Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          fOh/E/QFb9vL+CMuof+8S/pXMTaGCqFa94KTsmrGgMk=
Subject key identifier:   34:EF:DE:1E:F5:4E:CE:53:44:D6:F9:11:EC:23:92:4C:9D:06:1B:74
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       0198D4730D34CC304FA2DCAE4F0A19879E3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          FD
Signing time:             Sat 23 Aug 2025 01:02:46 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:46 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:46 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: g9yrVUxvJNc6uoMU+HGaT0zx6WZTsoz54IJeL5Qt+Zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:0d:34:cc:30:4f:a2:dc:ae:4f:0a:19:87:9e:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Aug 23 01:02:46 2025 GMT
            Not After : Aug 24 01:02:46 2025 GMT
        Subject: CN=34efde1ef54ece5344d6f911ec23924c9d061b74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:f1:ab:08:e1:df:ee:27:a4:4f:cd:e4:89:82:
                    ce:a3:44:de:07:79:97:89:35:08:2c:6f:f1:ba:ad:
                    0a:64:10:43:6d:9d:b6:b2:66:28:f1:9c:03:e5:64:
                    ef:ec:11:04:12:58:cb:84:f7:24:74:76:2b:69:48:
                    0e:a6:5d:10:40:94:64:16:cf:11:a6:c6:01:7a:59:
                    7b:80:ad:d1:b4:24:7f:02:0e:8f:33:70:01:23:04:
                    3a:09:6e:a7:59:80:d7:04:79:49:65:d4:ff:c0:2b:
                    0d:47:99:ca:5e:41:97:27:44:69:a6:99:20:2c:94:
                    e6:4d:94:23:d8:43:bc:6a:45:97:7e:d3:c2:f7:6e:
                    af:a3:57:37:1d:41:41:37:25:14:19:98:64:c9:52:
                    4b:20:74:71:71:c9:e2:f9:fc:05:69:1f:cc:d9:ff:
                    dd:74:36:cd:59:79:65:fa:a4:e0:e4:57:03:d3:3d:
                    bc:2a:1c:4d:55:ee:6c:34:ad:b3:c9:b0:9e:9b:4f:
                    8b:8d:55:45:43:5d:80:bc:db:fa:c2:ef:59:61:49:
                    b4:23:90:68:ff:e1:ef:49:20:f6:6c:31:93:86:17:
                    45:c6:35:bd:e4:2b:e0:37:9f:5a:86:9b:8c:fc:22:
                    f8:16:ce:73:03:48:30:66:58:19:c4:25:41:20:6b:
                    c8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:EF:DE:1E:F5:4E:CE:53:44:D6:F9:11:EC:23:92:4C:9D:06:1B:74
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:e4:0e:89:f3:87:3d:e6:cb:cd:89:4d:4f:d3:0b:43:b8:6f:
         78:37:dc:57:49:f4:37:0b:af:27:66:66:8f:e6:9c:3f:e1:ae:
         33:bd:de:0c:1f:84:eb:a9:d7:11:f1:5f:45:62:aa:c7:e9:9d:
         f4:52:1e:c8:92:a7:f6:79:bf:e2:14:52:75:e2:62:ff:9e:a1:
         a0:7d:f4:12:fc:2f:1c:56:a7:a0:61:4a:08:6c:70:35:72:ce:
         66:3b:cc:6e:b6:3e:e0:3b:df:66:a3:6b:ad:71:c1:64:85:b7:
         e3:27:c8:77:9d:5d:6d:e2:46:21:ef:ad:60:10:fc:b3:c3:6e:
         86:5d:b3:13:c0:21:07:47:cd:12:e8:ab:2a:39:8d:76:26:6b:
         97:96:54:ae:9f:93:69:13:77:08:6c:b7:b9:9b:f2:cd:6b:98:
         67:8b:b6:c5:b4:73:b2:a7:89:c9:45:d8:83:3d:e1:31:0a:0b:
         db:f0:64:fa:b9:21:ed:b9:bb:68:2c:c7:0d:c6:a3:66:15:98:
         83:35:95:78:85:0a:a5:75:83:08:10:1b:f7:2f:bc:12:fd:23:
         43:6b:77:b0:73:6d:1e:47:f3:a8:40:c7:e3:ba:a1:52:d1:90:
         f1:33:2f:f6:3a:71:81:73:07:ed:1c:e9:ed:ac:39:10:21:5a:
         6d:ca:1e:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcw00zDBPotyuTwoZh548MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjUwODIzMDEwMjQ2WhcNMjUwODI0MDEwMjQ2WjAzMTEwLwYDVQQD
EygzNGVmZGUxZWY1NGVjZTUzNDRkNmY5MTFlYzIzOTI0YzlkMDYxYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PGrCOHf7iekT83kiYLOo0TeB3mX
iTUILG/xuq0KZBBDbZ22smYo8ZwD5WTv7BEEEljLhPckdHYraUgOpl0QQJRkFs8R
psYBell7gK3RtCR/Ag6PM3ABIwQ6CW6nWYDXBHlJZdT/wCsNR5nKXkGXJ0Rpppkg
LJTmTZQj2EO8akWXftPC926vo1c3HUFBNyUUGZhkyVJLIHRxccni+fwFaR/M2f/d
dDbNWXll+qTg5FcD0z28KhxNVe5sNK2zybCem0+LjVVFQ12AvNv6wu9ZYUm0I5Bo
/+HvSSD2bDGThhdFxjW95CvgN59ahpuM/CL4Fs5zA0gwZlgZxCVBIGvIFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTv3h71Ts5TRNb5EewjkkydBht0MB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAleQOifOH
PebLzYlNT9MLQ7hveDfcV0n0NwuvJ2Zmj+acP+GuM73eDB+E66nXEfFfRWKqx+md
9FIeyJKn9nm/4hRSdeJi/56hoH30EvwvHFanoGFKCGxwNXLOZjvMbrY+4DvfZqNr
rXHBZIW34yfId51dbeJGIe+tYBD8s8Nuhl2zE8AhB0fNEuirKjmNdiZrl5ZUrp+T
aRN3CGy3uZvyzWuYZ4u2xbRzsqeJyUXYgz3hMQoL2/Bk+rkh7bm7aCzHDcajZhWY
gzWVeIUKpXWDCBAb9y+8Ev0jQ2t3sHNtHkfzqEDH47qhUtGQ8TMv9jpxgXMH7Rzp
7aw5ECFabcoepA==
-----END CERTIFICATE-----