Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          dUxTbeZVr9B3FCXpA1mZXsNs79gDXg3mBQYdCLKSrr4=
Subject key identifier:   BC:44:E9:4C:38:A9:1E:6C:97:B2:8E:8E:CC:A1:7D:E9:3B:18:7F:DD
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       0198D5BC58FF9DD8C3A0EB0CE366576BA5FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          05CE
Signing time:             Sat 23 Aug 2025 07:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:27 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: wvr+APz51BK5h4ECDuMP6tSYjKLuOQ7NlOF2t1p7BS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:58:ff:9d:d8:c3:a0:eb:0c:e3:66:57:6b:a5:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Aug 23 07:02:27 2025 GMT
            Not After : Aug 24 07:02:27 2025 GMT
        Subject: CN=bc44e94c38a91e6c97b28e8ecca17de93b187fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:08:aa:16:cc:6e:2e:96:bb:b4:7e:5c:fa:ed:
                    8d:c6:f3:dd:73:52:50:ad:e2:5a:36:4f:bc:55:8e:
                    67:ba:93:f6:97:dd:fd:e9:df:70:1f:f9:78:ff:9e:
                    51:15:10:79:4a:b9:42:80:c6:e4:9e:7d:0a:d1:e2:
                    eb:d0:09:e1:60:97:5e:ed:ca:d9:19:b8:0f:33:e7:
                    ea:cd:60:c1:1d:e3:93:33:59:25:e2:86:d9:81:85:
                    4e:c7:76:f3:db:9a:fd:19:47:c4:91:f4:1c:42:29:
                    58:17:84:d1:bc:08:fe:22:9a:17:7c:c6:bd:e0:db:
                    2b:80:de:27:64:41:86:41:8d:2f:92:72:e2:80:33:
                    e1:71:6c:50:90:37:5b:f0:58:73:8f:48:d6:d2:28:
                    dc:3c:ea:24:ea:c5:ff:3e:fd:22:97:6a:28:5d:e6:
                    3d:d1:14:12:98:27:bf:88:9e:d4:74:2f:8b:60:ac:
                    ac:90:0b:87:30:8f:23:47:2c:f9:b6:ee:86:20:2a:
                    7a:12:c2:e5:f5:ec:f5:4c:ea:98:b6:56:8f:c8:19:
                    af:b8:72:f0:d9:e3:9e:df:e3:15:91:31:74:f4:30:
                    5b:ac:d8:05:70:ee:78:d2:fa:26:f4:d0:94:e1:1b:
                    bf:00:b8:62:13:ee:53:70:07:9c:89:8f:25:30:5e:
                    b6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:44:E9:4C:38:A9:1E:6C:97:B2:8E:8E:CC:A1:7D:E9:3B:18:7F:DD
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:c0:b8:02:d9:ba:62:47:66:ee:85:f7:11:fe:c3:6a:87:a0:
         39:ff:c1:4f:47:d0:bc:72:20:05:b2:4d:bf:95:c7:bd:81:8c:
         da:a4:aa:44:6d:1d:43:79:9c:7b:b4:73:f9:2c:c3:af:04:6f:
         41:21:4f:5e:ad:b5:fd:e4:74:83:c5:b7:5a:30:f7:97:50:dd:
         fe:8b:12:28:e1:57:b8:8e:d8:c6:d9:4c:83:1b:06:e3:75:f1:
         fa:a9:80:85:9d:84:5b:c2:3f:cf:b1:4a:9e:26:68:55:96:55:
         83:3e:e7:91:ab:fd:4a:17:a3:97:c0:8e:09:fb:e7:b5:64:44:
         27:b7:74:c4:b2:ab:36:91:8d:0a:6f:c5:59:07:d5:9e:4f:29:
         40:d8:87:ba:d2:aa:76:5b:56:fa:26:8d:2b:ab:83:db:57:48:
         25:00:23:0b:17:de:61:15:63:f6:cc:de:56:c7:50:bb:cf:cc:
         98:96:0f:83:9e:39:37:d3:f5:03:3b:48:e0:a3:76:f9:77:54:
         c1:4b:ac:dc:f1:f2:8b:d2:87:3d:32:6a:c7:21:03:fa:50:f4:
         50:b3:c7:01:f6:3b:73:a8:19:b2:2f:f2:49:b5:0c:10:0a:88:
         b4:36:c5:7a:a7:23:f5:01:fa:80:40:66:29:0e:80:75:32:26:
         f5:fd:d4:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFj/ndjDoOsM42ZXa6X/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjUwODIzMDcwMjI3WhcNMjUwODI0MDcwMjI3WjAzMTEwLwYDVQQD
EyhiYzQ0ZTk0YzM4YTkxZTZjOTdiMjhlOGVjY2ExN2RlOTNiMTg3ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwiqFsxuLpa7tH5c+u2NxvPdc1JQ
reJaNk+8VY5nupP2l9396d9wH/l4/55RFRB5SrlCgMbknn0K0eLr0AnhYJde7crZ
GbgPM+fqzWDBHeOTM1kl4obZgYVOx3bz25r9GUfEkfQcQilYF4TRvAj+IpoXfMa9
4NsrgN4nZEGGQY0vknLigDPhcWxQkDdb8Fhzj0jW0ijcPOok6sX/Pv0il2ooXeY9
0RQSmCe/iJ7UdC+LYKyskAuHMI8jRyz5tu6GICp6EsLl9ez1TOqYtlaPyBmvuHLw
2eOe3+MVkTF09DBbrNgFcO540vom9NCU4Ru/ALhiE+5TcAeciY8lMF62EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxE6Uw4qR5sl7KOjsyhfek7GH/dMB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALMC4Atm6
Ykdm7oX3Ef7DaoegOf/BT0fQvHIgBbJNv5XHvYGM2qSqRG0dQ3mce7Rz+SzDrwRv
QSFPXq21/eR0g8W3WjD3l1Dd/osSKOFXuI7YxtlMgxsG43Xx+qmAhZ2EW8I/z7FK
niZoVZZVgz7nkav9Shejl8COCfvntWREJ7d0xLKrNpGNCm/FWQfVnk8pQNiHutKq
dltW+iaNK6uD21dIJQAjCxfeYRVj9szeVsdQu8/MmJYPg545N9P1AztI4KN2+XdU
wUus3PHyi9KHPTJqxyED+lD0ULPHAfY7c6gZsi/ySbUMEAqItDbFeqcj9QH6gEBm
KQ6AdTIm9f3UAg==
-----END CERTIFICATE-----