Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
File:                     w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft (raw, json)
Hash identifier:          9o9Ek85AfOM7jNfDIJ6YHuzQaprymWx/jFSTH4GZBdU=
Subject key identifier:   5C:D8:9B:29:9B:8F:40:0B:39:E0:A5:8C:50:F0:0A:3E:2A:DC:FF:67
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Certificate issuer:       /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial:       0197C26DB3A966066A6B07EE2087C2178D94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
Manifest number:          086E
Signing time:             Mon 30 Jun 2025 20:00:58 +0000
Manifest this update:     Mon 30 Jun 2025 20:00:58 +0000
Manifest next update:     Tue 01 Jul 2025 20:00:58 +0000
Files and hashes:         1: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl (hash: 4GAFxdOTBK/z/gBmHhGkA3H1dvVmwVzgnZhkcUpgiws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 20:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:6d:b3:a9:66:06:6a:6b:07:ee:20:87:c2:17:8d:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
        Validity
            Not Before: Jun 30 20:00:58 2025 GMT
            Not After : Jul  1 20:00:58 2025 GMT
        Subject: CN=5cd89b299b8f400b39e0a58c50f00a3e2adcff67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:30:a3:0f:12:16:e7:89:46:8b:ed:00:b9:da:
                    3a:9e:9c:0d:ad:33:be:90:29:3b:20:6e:a5:60:8b:
                    ab:92:e1:a5:fe:04:a0:a8:b0:67:90:40:f4:7f:da:
                    c1:d6:fb:57:b0:e8:a4:13:7f:b5:63:23:9f:62:ac:
                    17:5d:f3:31:25:bc:7f:c6:04:0a:bf:14:3b:89:1b:
                    c0:27:b8:31:35:03:d9:36:da:03:54:28:82:7b:be:
                    ac:03:f6:3b:27:6d:d4:c1:00:d8:2a:d4:b5:1a:9d:
                    a2:32:15:74:71:c0:88:f4:68:8b:7d:e2:e6:8d:09:
                    40:ef:3a:de:e2:5a:35:80:ef:97:ac:da:87:4a:32:
                    f3:17:af:aa:4a:0d:b5:da:28:fb:14:d5:42:29:81:
                    c1:9c:60:63:6d:e1:f5:f3:6b:25:dc:f6:db:2d:5c:
                    30:29:a3:55:aa:a3:e8:68:12:c3:e4:cd:63:7a:d7:
                    fe:98:25:2c:ca:79:32:3a:37:ac:98:46:fa:13:d0:
                    52:6d:b0:da:e1:29:28:bd:46:f1:a5:e1:e7:e8:59:
                    50:a5:66:d1:74:38:77:b0:e1:03:a1:6f:74:f3:d1:
                    a8:70:b6:3b:b3:be:a9:82:63:6f:81:9a:6b:83:69:
                    08:91:31:5f:31:3a:6a:e6:be:9b:c2:46:d4:07:2a:
                    7f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D8:9B:29:9B:8F:40:0B:39:E0:A5:8C:50:F0:0A:3E:2A:DC:FF:67
            X509v3 Authority Key Identifier:
                keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:66:f8:47:87:79:98:d9:49:94:5e:40:59:54:df:aa:96:92:
         0a:c5:1a:88:08:4d:9e:59:18:a4:ca:c8:82:f2:76:0c:24:c1:
         13:17:ab:d8:33:f7:4c:34:f1:83:f4:5f:fc:be:2c:2f:cf:90:
         12:f8:8a:9a:9b:c7:5b:c5:3a:85:df:e1:3e:98:be:66:22:2b:
         4e:3b:01:90:a7:df:69:82:21:70:9d:6f:11:ca:d9:61:ca:67:
         97:a6:e0:16:0d:f6:60:72:35:31:6a:3b:7e:16:60:40:7a:e0:
         35:f9:79:21:98:29:e2:72:3c:2c:41:6b:e1:07:21:7b:c0:04:
         57:15:1e:05:bc:bd:61:a7:bd:e8:8a:bd:6b:b3:c5:41:49:56:
         d2:19:1f:d7:1c:74:f0:27:0b:9e:13:09:d8:63:2e:83:fc:a3:
         aa:0f:55:69:d8:eb:ec:c1:31:7d:06:6e:66:76:e3:41:52:9a:
         66:2c:16:46:7c:a7:aa:80:04:e6:29:0c:38:08:bd:dd:67:b6:
         6a:13:e4:c6:69:f9:cc:ba:e5:1a:a9:94:35:74:3e:e4:f2:2c:
         6a:6b:8e:4d:10:e4:54:fb:fc:31:19:a9:d7:76:aa:90:0c:d7:
         90:57:e5:4b:65:5b:f7:2a:4e:35:cc:cc:f3:3d:28:06:fe:8d:
         d4:99:96:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCbbOpZgZqawfuIIfCF42UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjUwNjMwMjAwMDU4WhcNMjUwNzAxMjAwMDU4WjAzMTEwLwYDVQQD
Eyg1Y2Q4OWIyOTliOGY0MDBiMzllMGE1OGM1MGYwMGEzZTJhZGNmZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTCjDxIW54lGi+0Audo6npwNrTO+
kCk7IG6lYIurkuGl/gSgqLBnkED0f9rB1vtXsOikE3+1YyOfYqwXXfMxJbx/xgQK
vxQ7iRvAJ7gxNQPZNtoDVCiCe76sA/Y7J23UwQDYKtS1Gp2iMhV0ccCI9GiLfeLm
jQlA7zre4lo1gO+XrNqHSjLzF6+qSg212ij7FNVCKYHBnGBjbeH182sl3PbbLVww
KaNVqqPoaBLD5M1jetf+mCUsynkyOjesmEb6E9BSbbDa4SkovUbxpeHn6FlQpWbR
dDh3sOEDoW9089GocLY7s76pgmNvgZprg2kIkTFfMTpq5r6bwkbUByp/hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzYmymbj0ALOeCljFDwCj4q3P9nMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGb4R4d5
mNlJlF5AWVTfqpaSCsUaiAhNnlkYpMrIgvJ2DCTBExer2DP3TDTxg/Rf/L4sL8+Q
EviKmpvHW8U6hd/hPpi+ZiIrTjsBkKffaYIhcJ1vEcrZYcpnl6bgFg32YHI1MWo7
fhZgQHrgNfl5IZgp4nI8LEFr4Qche8AEVxUeBby9Yae96Iq9a7PFQUlW0hkf1xx0
8CcLnhMJ2GMug/yjqg9Vadjr7MExfQZuZnbjQVKaZiwWRnynqoAE5ikMOAi93We2
ahPkxmn5zLrlGqmUNXQ+5PIsamuOTRDkVPv8MRmp13aqkAzXkFflS2Vb9ypONczM
8z0oBv6N1JmWdQ==
-----END CERTIFICATE-----