Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          Iua5a3L4eValtwtZ/FCDfIQtBDaGKrOkwj7WlXLZLg4=
Subject key identifier:   FD:CC:43:C9:AB:5A:4F:59:33:57:D8:34:D5:F2:83:BD:93:7B:2A:7F
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       0198D65FAD44259E4E0207784B32333D7CE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0C33
Signing time:             Sat 23 Aug 2025 10:00:51 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:51 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:51 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: OhuX/x+QQErUssmwrtYpq0kkVRbq0cK6etgg8sUmrpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:ad:44:25:9e:4e:02:07:78:4b:32:33:3d:7c:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Aug 23 10:00:51 2025 GMT
            Not After : Aug 24 10:00:51 2025 GMT
        Subject: CN=fdcc43c9ab5a4f593357d834d5f283bd937b2a7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:66:c1:a3:8d:6b:be:d3:b1:69:df:ab:e0:e2:
                    92:b3:cb:87:71:3a:5f:9b:bd:0f:f2:9c:d6:4f:50:
                    e5:c1:a1:ad:35:d5:0d:e0:aa:b8:9d:9a:c5:5c:dd:
                    98:5f:d4:1a:1c:b3:ed:87:32:68:9d:31:90:20:35:
                    b7:91:06:6d:e7:72:3d:e3:e9:8d:65:6b:37:64:ab:
                    85:37:dd:c9:fb:46:92:94:85:aa:6d:b2:14:2d:39:
                    eb:ba:e3:83:f7:33:cc:80:86:90:93:ae:d3:8e:be:
                    70:1f:d7:b6:f2:e5:e5:f3:57:3d:bd:c1:59:ad:47:
                    81:f4:bd:9d:f0:27:cf:4b:04:34:37:fe:d1:47:0f:
                    97:d7:47:51:36:f3:75:d5:be:44:b2:0d:c7:8a:8f:
                    2a:29:bc:18:55:94:56:6d:04:0b:0d:61:2f:72:cb:
                    e4:4d:b4:05:46:bc:cf:84:73:8b:93:b2:6c:07:c9:
                    3f:81:d1:95:78:58:d3:e6:0d:89:1e:57:92:9c:67:
                    59:57:2e:88:b0:92:a4:c1:cd:4b:1e:13:e4:ff:81:
                    5e:56:5d:ee:e3:f7:87:b5:5b:8b:99:53:96:5e:41:
                    7e:5a:f0:b2:42:6d:ac:76:30:c4:89:ca:03:53:0f:
                    fa:1a:33:af:7e:a9:59:3c:c1:32:eb:92:43:b5:9b:
                    47:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:CC:43:C9:AB:5A:4F:59:33:57:D8:34:D5:F2:83:BD:93:7B:2A:7F
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:26:e2:27:12:84:a5:e2:65:14:e4:34:ee:19:40:55:6c:97:
         47:8e:8d:71:75:2a:96:3b:b0:9f:ef:4b:48:c9:b4:a3:b2:c7:
         5d:93:97:c0:91:b6:2e:24:6f:e7:7c:7a:88:45:77:e0:89:7d:
         89:0a:36:9e:78:b1:07:60:31:ca:64:60:ec:08:12:9d:87:76:
         81:73:94:6b:4f:83:a2:0e:23:65:53:89:24:88:67:3a:71:2c:
         1c:ae:45:69:27:32:77:50:74:c9:ba:55:1f:2c:88:c1:25:9f:
         43:3e:59:02:f8:e6:b6:75:81:1d:66:73:c6:7c:3c:c1:cb:2e:
         33:72:72:05:f9:5a:f2:2b:40:5b:9f:71:29:de:ea:9f:30:a4:
         c0:9a:10:df:ca:d3:d5:e7:fd:f0:cc:ac:1c:be:34:94:cc:59:
         4d:72:56:db:a7:d2:d8:c4:9c:73:48:d2:e6:8f:be:dc:00:a5:
         a7:b6:6f:0b:c5:73:ba:fc:8e:36:2d:ea:f2:45:a8:46:6f:70:
         2e:b4:44:57:2c:f6:19:bc:9a:31:08:e9:18:6e:52:ae:3b:6d:
         23:e3:4b:37:eb:a3:88:d7:2e:eb:b4:c3:67:7f:21:5e:e7:9f:
         1a:fc:df:f7:10:bf:e4:01:03:72:1c:8f:46:63:65:ec:40:0a:
         9f:a7:53:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX61EJZ5OAgd4SzIzPXzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUwODIzMTAwMDUxWhcNMjUwODI0MTAwMDUxWjAzMTEwLwYDVQQD
EyhmZGNjNDNjOWFiNWE0ZjU5MzM1N2Q4MzRkNWYyODNiZDkzN2IyYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimbBo41rvtOxad+r4OKSs8uHcTpf
m70P8pzWT1DlwaGtNdUN4Kq4nZrFXN2YX9QaHLPthzJonTGQIDW3kQZt53I94+mN
ZWs3ZKuFN93J+0aSlIWqbbIULTnruuOD9zPMgIaQk67Tjr5wH9e28uXl81c9vcFZ
rUeB9L2d8CfPSwQ0N/7RRw+X10dRNvN11b5Esg3Hio8qKbwYVZRWbQQLDWEvcsvk
TbQFRrzPhHOLk7JsB8k/gdGVeFjT5g2JHleSnGdZVy6IsJKkwc1LHhPk/4FeVl3u
4/eHtVuLmVOWXkF+WvCyQm2sdjDEicoDUw/6GjOvfqlZPMEy65JDtZtHawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3MQ8mrWk9ZM1fYNNXyg72Teyp/MB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCbiJxKE
peJlFOQ07hlAVWyXR46NcXUqljuwn+9LSMm0o7LHXZOXwJG2LiRv53x6iEV34Il9
iQo2nnixB2AxymRg7AgSnYd2gXOUa0+Dog4jZVOJJIhnOnEsHK5FaScyd1B0ybpV
HyyIwSWfQz5ZAvjmtnWBHWZzxnw8wcsuM3JyBfla8itAW59xKd7qnzCkwJoQ38rT
1ef98MysHL40lMxZTXJW26fS2MScc0jS5o++3AClp7ZvC8VzuvyONi3q8kWoRm9w
LrREVyz2GbyaMQjpGG5SrjttI+NLN+ujiNcu67TDZ38hXuefGvzf9xC/5AEDchyP
RmNl7EAKn6dT6g==
-----END CERTIFICATE-----