Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          tC5WP6uk5rHTohtJlq2nJp8cxJkfyB6+C1BMjpyqv+s=
Subject key identifier:   DA:96:65:A6:08:EF:24:5C:D6:D0:BE:06:37:1C:38:68:D5:48:B1:3E
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       0198D472F8ACA7BA1B209E36DA608B1C147A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 01:02:41 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:41 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:41 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: AvI6dmJ0rYTqWhjbXc0OzCs6fm3hztRwjUvL5/KwFZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:f8:ac:a7:ba:1b:20:9e:36:da:60:8b:1c:14:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Aug 23 01:02:41 2025 GMT
            Not After : Aug 24 01:02:41 2025 GMT
        Subject: CN=da9665a608ef245cd6d0be06371c3868d548b13e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a6:82:f3:92:46:d9:76:d6:aa:33:2f:39:51:
                    73:4d:61:b0:86:df:b8:5d:2b:2e:df:98:e4:15:ab:
                    5d:ce:7c:b9:61:75:42:97:38:9d:86:8b:39:dd:e6:
                    d9:75:d5:5f:be:36:58:51:99:03:48:af:ac:64:54:
                    25:e5:3b:ff:92:d1:a3:0e:dd:c7:34:58:d3:55:97:
                    ee:4d:de:4a:48:02:39:31:3e:7d:74:d8:d3:0b:08:
                    f3:04:ba:f9:a5:e1:95:59:42:65:c8:a5:38:79:e0:
                    f2:aa:32:69:8e:6b:0f:f2:e8:b2:5a:ff:b7:df:dc:
                    fe:2d:9a:06:15:df:33:e7:2d:59:1b:7f:2f:cb:60:
                    23:ad:b9:37:da:1f:2e:48:23:2c:91:e0:8e:b7:1a:
                    24:90:91:92:fa:34:80:97:ba:b2:16:0c:13:6b:f4:
                    3a:1e:a8:1f:60:e7:65:20:99:40:e7:ea:59:af:f8:
                    73:4a:68:8e:dd:36:6c:28:04:d5:fc:e3:9a:91:b1:
                    6e:c7:2a:13:70:18:ad:ca:96:4e:d0:fc:6d:e3:24:
                    d6:dd:4e:d2:24:9b:7e:c6:9a:b5:a0:e0:9a:39:9e:
                    73:64:d1:c9:b0:e8:3a:49:21:8e:eb:1b:de:5c:68:
                    bb:c5:56:a0:21:bc:dc:04:45:1a:22:97:83:3f:c4:
                    09:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:96:65:A6:08:EF:24:5C:D6:D0:BE:06:37:1C:38:68:D5:48:B1:3E
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:4d:3b:25:ba:bd:86:aa:08:f7:02:b8:2f:cc:eb:d4:60:e2:
         b0:c8:33:6e:8c:8f:ad:71:78:52:d4:43:87:d6:d1:e4:73:58:
         86:9d:7b:28:16:41:86:ec:73:6d:2b:59:d3:57:09:be:cb:56:
         11:a0:e9:02:6e:78:2a:ed:65:c1:db:84:90:6b:94:57:22:86:
         a3:d1:58:69:0f:b9:fa:08:dd:06:c8:7f:d3:25:89:70:78:35:
         45:0b:9a:95:ad:bf:a9:42:2f:48:d7:e1:6f:26:ae:89:46:16:
         17:d6:70:1b:6e:b0:65:08:fe:61:dd:ea:6c:f5:e2:0e:01:43:
         f0:53:0c:6d:04:6b:33:17:6b:6c:cb:e8:03:5c:ab:e3:ec:f7:
         e4:1f:b2:83:f7:ce:7c:d4:ad:15:52:5c:27:c4:0f:1c:d0:4a:
         aa:7a:a8:ab:4d:f0:cc:8b:84:d3:93:38:41:c3:e5:64:20:80:
         01:d6:37:63:65:46:60:7e:1f:58:48:cf:a6:f1:e2:4b:02:9c:
         98:4d:1f:98:78:03:f2:59:b1:18:46:13:7a:a7:9f:9b:16:1e:
         e3:53:fb:f6:22:12:bb:ff:92:34:6b:6c:ae:3f:7f:73:2f:98:
         7e:5f:ca:fe:f9:09:80:21:b2:fa:93:05:eb:fc:e5:2c:e2:a1:
         ff:a9:52:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcvisp7obIJ422mCLHBR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwODIzMDEwMjQxWhcNMjUwODI0MDEwMjQxWjAzMTEwLwYDVQQD
EyhkYTk2NjVhNjA4ZWYyNDVjZDZkMGJlMDYzNzFjMzg2OGQ1NDhiMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46aC85JG2XbWqjMvOVFzTWGwht+4
XSsu35jkFatdzny5YXVClzidhos53ebZddVfvjZYUZkDSK+sZFQl5Tv/ktGjDt3H
NFjTVZfuTd5KSAI5MT59dNjTCwjzBLr5peGVWUJlyKU4eeDyqjJpjmsP8uiyWv+3
39z+LZoGFd8z5y1ZG38vy2Ajrbk32h8uSCMskeCOtxokkJGS+jSAl7qyFgwTa/Q6
HqgfYOdlIJlA5+pZr/hzSmiO3TZsKATV/OOakbFuxyoTcBitypZO0Pxt4yTW3U7S
JJt+xpq1oOCaOZ5zZNHJsOg6SSGO6xveXGi7xVagIbzcBEUaIpeDP8QJbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqWZaYI7yRc1tC+BjccOGjVSLE+MB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY007Jbq9
hqoI9wK4L8zr1GDisMgzboyPrXF4UtRDh9bR5HNYhp17KBZBhuxzbStZ01cJvstW
EaDpAm54Ku1lwduEkGuUVyKGo9FYaQ+5+gjdBsh/0yWJcHg1RQuala2/qUIvSNfh
byauiUYWF9ZwG26wZQj+Yd3qbPXiDgFD8FMMbQRrMxdrbMvoA1yr4+z35B+yg/fO
fNStFVJcJ8QPHNBKqnqoq03wzIuE05M4QcPlZCCAAdY3Y2VGYH4fWEjPpvHiSwKc
mE0fmHgD8lmxGEYTeqefmxYe41P79iISu/+SNGtsrj9/cy+Yfl/K/vkJgCGy+pMF
6/zlLOKh/6lS9Q==
-----END CERTIFICATE-----