2f:83:58:4b:01:e4:f0:78:44:
                    15:13:88:ff:7f:89:70:6b:a4:f0:43:17:77:4f:16:
                    ca:f3:de:b8:49:2d:3e:05:cc:79:2e:11:7a:95:f9:
                    68:9a:8f:a6:81:3e:4e:3d:c3:f2:a8:a2:d8:b1:fa:
                    da:45:e9:56:7e:ec:98:05:70:f7:68:bd:0a:57:cc:
                    ae:52:65:2e:01:c9:b1:81:2e:16:90:0a:b6:2e:be:
                    b9:db:15:fb:91:ff:bb:c5:5d:37:ff:e3:73:dd:5f:
                    e4:f0:57:48:fd:c5:57:6c:5d:0c:33:a6:66:90:f6:
                    62:d1:40:f4:04:04:49:d5:87:dd:d3:34:80:2b:03:
                    eb:7f:36:21:52:b3:71:8d:95:4d:0a:54:ec:5f:45:
                    ed:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:DD:BE:41:7E:FA:34:BA:53:9B:80:71:1D:2A:A5:8F:95:60:E4:94
            X509v3 Authority Key Identifier:
                keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:32:0a:f5:73:72:d1:a9:ed:35:e3:91:9c:4c:3a:96:ea:7b:
         55:57:6f:38:c7:ba:db:12:1c:17:68:1f:bd:78:ff:05:99:60:
         14:97:03:b0:ed:b2:77:5b:d8:f0:8d:71:0e:e8:53:f9:0d:6c:
         c8:9c:28:44:eb:1f:10:50:9f:b2:7d:e2:0d:60:12:a2:6a:5b:
         48:20:ef:7a:49:23:35:37:9b:f4:b9:c5:43:0f:8d:51:9f:05:
         26:a5:d7:7f:35:28:f3:c5:ad:29:48:94:9a:ac:2e:c5:d0:6a:
         6d:3f:84:db:de:62:89:5d:eb:b2:6a:00:a4:88:d8:ec:e0:a0:
         a3:ba:60:02:3b:0f:52:1a:a2:cc:8c:aa:d4:ea:66:f8:52:b9:
         02:20:94:69:9c:91:fa:f7:fc:b3:2a:5c:2f:92:99:ca:32:13:
         bb:bf:65:2f:90:05:d4:0e:68:49:9c:ce:d6:d3:6c:40:2f:a8:
         0e:f3:46:d0:2c:a6:a3:75:b9:56:69:3d:9a:65:5c:7c:28:8a:
         ac:2b:cc:24:fe:87:7c:8c:b2:24:77:da:b4:d5:3c:c8:79:9d:
         0e:df:3b:64:a8:dc:e1:cb:8a:65:8b:4e:db:96:da:9a:27:15:
         6f:6a:72:a5:88:63:83:36:70:58:6f:25:2d:88:9e:d0:ad:4d:
         d2:93:9f:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp4G6cXBMkhcoqt2tbgjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjUwODIzMDIwMDA0WhcNMjUwODI0MDIwMDA0WjAzMTEwLwYDVQQD
EyhkNWRkYmU0MTdlZmEzNGJhNTM5YjgwNzExZDJhYTU4Zjk1NjBlNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBpRlu/0A2lX+oRJy/h5utfuo8K4
2xTOFM+cC/f3XfbSV7NS916nB5ZcTNc4wwIonDU7adpsmb36RXG53Cji6Y5qiQhm
tGKYcRP1IZExZRoUt4jibR+rLhr0c50rde2TPjVTzMJLPsA8JlrlMTIvg1hLAeTw
eEQVE4j/f4lwa6TwQxd3TxbK8964SS0+Bcx5LhF6lflomo+mgT5OPcPyqKLYsfra
RelWfuyYBXD3aL0KV8yuUmUuAcmxgS4WkAq2Lr652xX7kf+7xV03/+Nz3V/k8FdI
/cVXbF0MM6ZmkPZi0UD0BARJ1Yfd0zSAKwPrfzYhUrNxjZVNClTsX0XtNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXdvkF++jS6U5uAcR0qpY+VYOSUMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaTIK9XNy
0antNeORnEw6lup7VVdvOMe62xIcF2gfvXj/BZlgFJcDsO2yd1vY8I1xDuhT+Q1s
yJwoROsfEFCfsn3iDWASompbSCDvekkjNTeb9LnFQw+NUZ8FJqXXfzUo88WtKUiU
mqwuxdBqbT+E295iiV3rsmoApIjY7OCgo7pgAjsPUhqizIyq1Opm+FK5AiCUaZyR
+vf8sypcL5KZyjITu79lL5AF1A5oSZzO1tNsQC+oDvNG0Cymo3W5Vmk9mmVcfCiK
rCvMJP6HfIyyJHfatNU8yHmdDt87ZKjc4cuKZYtO25bamicVb2pypYhjgzZwWG8l
LYie0K1N0pOfTg==
-----END CERTIFICATE-----