Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          7dS3rzaUTHjFBkBAuNuRKEgt9/H3Hl5SlY1CSJRufaA=
Subject key identifier:   B5:92:76:90:05:04:83:E0:8C:2B:32:EB:92:91:08:B6:D2:CA:0C:10
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       0198D6601061EA40B4CD9CF7106D3B35D55F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 10:01:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:16 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: jd0ayyYvMRkTUX5F4/8hfLBk05cz9qnOJbkMu2rGmrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:10:61:ea:40:b4:cd:9c:f7:10:6d:3b:35:d5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Aug 23 10:01:16 2025 GMT
            Not After : Aug 24 10:01:16 2025 GMT
        Subject: CN=b5927690050483e08c2b32eb929108b6d2ca0c10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:02:ad:5c:6f:c6:87:7b:b6:8a:d7:ab:09:74:
                    74:49:1b:03:dc:2c:9a:6e:ab:08:5a:9e:e2:0a:ce:
                    80:12:63:01:85:a0:e2:68:87:2f:64:84:6a:04:1b:
                    e8:7c:9a:f0:58:46:9d:f0:71:80:61:6d:51:b6:f8:
                    ca:e7:2b:29:ed:af:c7:60:d4:60:f1:c8:56:2e:f3:
                    0b:a9:55:e7:14:ee:c1:15:26:a1:90:22:bb:9e:fe:
                    93:81:3c:59:f2:13:65:b6:6f:2a:f8:41:b5:8b:a7:
                    d9:b9:d2:ff:3e:2b:19:35:01:48:f2:39:f1:8b:e5:
                    93:56:b5:d3:d2:d9:9a:78:d4:10:30:ad:42:8d:f4:
                    2a:86:9e:bd:5d:be:d3:d5:9b:88:a6:21:6b:53:39:
                    6d:4d:5f:68:99:72:b2:1e:10:04:ef:34:52:d0:51:
                    dc:e2:0a:e5:1e:d4:73:1f:9b:89:18:f7:02:9d:be:
                    6b:f9:21:67:80:fa:90:56:3f:85:2c:b3:f2:d4:57:
                    44:4a:9e:f7:ae:ed:d7:c0:66:99:2e:b7:79:af:18:
                    3f:94:bd:e2:ee:80:f1:90:f4:bb:e3:4e:45:37:84:
                    b6:bd:6b:e9:6c:c8:cb:80:89:c0:fe:34:ae:2a:2c:
                    c3:53:2e:ae:4c:b7:ea:f3:58:4d:40:57:f3:84:26:
                    70:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:92:76:90:05:04:83:E0:8C:2B:32:EB:92:91:08:B6:D2:CA:0C:10
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:26:33:65:ad:12:ce:d8:56:e2:a7:05:27:2b:60:88:34:ac:
         63:ce:f9:88:76:06:f6:5b:61:35:f8:e0:fe:c0:a0:29:37:8f:
         59:1d:a7:cc:f1:c5:0c:fe:8d:e6:63:a3:d0:62:c2:2e:c3:5e:
         b6:4c:24:2a:14:e8:98:a4:16:80:b5:27:12:65:d6:42:b1:1f:
         c3:dc:7f:32:80:13:b2:15:ac:4b:5f:9d:90:05:c1:b7:4b:f7:
         b5:ee:42:8a:2c:cd:3a:6b:7b:c1:86:f5:50:59:84:e9:85:31:
         66:20:50:aa:f4:e2:6f:1e:6a:cb:dc:59:b8:14:59:39:c8:3b:
         67:03:6f:61:76:cc:71:a2:75:27:18:47:2d:f8:04:f3:60:6f:
         bc:a0:05:f0:69:af:33:51:a3:52:d0:75:10:d3:57:f0:b8:7c:
         eb:5c:8e:11:bf:aa:3d:34:a7:90:8b:ef:3e:85:39:39:48:7b:
         3e:67:c9:b3:19:37:56:64:e8:87:24:6e:00:64:ac:49:cc:3d:
         c5:52:71:0e:ba:b6:d8:ac:de:0f:67:c7:b4:e2:f4:ba:83:2d:
         02:34:41:d0:2e:36:8a:4f:af:ac:bc:a8:cd:6c:de:8d:75:19:
         df:37:8a:b0:38:b9:69:71:40:25:f5:c0:cd:42:77:84:6b:5c:
         b0:ba:8f:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYBBh6kC0zZz3EG07NdVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwODIzMTAwMTE2WhcNMjUwODI0MTAwMTE2WjAzMTEwLwYDVQQD
EyhiNTkyNzY5MDA1MDQ4M2UwOGMyYjMyZWI5MjkxMDhiNmQyY2EwYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAKtXG/Gh3u2iterCXR0SRsD3Cya
bqsIWp7iCs6AEmMBhaDiaIcvZIRqBBvofJrwWEad8HGAYW1RtvjK5ysp7a/HYNRg
8chWLvMLqVXnFO7BFSahkCK7nv6TgTxZ8hNltm8q+EG1i6fZudL/PisZNQFI8jnx
i+WTVrXT0tmaeNQQMK1CjfQqhp69Xb7T1ZuIpiFrUzltTV9omXKyHhAE7zRS0FHc
4grlHtRzH5uJGPcCnb5r+SFngPqQVj+FLLPy1FdESp73ru3XwGaZLrd5rxg/lL3i
7oDxkPS7405FN4S2vWvpbMjLgInA/jSuKizDUy6uTLfq81hNQFfzhCZwIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWSdpAFBIPgjCsy65KRCLbSygwQMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiYzZa0S
zthW4qcFJytgiDSsY875iHYG9lthNfjg/sCgKTePWR2nzPHFDP6N5mOj0GLCLsNe
tkwkKhTomKQWgLUnEmXWQrEfw9x/MoATshWsS1+dkAXBt0v3te5CiizNOmt7wYb1
UFmE6YUxZiBQqvTibx5qy9xZuBRZOcg7ZwNvYXbMcaJ1JxhHLfgE82BvvKAF8Gmv
M1GjUtB1ENNX8Lh861yOEb+qPTSnkIvvPoU5OUh7PmfJsxk3VmTohyRuAGSsScw9
xVJxDrq22KzeD2fHtOL0uoMtAjRB0C42ik+vrLyozWzejXUZ3zeKsDi5aXFAJfXA
zUJ3hGtcsLqP1g==
-----END CERTIFICATE-----