Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          HID06yWIe7A+R7Hp7t9j3oc/1c2S1v62nqHddPpvzOQ=
Subject key identifier:   32:31:EA:E0:73:79:57:62:B4:30:A7:79:F5:37:EF:5A:2D:5B:6F:21
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       0198D660B5435EB616DE9D55BECD40C17116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:58 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: SgnSewETGUC6sfsSUJPzKDUwE1wjGfzCJ9GaZUWCnH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:b5:43:5e:b6:16:de:9d:55:be:cd:40:c1:71:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Aug 23 10:01:58 2025 GMT
            Not After : Aug 24 10:01:58 2025 GMT
        Subject: CN=3231eae073795762b430a779f537ef5a2d5b6f21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8a:00:18:9f:07:06:57:57:2e:7f:27:97:d2:
                    de:c2:68:e7:a5:b0:9a:9b:91:12:0f:73:09:3f:cc:
                    bf:5f:81:47:bb:56:58:1d:96:fc:bb:ed:38:38:ad:
                    0e:b0:8c:b9:67:ea:b6:57:fb:03:f3:10:4c:6a:cb:
                    84:65:7b:5f:93:26:35:bf:84:30:55:bf:03:53:3b:
                    7c:e0:cc:9e:d4:51:81:8c:96:72:2e:2c:05:e6:eb:
                    dd:39:d6:a6:2a:26:d2:fb:2c:ad:23:5e:23:ba:e1:
                    92:7b:b1:3f:e5:2b:de:e5:d5:2f:13:e7:85:ed:bb:
                    18:70:9b:00:79:31:a4:4a:13:67:96:50:21:9b:17:
                    93:9a:aa:19:7a:f8:05:3c:b7:d3:4b:0d:43:9f:5a:
                    2f:fd:b5:08:e0:96:95:3b:36:a7:2f:17:fc:52:fa:
                    17:1d:97:e5:93:b3:d7:d8:2d:0c:18:eb:c3:e7:ba:
                    b1:7d:04:b1:5e:dc:31:bb:e2:a6:4d:02:87:af:e4:
                    a5:36:78:2e:9a:c2:11:da:66:c9:b7:68:95:90:67:
                    63:1a:78:c9:19:e0:8d:1a:e4:ae:31:13:00:57:a8:
                    a7:b8:cc:7b:73:92:6c:f1:65:e2:9d:18:5a:1d:67:
                    2a:07:49:39:4b:75:31:91:49:75:24:ec:80:24:59:
                    c5:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:31:EA:E0:73:79:57:62:B4:30:A7:79:F5:37:EF:5A:2D:5B:6F:21
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:83:f6:f5:9f:5d:ed:50:5d:8d:4e:d6:fa:0a:dc:b2:6e:bd:
         ca:32:b0:f0:7d:da:bf:70:f2:59:81:bc:3d:4d:05:a0:c5:0b:
         db:a0:66:fd:ad:c1:a5:88:ca:b5:ec:da:c3:82:9a:93:6d:a2:
         8c:9f:ae:d8:1f:2d:26:49:d5:5b:13:d8:81:0b:e3:19:79:89:
         65:d5:39:02:93:45:23:78:15:ea:85:22:c0:25:30:5b:38:96:
         4e:c6:65:22:55:dd:9b:17:70:ee:f6:3e:bc:7d:b4:f9:f4:b5:
         d0:4d:76:9f:04:28:8d:27:7f:9d:7e:5c:c8:de:10:2e:6e:3a:
         d8:6a:b0:f7:70:9f:00:4c:bc:08:a6:95:a2:3f:63:0c:39:6d:
         3f:df:13:20:f9:f9:08:ae:0a:4a:6b:fe:c1:35:cf:ec:eb:bb:
         0a:63:1d:88:c1:66:d0:ec:5e:51:9c:af:02:96:4f:da:16:4c:
         31:af:e5:de:c8:62:08:da:f0:32:d9:fd:c3:4f:2c:78:e8:cb:
         e8:e9:8f:b0:7c:f1:00:ee:59:06:ed:a1:65:87:87:86:48:b1:
         e2:c9:d9:88:24:3a:14:f7:16:07:4a:af:e9:2a:59:8f:69:02:
         35:bc:9b:d8:41:c9:89:75:ee:b5:c7:da:a5:8b:0f:1e:44:0e:
         01:5f:65:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYLVDXrYW3p1Vvs1AwXEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUwODIzMTAwMTU4WhcNMjUwODI0MTAwMTU4WjAzMTEwLwYDVQQD
EygzMjMxZWFlMDczNzk1NzYyYjQzMGE3NzlmNTM3ZWY1YTJkNWI2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYoAGJ8HBldXLn8nl9LewmjnpbCa
m5ESD3MJP8y/X4FHu1ZYHZb8u+04OK0OsIy5Z+q2V/sD8xBMasuEZXtfkyY1v4Qw
Vb8DUzt84Mye1FGBjJZyLiwF5uvdOdamKibS+yytI14juuGSe7E/5Sve5dUvE+eF
7bsYcJsAeTGkShNnllAhmxeTmqoZevgFPLfTSw1Dn1ov/bUI4JaVOzanLxf8UvoX
HZflk7PX2C0MGOvD57qxfQSxXtwxu+KmTQKHr+SlNngumsIR2mbJt2iVkGdjGnjJ
GeCNGuSuMRMAV6inuMx7c5Js8WXinRhaHWcqB0k5S3UxkUl1JOyAJFnFuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIx6uBzeVditDCnefU371otW28hMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALYP29Z9d
7VBdjU7W+grcsm69yjKw8H3av3DyWYG8PU0FoMUL26Bm/a3BpYjKtezaw4Kak22i
jJ+u2B8tJknVWxPYgQvjGXmJZdU5ApNFI3gV6oUiwCUwWziWTsZlIlXdmxdw7vY+
vH20+fS10E12nwQojSd/nX5cyN4QLm462Gqw93CfAEy8CKaVoj9jDDltP98TIPn5
CK4KSmv+wTXP7Ou7CmMdiMFm0OxeUZyvApZP2hZMMa/l3shiCNrwMtn9w08seOjL
6OmPsHzxAO5ZBu2hZYeHhkix4snZiCQ6FPcWB0qv6SpZj2kCNbyb2EHJiXXutcfa
pYsPHkQOAV9lKg==
-----END CERTIFICATE-----