Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          nD/r1AvqdGo+jfGy1s2ZeaVwK6FsORbmX+ocIqbjrwk=
Subject key identifier:   3C:E7:D3:62:61:02:6D:BE:79:B2:C2:9D:73:6D:EC:13:39:27:72:6F
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       0198D6600000491BA0A54997F0E523F5BDB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:01:12 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:12 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:12 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: NccBx5/m8CFfmCAo/nDEDVl0Vkma3QchS6e3xE02sN8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:00:00:49:1b:a0:a5:49:97:f0:e5:23:f5:bd:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Aug 23 10:01:12 2025 GMT
            Not After : Aug 24 10:01:12 2025 GMT
        Subject: CN=3ce7d36261026dbe79b2c29d736dec133927726f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:79:55:32:a1:5b:ab:a2:ed:8b:36:4d:bd:49:
                    18:a5:9c:b1:99:0d:f3:bb:79:6f:c7:34:ee:92:99:
                    5e:1a:a1:4b:f4:d5:2a:ee:83:07:f5:d8:d9:08:80:
                    40:59:71:41:31:71:9f:f6:2c:ab:cb:21:12:29:de:
                    dd:24:02:e6:22:28:08:fe:6b:d2:92:f7:7e:30:6c:
                    49:84:e5:88:34:e9:a4:8e:c2:07:d6:66:53:6e:36:
                    c1:7e:cc:56:85:a6:56:80:af:f0:01:9b:cc:06:a6:
                    5b:e3:ae:fa:a6:85:ba:04:80:de:c7:ce:36:3c:34:
                    63:dc:8c:6c:09:d3:62:60:03:a4:ae:7c:06:7a:97:
                    3f:ed:33:ad:52:63:87:95:21:35:e9:29:64:9a:a9:
                    ae:ad:c4:c1:8f:78:23:19:70:c8:84:e5:fb:c0:cd:
                    45:17:a7:fe:da:12:6c:b9:71:23:99:e1:3a:60:f3:
                    00:9f:c7:36:b9:35:f3:d6:a3:43:15:e6:f8:52:54:
                    02:ca:44:4e:f8:61:9e:ab:e2:85:21:bf:ce:cd:a1:
                    bf:3b:a0:fa:e7:8b:52:93:43:c6:21:a7:92:ea:6d:
                    1c:3e:80:76:ce:36:58:2d:b3:43:1c:c1:2a:a6:68:
                    11:6b:9c:8d:cd:3e:87:20:2e:e8:b0:f1:c2:5b:e8:
                    98:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:E7:D3:62:61:02:6D:BE:79:B2:C2:9D:73:6D:EC:13:39:27:72:6F
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:80:0e:c4:fa:08:b6:fd:9a:ec:5d:0a:37:25:66:5c:80:cd:
         a2:c0:88:81:6e:99:f8:06:01:3d:40:c8:6e:03:82:75:39:a0:
         ef:cb:d4:77:ee:78:92:3c:b6:ac:88:c4:17:aa:6d:ba:ef:40:
         67:59:74:0d:a3:97:ec:b6:4a:e6:47:80:8b:05:02:bd:72:3b:
         11:27:22:90:9b:17:12:a9:6f:6f:0e:bd:ec:8e:f4:43:76:3e:
         c1:b2:64:b3:95:9f:95:00:88:65:b4:86:10:01:de:0d:8e:31:
         10:c5:a4:b8:08:2b:05:4f:92:a2:68:3b:3b:f0:e7:fa:27:76:
         9f:14:8f:5f:91:7a:43:b8:ed:99:aa:17:67:3f:21:b5:00:80:
         aa:02:9e:ab:9e:e9:d5:b5:bf:53:99:b1:04:e0:bd:44:9a:69:
         9c:f3:65:95:ad:e9:d9:09:f3:19:5c:60:13:c3:a4:75:0c:b4:
         57:79:59:6c:91:79:3e:94:a6:fd:1c:2b:54:17:20:f9:b2:24:
         fa:e1:1e:b2:9e:8c:25:51:5a:44:29:d1:12:73:3d:b4:9b:b3:
         d5:e6:3f:56:19:a8:a9:e8:ae:9f:dc:63:d1:91:9d:b4:d3:ed:
         15:37:4c:94:a5:8c:dd:27:b9:eb:87:91:c7:07:22:53:5d:6f:
         9e:c6:5a:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYAAASRugpUmX8OUj9b2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUwODIzMTAwMTEyWhcNMjUwODI0MTAwMTEyWjAzMTEwLwYDVQQD
EygzY2U3ZDM2MjYxMDI2ZGJlNzliMmMyOWQ3MzZkZWMxMzM5Mjc3MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnlVMqFbq6LtizZNvUkYpZyxmQ3z
u3lvxzTukpleGqFL9NUq7oMH9djZCIBAWXFBMXGf9iyryyESKd7dJALmIigI/mvS
kvd+MGxJhOWINOmkjsIH1mZTbjbBfsxWhaZWgK/wAZvMBqZb4676poW6BIDex842
PDRj3IxsCdNiYAOkrnwGepc/7TOtUmOHlSE16SlkmqmurcTBj3gjGXDIhOX7wM1F
F6f+2hJsuXEjmeE6YPMAn8c2uTXz1qNDFeb4UlQCykRO+GGeq+KFIb/OzaG/O6D6
54tSk0PGIaeS6m0cPoB2zjZYLbNDHMEqpmgRa5yNzT6HIC7osPHCW+iYCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzn02JhAm2+ebLCnXNt7BM5J3JvMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKIAOxPoI
tv2a7F0KNyVmXIDNosCIgW6Z+AYBPUDIbgOCdTmg78vUd+54kjy2rIjEF6ptuu9A
Z1l0DaOX7LZK5keAiwUCvXI7EScikJsXEqlvbw697I70Q3Y+wbJks5WflQCIZbSG
EAHeDY4xEMWkuAgrBU+Somg7O/Dn+id2nxSPX5F6Q7jtmaoXZz8htQCAqgKeq57p
1bW/U5mxBOC9RJppnPNlla3p2QnzGVxgE8OkdQy0V3lZbJF5PpSm/RwrVBcg+bIk
+uEesp6MJVFaRCnREnM9tJuz1eY/Vhmoqeiun9xj0ZGdtNPtFTdMlKWM3Se564eR
xwciU11vnsZasw==
-----END CERTIFICATE-----