Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          MwjxmUJUGOSw8ejaMEyk7VxStfrvqoZPxFUkdcODNDg=
Subject key identifier:   3E:40:8B:94:71:05:2D:82:9A:81:B0:7E:C8:A2:E1:5E:93:CB:DA:CD
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       0198D65FABFF4372364927CC01266AD3952B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0CEC
Signing time:             Sat 23 Aug 2025 10:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:50 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: krXqHaIEVVQMS99Sr1c+TxeyTw1mpDJvqsdTDBJVT1s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:ab:ff:43:72:36:49:27:cc:01:26:6a:d3:95:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Aug 23 10:00:50 2025 GMT
            Not After : Aug 24 10:00:50 2025 GMT
        Subject: CN=3e408b9471052d829a81b07ec8a2e15e93cbdacd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fb:3d:15:37:23:c7:e1:18:7e:ae:30:f0:0b:
                    58:1d:34:37:08:76:90:7a:7a:0f:3e:94:71:72:a1:
                    cc:da:b5:5b:4f:ba:6f:38:3c:ba:52:3a:31:3e:a7:
                    71:ef:23:d1:1c:00:3f:55:6c:62:85:87:b4:2e:2a:
                    06:b2:2b:e2:61:42:8a:64:81:4e:68:3f:79:bc:98:
                    a9:e5:f4:8b:d1:b3:9c:5c:65:c4:83:99:42:d4:8f:
                    74:55:0c:48:45:62:b3:97:d4:50:98:57:35:05:d0:
                    b0:4e:1f:d4:45:5c:5d:e3:a6:98:3b:31:8c:69:61:
                    80:0f:82:0e:14:29:04:5d:1d:1e:74:dd:08:d7:40:
                    d0:d4:74:a9:8a:f2:d8:f2:d0:6c:7c:dd:55:a7:58:
                    92:49:25:93:bd:c8:bc:ad:ce:77:d0:8e:c7:1c:9d:
                    db:81:f8:79:f7:77:0c:f8:79:53:94:f2:96:6d:47:
                    80:01:19:c4:cc:d9:61:33:05:d5:d5:d4:ba:7a:52:
                    e7:32:ee:ff:72:ed:4c:a4:ee:ad:b7:10:43:a2:f0:
                    0f:f4:6c:d9:10:0d:73:03:b6:f5:c2:82:17:3b:23:
                    21:7c:5a:3a:8d:fc:98:e2:5b:c6:f1:f6:b0:ae:24:
                    36:ce:fb:1f:a4:84:3c:ee:35:07:21:64:6b:3f:3e:
                    33:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:40:8B:94:71:05:2D:82:9A:81:B0:7E:C8:A2:E1:5E:93:CB:DA:CD
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:44:29:3b:a0:e9:78:07:40:8f:d6:12:60:96:12:ce:61:33:
         2a:e7:ee:00:bc:d7:ec:13:cc:18:cb:a0:05:dc:14:0a:b1:e6:
         a7:b9:0f:f4:e0:95:25:b6:37:02:c3:1e:53:00:c8:48:54:43:
         64:e3:c9:fb:49:f5:6d:b3:b2:a6:cc:db:85:ed:0a:ca:fd:3f:
         16:ae:53:66:6b:8b:c7:c0:dc:13:75:ae:6b:87:c3:4d:24:14:
         a1:07:6a:a3:af:33:3a:c9:e6:6b:6b:bc:32:0d:af:84:37:b2:
         89:37:95:aa:1a:e1:d4:f1:c5:27:37:b0:42:09:8d:96:20:cd:
         dc:9f:c7:47:84:2c:83:c8:88:9d:ed:94:ee:e0:da:1e:0c:cc:
         82:10:08:62:b2:42:21:5b:2b:8a:8d:1e:e8:b2:25:d3:c0:79:
         0e:87:b6:7b:18:c6:00:cd:8f:ec:06:9d:94:61:a0:e1:a8:cf:
         8c:8b:46:da:11:a1:ff:a9:5c:fe:32:91:1e:b3:59:13:2f:8d:
         f7:26:a5:d8:93:6a:70:6c:aa:25:86:d9:5a:df:8f:ea:82:39:
         76:a3:cb:4c:21:fc:4b:a6:c7:81:a9:02:b3:1d:b9:07:85:45:
         c7:ad:ad:60:32:19:91:d3:7c:bf:ed:b4:d8:41:37:d3:d1:fa:
         4e:34:8d:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX6v/Q3I2SSfMASZq05UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwODIzMTAwMDUwWhcNMjUwODI0MTAwMDUwWjAzMTEwLwYDVQQD
EygzZTQwOGI5NDcxMDUyZDgyOWE4MWIwN2VjOGEyZTE1ZTkzY2JkYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/s9FTcjx+EYfq4w8AtYHTQ3CHaQ
enoPPpRxcqHM2rVbT7pvODy6UjoxPqdx7yPRHAA/VWxihYe0LioGsiviYUKKZIFO
aD95vJip5fSL0bOcXGXEg5lC1I90VQxIRWKzl9RQmFc1BdCwTh/URVxd46aYOzGM
aWGAD4IOFCkEXR0edN0I10DQ1HSpivLY8tBsfN1Vp1iSSSWTvci8rc530I7HHJ3b
gfh593cM+HlTlPKWbUeAARnEzNlhMwXV1dS6elLnMu7/cu1MpO6ttxBDovAP9GzZ
EA1zA7b1woIXOyMhfFo6jfyY4lvG8fawriQ2zvsfpIQ87jUHIWRrPz4zzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5Ai5RxBS2CmoGwfsii4V6Ty9rNMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkQpO6Dp
eAdAj9YSYJYSzmEzKufuALzX7BPMGMugBdwUCrHmp7kP9OCVJbY3AsMeUwDISFRD
ZOPJ+0n1bbOypszbhe0Kyv0/Fq5TZmuLx8DcE3Wua4fDTSQUoQdqo68zOsnma2u8
Mg2vhDeyiTeVqhrh1PHFJzewQgmNliDN3J/HR4Qsg8iIne2U7uDaHgzMghAIYrJC
IVsrio0e6LIl08B5Doe2exjGAM2P7AadlGGg4ajPjItG2hGh/6lc/jKRHrNZEy+N
9yal2JNqcGyqJYbZWt+P6oI5dqPLTCH8S6bHgakCsx25B4VFx62tYDIZkdN8v+20
2EE309H6TjSNGQ==
-----END CERTIFICATE-----