Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          t5bAM7441VbMpTDwB4nPk/GQisCl69EQI6CxlZC9Gkw=
Subject key identifier:   84:A1:05:2D:04:FA:EB:2D:7A:41:5E:24:7B:CC:72:AD:57:75:B5:88
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0199FC21C9B9622237087BC4C62F77D544AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          0576
Signing time:             Sun 19 Oct 2025 11:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:36 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: C12jxpqnvNfDUZL1MntrOpCmyNzZk4+K3ZCMgcNz8Vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:c9:b9:62:22:37:08:7b:c4:c6:2f:77:d5:44:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Oct 19 11:01:36 2025 GMT
            Not After : Oct 20 11:01:36 2025 GMT
        Subject: CN=84a1052d04faeb2d7a415e247bcc72ad5775b588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:32:e8:0c:5e:bb:3a:a1:2f:8a:d8:e3:f1:51:
                    6a:c6:f1:da:01:c1:3d:c5:7b:57:1e:ad:e4:62:e4:
                    43:8b:41:db:57:a2:df:8a:23:0c:8b:fc:5d:de:e3:
                    f7:ec:d8:a9:33:88:46:b0:52:48:81:b3:28:c4:48:
                    ae:95:4b:9b:5d:27:63:51:96:4f:ae:73:2f:3e:28:
                    95:65:39:5d:b3:74:0e:8a:09:63:85:81:21:1f:71:
                    c1:3c:0d:19:f7:17:ea:75:b5:e1:ab:c0:21:9e:06:
                    0b:37:a4:c6:41:89:ce:a0:59:47:a4:e9:a2:c6:b8:
                    8c:2b:14:29:9b:b9:02:12:56:30:95:3c:d7:cf:ca:
                    1e:bb:60:11:76:c3:1c:d2:42:75:61:a0:11:e1:a4:
                    69:8c:42:d9:24:0e:a8:e8:17:41:f1:8f:4c:02:3c:
                    48:e5:f7:ed:b1:52:c7:eb:48:bb:39:09:e1:c8:63:
                    14:e5:ee:cb:6b:11:9f:35:1d:5f:7a:ca:ba:39:af:
                    81:3d:aa:41:70:44:da:8f:2b:02:c6:1f:a6:36:62:
                    83:07:dd:5b:15:a1:01:03:39:8b:04:d7:28:45:4e:
                    20:55:3d:1c:d0:16:22:b6:95:0a:9b:75:d6:ab:4e:
                    6d:11:54:9d:43:46:a7:5b:67:89:83:d3:d0:e8:d6:
                    16:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:A1:05:2D:04:FA:EB:2D:7A:41:5E:24:7B:CC:72:AD:57:75:B5:88
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:07:7d:cd:db:85:71:ed:bc:43:b8:58:17:db:7b:61:8b:21:
         c1:2d:36:3a:9c:db:24:95:4d:10:9c:03:c1:a4:1e:e2:b4:2a:
         99:68:6b:ef:0b:f0:74:40:10:06:b2:4b:23:84:c2:94:7f:92:
         98:74:6d:36:c5:bc:e5:2f:67:16:fa:da:0f:7e:84:7c:c7:bd:
         b9:03:a9:34:d1:b4:83:9b:99:a8:75:49:f9:3f:8a:cc:47:93:
         f1:25:ce:25:47:3b:a6:0f:9b:2b:82:63:9f:09:bd:64:1b:ce:
         0f:72:13:2d:78:83:f4:18:e8:7e:ff:43:6a:ba:ba:a4:69:3c:
         43:67:ea:f9:93:2d:46:22:fd:7b:a0:e3:d0:9a:70:1e:76:83:
         ec:dc:a1:c9:62:33:22:26:51:55:00:bd:14:bc:ad:e5:18:0a:
         7d:50:dc:5f:e0:65:05:2e:a7:28:83:f3:7f:bc:f1:13:d8:e3:
         f6:03:9f:e9:4f:fb:07:f8:2f:01:98:17:9c:20:77:5d:fd:74:
         07:77:6a:89:8a:8d:ec:ba:e9:c8:96:9e:68:29:0e:49:cd:1e:
         f6:08:37:bc:87:2d:05:dd:8e:98:6f:ab:12:33:d5:0d:3e:8f:
         c2:bc:a8:ee:ff:e0:ea:0d:8d:2f:f2:9b:db:46:d1:d4:4a:ef:
         e2:d8:38:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8Icm5YiI3CHvExi931USuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUxMDE5MTEwMTM2WhcNMjUxMDIwMTEwMTM2WjAzMTEwLwYDVQQD
Eyg4NGExMDUyZDA0ZmFlYjJkN2E0MTVlMjQ3YmNjNzJhZDU3NzViNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszLoDF67OqEvitjj8VFqxvHaAcE9
xXtXHq3kYuRDi0HbV6LfiiMMi/xd3uP37NipM4hGsFJIgbMoxEiulUubXSdjUZZP
rnMvPiiVZTlds3QOigljhYEhH3HBPA0Z9xfqdbXhq8AhngYLN6TGQYnOoFlHpOmi
xriMKxQpm7kCElYwlTzXz8oeu2ARdsMc0kJ1YaAR4aRpjELZJA6o6BdB8Y9MAjxI
5fftsVLH60i7OQnhyGMU5e7LaxGfNR1fesq6Oa+BPapBcETajysCxh+mNmKDB91b
FaEBAzmLBNcoRU4gVT0c0BYitpUKm3XWq05tEVSdQ0anW2eJg9PQ6NYWNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIShBS0E+ustekFeJHvMcq1XdbWIMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwd9zduF
ce28Q7hYF9t7YYshwS02OpzbJJVNEJwDwaQe4rQqmWhr7wvwdEAQBrJLI4TClH+S
mHRtNsW85S9nFvraD36EfMe9uQOpNNG0g5uZqHVJ+T+KzEeT8SXOJUc7pg+bK4Jj
nwm9ZBvOD3ITLXiD9Bjofv9Darq6pGk8Q2fq+ZMtRiL9e6Dj0JpwHnaD7NyhyWIz
IiZRVQC9FLyt5RgKfVDcX+BlBS6nKIPzf7zxE9jj9gOf6U/7B/gvAZgXnCB3Xf10
B3dqiYqN7LrpyJaeaCkOSc0e9gg3vIctBd2OmG+rEjPVDT6Pwryo7v/g6g2NL/Kb
20bR1Erv4tg4iw==
-----END CERTIFICATE-----