Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          WW5ISgy2et5T2dcML1ABt2QlZGLBaOzqNGx3gw9ZBqo=
Subject key identifier:   0D:52:72:C2:33:C1:52:45:4A:56:F9:38:A8:45:AD:C7:FB:CC:E5:C5
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       0198D65FDE11B6DC5C170907532376BFEDDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:01:03 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:03 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:03 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: Cs6h0cc/ehvxV9rHiu4gHQVpQUfoQ4py2Ez0a/7VyjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:de:11:b6:dc:5c:17:09:07:53:23:76:bf:ed:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Aug 23 10:01:03 2025 GMT
            Not After : Aug 24 10:01:03 2025 GMT
        Subject: CN=0d5272c233c152454a56f938a845adc7fbcce5c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ad:77:82:95:9a:2e:9c:d0:ae:fa:dc:31:7a:
                    59:7e:ec:3d:83:b7:cf:11:d6:1b:85:1d:6b:cc:22:
                    35:c6:2e:be:b4:41:a2:06:7d:37:93:4b:dc:e2:da:
                    45:00:24:47:a4:ff:2a:c9:d4:c0:1c:55:83:ee:f9:
                    f2:e1:d0:18:2c:51:75:fb:38:32:ee:d8:f1:9a:bd:
                    34:76:a2:5c:56:b6:b3:fb:ec:c4:55:b7:52:2b:a1:
                    9d:83:d7:4f:2b:50:cf:fc:5a:99:29:7c:1b:15:f4:
                    c7:a4:4e:01:a5:a6:7d:b3:6a:be:29:96:4f:e0:71:
                    80:3b:2c:45:90:3c:aa:a0:78:1e:bb:52:47:7b:75:
                    72:ef:5e:61:53:a3:b5:65:57:f9:43:c2:c2:32:94:
                    b9:9c:2a:87:80:82:5b:70:2d:bd:10:b0:8a:57:1c:
                    b5:f4:16:17:c4:87:2b:13:b5:b1:25:94:ed:2c:42:
                    b2:c0:0a:2a:28:6a:af:f4:7f:ea:ee:f3:70:70:6d:
                    23:b4:6d:88:b0:bf:14:fb:6c:df:8c:4b:ed:a6:c4:
                    2f:de:67:43:ad:e2:3b:bd:21:f4:ab:f6:ce:28:66:
                    02:cc:ae:ca:81:d2:09:f8:82:da:df:91:98:97:8c:
                    d5:94:8b:35:62:40:e8:5d:75:35:a2:3f:09:0e:3a:
                    7c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:52:72:C2:33:C1:52:45:4A:56:F9:38:A8:45:AD:C7:FB:CC:E5:C5
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:81:93:56:df:56:3e:eb:ed:f5:61:7a:6d:63:63:16:85:bf:
         1e:9d:d2:07:fe:a6:50:a2:31:70:25:ac:2d:93:ba:9b:4d:74:
         05:9f:c2:84:1d:b8:a2:b0:92:54:5a:a2:f5:a6:14:50:51:22:
         f1:7c:8a:e6:a1:be:2d:66:c4:ee:d5:23:00:8f:be:d6:1d:a2:
         98:b6:4f:34:36:cd:8d:27:77:0a:3f:3e:34:16:1f:53:1e:db:
         85:e9:1f:92:4b:38:b6:c2:de:ee:80:ce:47:a2:23:a3:77:60:
         d1:8a:1c:78:15:51:16:02:12:91:7c:5e:5c:03:c3:bc:b1:64:
         26:6f:3a:29:34:1d:a6:22:77:b9:61:db:72:af:f8:67:00:95:
         cc:83:ba:e2:76:57:95:24:0c:f0:07:16:16:ef:4f:16:de:43:
         7b:b9:fb:3f:00:89:f5:b6:2e:a2:97:7a:d3:10:d4:e5:bd:51:
         aa:cd:4e:72:16:83:d2:97:99:51:e7:4b:18:4e:6b:8f:1a:c1:
         c8:a2:bc:76:c0:f1:d7:67:0d:1c:d5:b5:90:25:e6:66:19:53:
         10:1b:66:58:07:bc:f2:9a:e0:9a:88:ab:12:fd:99:39:ed:49:
         83:77:5a:8f:65:23:a3:99:93:8a:e5:ff:16:bd:a8:7e:3e:f6:
         ab:9b:2d:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX94RttxcFwkHUyN2v+3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwODIzMTAwMTAzWhcNMjUwODI0MTAwMTAzWjAzMTEwLwYDVQQD
EygwZDUyNzJjMjMzYzE1MjQ1NGE1NmY5MzhhODQ1YWRjN2ZiY2NlNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK13gpWaLpzQrvrcMXpZfuw9g7fP
EdYbhR1rzCI1xi6+tEGiBn03k0vc4tpFACRHpP8qydTAHFWD7vny4dAYLFF1+zgy
7tjxmr00dqJcVraz++zEVbdSK6Gdg9dPK1DP/FqZKXwbFfTHpE4BpaZ9s2q+KZZP
4HGAOyxFkDyqoHgeu1JHe3Vy715hU6O1ZVf5Q8LCMpS5nCqHgIJbcC29ELCKVxy1
9BYXxIcrE7WxJZTtLEKywAoqKGqv9H/q7vNwcG0jtG2IsL8U+2zfjEvtpsQv3mdD
reI7vSH0q/bOKGYCzK7KgdIJ+ILa35GYl4zVlIs1YkDoXXU1oj8JDjp8gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1ScsIzwVJFSlb5OKhFrcf7zOXFMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZoGTVt9W
Puvt9WF6bWNjFoW/Hp3SB/6mUKIxcCWsLZO6m010BZ/ChB24orCSVFqi9aYUUFEi
8XyK5qG+LWbE7tUjAI++1h2imLZPNDbNjSd3Cj8+NBYfUx7bhekfkks4tsLe7oDO
R6Ijo3dg0YoceBVRFgISkXxeXAPDvLFkJm86KTQdpiJ3uWHbcq/4ZwCVzIO64nZX
lSQM8AcWFu9PFt5De7n7PwCJ9bYuopd60xDU5b1Rqs1OchaD0peZUedLGE5rjxrB
yKK8dsDx12cNHNW1kCXmZhlTEBtmWAe88prgmoirEv2ZOe1Jg3daj2Ujo5mTiuX/
Fr2ofj72q5stEw==
-----END CERTIFICATE-----