Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
File:                     fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json)
Hash identifier:          uxX/NEiFEU2ofc5K4LXTIFEPTL5u6gdXdSsn8r1GmDg=
Subject key identifier:   FE:E6:07:3A:C3:DE:75:B8:34:5E:B7:1C:05:44:4D:D5:5F:AD:F4:71
Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD
Certificate issuer:       /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
Certificate serial:       0198D65FFFDA3910EF38F9571F18C58283A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
Manifest number:          0B01
Signing time:             Sat 23 Aug 2025 10:01:12 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:12 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:12 +0000
Files and hashes:         1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: twQfsRb8J8AHT7zf3jTE/Jkc5uGfpv945zW7UVH7hDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:ff:da:39:10:ef:38:f9:57:1f:18:c5:82:83:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
        Validity
            Not Before: Aug 23 10:01:12 2025 GMT
            Not After : Aug 24 10:01:12 2025 GMT
        Subject: CN=fee6073ac3de75b8345eb71c05444dd55fadf471
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:66:a5:49:c6:00:5a:79:70:da:a7:8d:f6:75:
                    52:15:41:01:d0:ea:aa:81:90:51:f0:b0:6d:53:c2:
                    d1:4e:70:24:92:f7:db:7d:e5:c1:5e:01:7d:d4:ad:
                    e6:2e:2e:63:98:4f:cd:a2:d2:a9:62:32:5c:9a:aa:
                    29:dc:d8:2c:42:87:cf:79:8d:07:9d:d4:87:76:ca:
                    6f:b8:42:4b:a9:ef:f5:1b:6a:96:2d:8e:e3:ea:3f:
                    1d:66:b0:73:a6:22:69:4f:f0:d9:c4:28:52:24:2c:
                    35:aa:c8:09:7d:d1:98:b7:88:aa:55:23:4a:48:ee:
                    ee:f8:97:14:43:0f:f5:bd:75:6e:80:16:01:b5:c4:
                    85:d3:cd:53:92:2c:6c:01:49:e0:89:03:17:0b:f8:
                    8b:d3:19:98:f1:29:9c:c3:e2:33:bc:f3:46:de:98:
                    66:ff:22:55:4b:51:52:63:45:88:b3:95:7f:7f:5f:
                    f5:06:da:6f:e5:f1:20:96:d4:b7:5e:52:5a:5f:f7:
                    0a:0e:60:34:fe:ef:63:0c:e6:4e:03:fc:7d:dd:6b:
                    25:6e:13:92:b4:1f:76:cb:8b:9b:e8:43:39:21:ed:
                    5a:bc:c4:ff:d2:6f:b6:58:f2:71:81:ad:bd:d7:a9:
                    5a:1d:ed:b9:04:60:28:c5:fb:aa:ff:c6:a8:8d:05:
                    7c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:E6:07:3A:C3:DE:75:B8:34:5E:B7:1C:05:44:4D:D5:5F:AD:F4:71
            X509v3 Authority Key Identifier:
                keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:11:ea:0a:47:b8:85:75:e7:48:56:21:4b:11:28:23:5d:e7:
         45:44:38:b4:4b:b5:4d:6e:9e:96:c1:ab:f9:e6:78:6d:28:b2:
         a1:0d:26:83:ea:ab:89:80:0f:b9:70:60:f6:c9:25:f6:16:81:
         a9:b0:3b:1e:44:f5:2d:9d:12:6f:c1:b7:dc:14:ef:62:4c:17:
         ed:b9:d4:11:bc:da:d3:ed:a9:08:89:7b:69:89:08:5e:02:da:
         19:2d:e3:52:0a:ff:0b:84:05:38:a5:08:f6:c0:90:44:44:d5:
         fe:89:6e:9e:73:19:72:90:0a:37:ef:14:8a:2d:33:61:fa:37:
         aa:f8:f4:4a:89:e6:14:a8:b4:c7:cd:45:5e:cc:db:4d:4f:61:
         b6:80:71:8e:b9:30:09:61:98:f8:f3:70:03:db:6a:9f:1c:62:
         2c:37:40:a2:3f:bd:73:af:39:3c:ce:8a:f0:dc:fd:03:fe:c5:
         72:21:18:07:d9:ad:3b:20:6d:ab:d6:3a:a2:3e:c2:36:17:21:
         c0:95:16:69:a1:4f:78:37:ad:a2:a5:49:41:df:fa:eb:48:cf:
         91:bc:64:2f:07:c2:60:4c:34:d7:8e:eb:1c:1c:bf:86:71:81:
         37:39:24:89:ef:dc:54:92:e5:b3:b1:84:0f:14:e6:7d:3d:b0:
         73:37:a2:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX//aORDvOPlXHxjFgoOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2
OGIwZGQwHhcNMjUwODIzMTAwMTEyWhcNMjUwODI0MTAwMTEyWjAzMTEwLwYDVQQD
EyhmZWU2MDczYWMzZGU3NWI4MzQ1ZWI3MWMwNTQ0NGRkNTVmYWRmNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGalScYAWnlw2qeN9nVSFUEB0Oqq
gZBR8LBtU8LRTnAkkvfbfeXBXgF91K3mLi5jmE/NotKpYjJcmqop3NgsQofPeY0H
ndSHdspvuEJLqe/1G2qWLY7j6j8dZrBzpiJpT/DZxChSJCw1qsgJfdGYt4iqVSNK
SO7u+JcUQw/1vXVugBYBtcSF081TkixsAUngiQMXC/iL0xmY8Smcw+IzvPNG3phm
/yJVS1FSY0WIs5V/f1/1Btpv5fEgltS3XlJaX/cKDmA0/u9jDOZOA/x93WslbhOS
tB92y4ub6EM5Ie1avMT/0m+2WPJxga2916laHe25BGAoxfuq/8aojQV8aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7mBzrD3nW4NF63HAVETdVfrfRxMB8GA1UdIwQY
MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt
ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz
LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdBHqCke4
hXXnSFYhSxEoI13nRUQ4tEu1TW6elsGr+eZ4bSiyoQ0mg+qriYAPuXBg9skl9haB
qbA7HkT1LZ0Sb8G33BTvYkwX7bnUEbza0+2pCIl7aYkIXgLaGS3jUgr/C4QFOKUI
9sCQRETV/olunnMZcpAKN+8Uii0zYfo3qvj0SonmFKi0x81FXszbTU9htoBxjrkw
CWGY+PNwA9tqnxxiLDdAoj+9c685PM6K8Nz9A/7FciEYB9mtOyBtq9Y6oj7CNhch
wJUWaaFPeDetoqVJQd/660jPkbxkLwfCYEw0147rHBy/hnGBNzkkie/cVJLls7GE
DxTmfT2wczeiyw==
-----END CERTIFICATE-----