Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
File:                     3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft (raw, json)
Hash identifier:          Q01u2NvwgEBtCmmD1/qj262jTFVn2d56D/zweGEurtg=
Subject key identifier:   A8:8D:61:CC:DC:B9:4A:96:96:12:C2:02:06:B0:A8:B5:EE:B8:14:62
Authority key identifier: DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D
Certificate issuer:       /CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
Certificate serial:       0198D516300455398D6A55250009836B5E4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
Manifest number:          0298
Signing time:             Sat 23 Aug 2025 04:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:57 +0000
Files and hashes:         1: 3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl (hash: JWRtuOH0IXhXbXMG1jtzKAbjMG53rvP6sBWxHHKNSfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:30:04:55:39:8d:6a:55:25:00:09:83:6b:5e:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
        Validity
            Not Before: Aug 23 04:00:57 2025 GMT
            Not After : Aug 24 04:00:57 2025 GMT
        Subject: CN=a88d61ccdcb94a969612c20206b0a8b5eeb81462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8d:f1:2a:5b:cc:41:8c:bb:7f:86:0a:02:a0:
                    ce:c2:0f:d5:32:80:af:1e:33:9b:18:46:81:22:de:
                    26:c2:25:f3:5c:a6:a6:16:c0:53:eb:5c:e4:bb:0a:
                    ad:f2:8e:11:10:12:a4:d7:8b:75:c3:58:7e:d9:aa:
                    15:7c:24:1a:c0:0f:f1:ba:19:3c:55:30:9a:33:6b:
                    94:04:52:88:a9:49:cb:e4:ec:0e:7f:32:77:22:21:
                    d6:d9:17:e8:d6:b3:1f:0f:55:a2:e4:80:72:a1:a3:
                    51:ad:b4:9b:ce:9c:e9:5c:f1:2a:d3:b4:44:9a:cf:
                    b3:50:d9:12:24:36:d7:88:14:5d:3b:5f:ab:a4:12:
                    d6:98:72:76:31:e6:2d:69:4d:75:4f:1f:df:45:93:
                    d3:00:46:e6:67:82:bb:5f:9f:ce:f0:0b:6e:d4:61:
                    4e:3b:2e:75:a5:03:37:19:33:1d:5d:23:3e:23:45:
                    d5:38:b0:12:53:b0:2a:fe:dc:5c:1a:55:bc:e5:33:
                    98:f4:bc:63:29:ec:09:49:20:31:54:7f:d1:67:f5:
                    22:62:8f:f3:63:d9:c0:72:28:8e:4d:67:97:e4:ae:
                    1e:36:c8:bc:a2:45:06:fd:f2:90:52:2b:b4:87:55:
                    c0:6d:5b:26:92:48:b6:94:91:a1:cb:b9:99:16:07:
                    75:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:8D:61:CC:DC:B9:4A:96:96:12:C2:02:06:B0:A8:B5:EE:B8:14:62
            X509v3 Authority Key Identifier:
                keyid:DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:ed:10:c5:64:16:5d:ea:d7:7d:63:ae:d9:d2:cf:22:c5:98:
         21:0c:ab:6b:64:5e:6e:58:2f:dd:6a:f1:5d:a8:2a:49:17:4c:
         0a:b4:ff:ff:8a:c4:21:21:69:86:57:af:74:5d:d4:1e:c4:8e:
         70:c2:c0:4f:05:bc:b5:2f:89:fe:43:21:5e:3a:67:18:fa:e3:
         50:76:3f:3b:5e:ec:68:f1:b2:84:63:1e:7a:2f:6e:9f:6f:2f:
         72:fd:b5:d5:98:28:02:16:19:74:1d:f1:19:12:2b:23:f6:0f:
         9d:a6:21:fe:ac:37:3c:9e:5a:72:7c:1d:df:1f:66:f1:e7:32:
         70:6b:2f:04:f8:96:d0:4c:bc:85:8b:9f:01:69:4d:16:80:8e:
         db:a3:9e:73:00:f2:d9:8f:24:a8:95:2d:76:72:cc:48:15:14:
         da:ba:6b:bc:2d:40:ac:d2:ee:77:96:71:fa:db:af:01:82:44:
         b9:64:f4:5c:06:69:cc:2a:7b:37:0b:a3:c2:5b:99:9d:b8:8d:
         aa:ba:7a:fe:dc:c5:2a:17:dc:75:23:48:1f:2f:96:d2:4d:f4:
         b5:7d:0d:8a:0a:e8:59:27:13:40:eb:81:64:36:47:ac:3c:58:
         d2:8a:a5:fd:2e:0f:0c:fe:12:73:0f:28:8c:26:61:2c:e5:97:
         0f:52:95:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFjAEVTmNalUlAAmDa15OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzYTk4NDk1YzI3YjljZTM1MGFlNWI4OWY5OTE0NGIw
YTRjOWQwHhcNMjUwODIzMDQwMDU3WhcNMjUwODI0MDQwMDU3WjAzMTEwLwYDVQQD
EyhhODhkNjFjY2RjYjk0YTk2OTYxMmMyMDIwNmIwYThiNWVlYjgxNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto3xKlvMQYy7f4YKAqDOwg/VMoCv
HjObGEaBIt4mwiXzXKamFsBT61zkuwqt8o4REBKk14t1w1h+2aoVfCQawA/xuhk8
VTCaM2uUBFKIqUnL5OwOfzJ3IiHW2Rfo1rMfD1Wi5IByoaNRrbSbzpzpXPEq07RE
ms+zUNkSJDbXiBRdO1+rpBLWmHJ2MeYtaU11Tx/fRZPTAEbmZ4K7X5/O8Atu1GFO
Oy51pQM3GTMdXSM+I0XVOLASU7Aq/txcGlW85TOY9LxjKewJSSAxVH/RZ/UiYo/z
Y9nAciiOTWeX5K4eNsi8okUG/fKQUiu0h1XAbVsmkki2lJGhy7mZFgd1CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiNYczcuUqWlhLCAgawqLXuuBRiMB8GA1UdIwQY
MBaAFN49OphJXCe5zjUK5bifmRRLCkydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEt
Yzg4OGIyMDQ4OWZjLzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEtYzg4OGIyMDQ4OWZj
LzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPO0QxWQW
XerXfWOu2dLPIsWYIQyra2Reblgv3WrxXagqSRdMCrT//4rEISFphlevdF3UHsSO
cMLATwW8tS+J/kMhXjpnGPrjUHY/O17saPGyhGMeei9un28vcv211ZgoAhYZdB3x
GRIrI/YPnaYh/qw3PJ5acnwd3x9m8ecycGsvBPiW0Ey8hYufAWlNFoCO26OecwDy
2Y8kqJUtdnLMSBUU2rprvC1ArNLud5Zx+tuvAYJEuWT0XAZpzCp7NwujwluZnbiN
qrp6/tzFKhfcdSNIHy+W0k30tX0NigroWScTQOuBZDZHrDxY0oql/S4PDP4Scw8o
jCZhLOWXD1KVsQ==
-----END CERTIFICATE-----