Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          k4p2b4ERlXLZXCbfYnWaGs03MP5oN834AlcbJmSYyg8=
Subject key identifier:   0A:27:DC:4B:EF:E1:F3:9E:A8:58:35:37:11:8E:FB:3C:5A:C1:48:1A
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       0199FD34975B1A8477D3C6FDFA84856C7FB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          0667
Signing time:             Sun 19 Oct 2025 16:01:46 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:46 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:46 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: sUmNbiPRfu44WkGCcmmHP1cDshIBh3pJSdVvEuGo7/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:97:5b:1a:84:77:d3:c6:fd:fa:84:85:6c:7f:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Oct 19 16:01:46 2025 GMT
            Not After : Oct 20 16:01:46 2025 GMT
        Subject: CN=0a27dc4befe1f39ea8583537118efb3c5ac1481a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:7e:2d:eb:49:2a:f1:e4:35:f7:18:a4:bd:6c:
                    e1:14:ec:19:21:1d:7d:be:b5:28:cc:ae:00:39:d3:
                    95:74:fb:ed:ad:68:16:2e:d0:95:48:ec:67:fd:83:
                    16:fd:f4:30:01:37:23:69:98:48:fc:46:17:f7:cc:
                    56:e9:ca:39:c7:e0:ab:43:b2:b2:58:df:12:f4:29:
                    71:eb:8b:d1:b1:2a:7a:1a:dd:96:f5:2b:2a:04:5a:
                    60:24:86:65:5d:da:cc:e3:5a:d3:d8:48:e9:f9:b9:
                    80:55:ee:3a:8f:5d:48:a6:39:2f:95:9a:07:c9:7e:
                    6c:07:e9:ac:26:5c:f1:21:8e:eb:45:4a:e6:12:99:
                    14:a6:1e:f6:c4:95:dd:01:bd:de:40:1e:a9:16:21:
                    b3:75:34:8e:a4:c9:14:bb:b3:f8:7f:df:fe:cf:c7:
                    51:7a:c5:04:5f:59:74:ad:0e:7b:d4:34:c0:4a:6e:
                    db:5b:9f:45:dd:83:e5:a2:20:53:d5:93:15:bb:a3:
                    69:87:78:66:ef:90:43:6f:07:8e:94:82:d5:da:45:
                    ae:f9:9e:47:31:a8:a9:0c:51:55:82:ca:cd:ac:27:
                    44:d9:0c:d6:65:75:d2:65:08:ce:e8:a2:a1:7a:78:
                    23:70:67:4b:23:ab:b0:55:e0:f8:6c:cd:6b:55:b7:
                    4b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:27:DC:4B:EF:E1:F3:9E:A8:58:35:37:11:8E:FB:3C:5A:C1:48:1A
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:1d:e3:a8:ed:df:9d:62:61:74:b1:8f:46:64:d1:05:cd:53:
         45:c7:38:68:38:8c:54:82:ac:c7:ab:d0:d3:b4:32:89:bd:c8:
         92:4c:db:9e:83:c9:80:09:eb:27:04:63:1d:1c:99:37:66:aa:
         5c:ff:06:eb:15:57:e5:ef:6f:7f:85:f0:33:5e:1a:18:30:e1:
         19:c2:3a:74:a4:50:55:30:5c:7a:01:dd:af:5e:9f:4f:c2:bd:
         86:11:33:fb:b4:6f:f8:f6:b9:ae:9d:97:0f:75:11:44:37:0d:
         83:36:0a:79:33:a9:c7:a5:46:fe:da:c2:a1:71:fe:bf:d1:62:
         f0:2f:91:60:22:74:17:2f:f5:16:2c:7c:b7:e4:d8:56:02:bd:
         e6:4c:86:cb:90:5d:0b:89:ff:8d:30:7e:d8:d1:3a:17:98:d6:
         4e:99:aa:bd:df:9e:0d:f4:b7:2a:03:b8:1d:46:07:aa:e5:24:
         a2:60:28:84:1d:7c:7b:5b:d5:89:1d:bb:30:1f:c7:2f:bd:79:
         e9:fb:18:f6:ea:fb:1b:3a:78:cf:d0:2e:c6:c2:2d:b4:0b:70:
         45:e7:dd:dd:f2:e0:2b:e5:05:52:00:56:3d:b1:b1:0f:8b:7b:
         bd:45:63:6a:df:39:16:57:33:15:9a:67:90:60:a9:9e:b4:26:
         58:2c:5b:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NJdbGoR308b9+oSFbH+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjUxMDE5MTYwMTQ2WhcNMjUxMDIwMTYwMTQ2WjAzMTEwLwYDVQQD
EygwYTI3ZGM0YmVmZTFmMzllYTg1ODM1MzcxMThlZmIzYzVhYzE0ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX4t60kq8eQ19xikvWzhFOwZIR19
vrUozK4AOdOVdPvtrWgWLtCVSOxn/YMW/fQwATcjaZhI/EYX98xW6co5x+CrQ7Ky
WN8S9Clx64vRsSp6Gt2W9SsqBFpgJIZlXdrM41rT2Ejp+bmAVe46j11IpjkvlZoH
yX5sB+msJlzxIY7rRUrmEpkUph72xJXdAb3eQB6pFiGzdTSOpMkUu7P4f9/+z8dR
esUEX1l0rQ571DTASm7bW59F3YPloiBT1ZMVu6Nph3hm75BDbweOlILV2kWu+Z5H
MaipDFFVgsrNrCdE2QzWZXXSZQjO6KKhengjcGdLI6uwVeD4bM1rVbdLkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAon3Evv4fOeqFg1NxGO+zxawUgaMB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQR3jqO3f
nWJhdLGPRmTRBc1TRcc4aDiMVIKsx6vQ07Qyib3IkkzbnoPJgAnrJwRjHRyZN2aq
XP8G6xVX5e9vf4XwM14aGDDhGcI6dKRQVTBcegHdr16fT8K9hhEz+7Rv+Pa5rp2X
D3URRDcNgzYKeTOpx6VG/trCoXH+v9Fi8C+RYCJ0Fy/1Fix8t+TYVgK95kyGy5Bd
C4n/jTB+2NE6F5jWTpmqvd+eDfS3KgO4HUYHquUkomAohB18e1vViR27MB/HL715
6fsY9ur7Gzp4z9AuxsIttAtwRefd3fLgK+UFUgBWPbGxD4t7vUVjat85FlczFZpn
kGCpnrQmWCxbMA==
-----END CERTIFICATE-----