Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          LPmhiSfWU2VQh4UITrhgvfjbEah4wfCYKafGFCErSt8=
Subject key identifier:   FB:82:E7:AA:39:C9:D7:18:75:AF:7A:8D:E6:9C:6E:CA:7C:26:A8:8A
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       0198D65F55A1615152965AC0B737C15F6941
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          0299
Signing time:             Sat 23 Aug 2025 10:00:28 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:28 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:28 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: iBqNIjrkaAgTKQNUIIRWaay4q3SwvS1MFM01Yx3p66E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:55:a1:61:51:52:96:5a:c0:b7:37:c1:5f:69:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Aug 23 10:00:28 2025 GMT
            Not After : Aug 24 10:00:28 2025 GMT
        Subject: CN=fb82e7aa39c9d71875af7a8de69c6eca7c26a88a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:4c:f6:23:06:72:00:bf:d2:25:d7:6c:82:9b:
                    4e:54:1b:03:fb:8c:a4:3e:48:09:71:07:0c:28:77:
                    93:7c:ff:20:ba:bc:97:a5:fb:06:8e:2d:2b:41:90:
                    0c:e0:49:d0:1f:85:3a:10:fe:fb:e5:44:ed:d5:24:
                    bf:b3:69:e5:e9:58:b2:20:95:b3:91:ef:1c:f5:3d:
                    f1:e1:c2:3d:cf:f6:88:7b:70:90:e7:64:79:18:4a:
                    d3:6f:a0:70:e8:8e:91:5b:1e:b5:6e:c5:3b:ee:32:
                    0b:69:26:c8:26:52:42:c1:22:d9:b0:81:10:f9:3a:
                    a1:52:3d:5d:ca:ea:fb:d6:8f:99:f4:02:b1:c3:39:
                    0f:ca:a8:54:a4:22:fa:5f:81:57:ae:f6:fa:92:44:
                    cc:fa:e8:f4:eb:bf:c1:b6:2d:72:29:e6:47:2e:fb:
                    0c:5e:d1:76:96:09:33:9b:87:86:dd:23:1e:fd:3b:
                    30:a3:0a:fc:f9:d9:b4:2f:30:2b:c3:68:f1:da:68:
                    73:27:53:b6:db:d6:31:8a:eb:73:db:1c:a5:7d:18:
                    d1:f2:fc:2d:95:5e:66:0e:f4:32:65:b4:61:34:d7:
                    71:ef:a2:50:11:f7:f3:7d:be:10:3c:44:59:d5:91:
                    bd:fb:e6:7e:14:70:45:c9:1d:b4:04:09:3e:7c:fc:
                    72:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:82:E7:AA:39:C9:D7:18:75:AF:7A:8D:E6:9C:6E:CA:7C:26:A8:8A
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:e5:18:60:5d:24:bb:c7:77:7d:dc:f5:7a:b0:ee:b7:3d:02:
         e8:d4:4d:00:50:32:ef:d2:1c:ed:5c:1f:27:24:7c:9c:aa:90:
         f1:77:47:b4:06:6b:4f:78:52:dd:9d:b5:71:01:8d:9d:7d:f4:
         de:73:aa:81:05:7a:8e:8d:15:fb:a2:a2:b2:95:67:0c:19:1e:
         e6:ee:0e:6a:52:e1:34:80:aa:b9:bc:ae:06:10:95:74:9f:6d:
         79:88:7e:8a:ea:f2:52:c4:38:2d:db:67:b9:ff:db:12:23:5a:
         a9:9a:5f:ca:64:17:c7:ff:d0:4c:89:4d:f1:eb:e0:f9:92:fc:
         8e:3c:df:b4:f2:07:56:58:11:be:02:e9:6c:bc:a9:54:a8:ef:
         ea:31:a1:6b:f6:6c:d2:a3:5b:d5:c1:71:0c:86:ec:b5:5b:d0:
         e1:1d:75:88:9d:8e:cc:93:92:26:f8:3d:3b:60:ac:65:d9:47:
         25:ef:55:72:10:bf:90:71:df:e8:a1:69:9d:27:54:33:60:ee:
         4a:1d:8e:d9:88:3a:82:de:4f:46:66:f9:f5:8f:02:72:28:2e:
         d0:f8:70:57:68:d7:12:11:84:b8:13:97:f9:95:b0:70:8b:4e:
         67:e2:05:e0:30:49:fc:f5:16:c7:0c:6b:f9:45:1c:85:96:ec:
         8d:4b:b2:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX1WhYVFSllrAtzfBX2lBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwODIzMTAwMDI4WhcNMjUwODI0MTAwMDI4WjAzMTEwLwYDVQQD
EyhmYjgyZTdhYTM5YzlkNzE4NzVhZjdhOGRlNjljNmVjYTdjMjZhODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkz2IwZyAL/SJddsgptOVBsD+4yk
PkgJcQcMKHeTfP8guryXpfsGji0rQZAM4EnQH4U6EP775UTt1SS/s2nl6ViyIJWz
ke8c9T3x4cI9z/aIe3CQ52R5GErTb6Bw6I6RWx61bsU77jILaSbIJlJCwSLZsIEQ
+TqhUj1dyur71o+Z9AKxwzkPyqhUpCL6X4FXrvb6kkTM+uj067/Bti1yKeZHLvsM
XtF2lgkzm4eG3SMe/Tswowr8+dm0LzArw2jx2mhzJ1O229Yxiutz2xylfRjR8vwt
lV5mDvQyZbRhNNdx76JQEffzfb4QPERZ1ZG9++Z+FHBFyR20BAk+fPxyQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuC56o5ydcYda96jeacbsp8JqiKMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD+UYYF0k
u8d3fdz1erDutz0C6NRNAFAy79Ic7VwfJyR8nKqQ8XdHtAZrT3hS3Z21cQGNnX30
3nOqgQV6jo0V+6KispVnDBke5u4OalLhNICqubyuBhCVdJ9teYh+iuryUsQ4Ldtn
uf/bEiNaqZpfymQXx//QTIlN8evg+ZL8jjzftPIHVlgRvgLpbLypVKjv6jGha/Zs
0qNb1cFxDIbstVvQ4R11iJ2OzJOSJvg9O2CsZdlHJe9VchC/kHHf6KFpnSdUM2Du
Sh2O2Yg6gt5PRmb59Y8Ccigu0PhwV2jXEhGEuBOX+ZWwcItOZ+IF4DBJ/PUWxwxr
+UUchZbsjUuyBA==
-----END CERTIFICATE-----