Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
File:                     b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft (raw, json)
Hash identifier:          szffgr5tVtaMtObZxle0Pnc5l97zV+0nHmhzd0W3gh4=
Subject key identifier:   3C:38:64:E3:AF:89:63:2F:DF:21:87:9A:73:9A:96:60:00:08:B8:C5
Authority key identifier: 6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1
Certificate issuer:       /CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
Certificate serial:       0198D73B97E32EF15ACE149D7E1AA15CDCE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
Manifest number:          1042
Signing time:             Sat 23 Aug 2025 14:01:03 +0000
Manifest this update:     Sat 23 Aug 2025 14:01:03 +0000
Manifest next update:     Sun 24 Aug 2025 14:01:03 +0000
Files and hashes:         1: b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl (hash: kHIrbaF9mEVUrl7RuFNEEovbB7PY6C40sb9tuAimxiA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:97:e3:2e:f1:5a:ce:14:9d:7e:1a:a1:5c:dc:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
        Validity
            Not Before: Aug 23 14:01:03 2025 GMT
            Not After : Aug 24 14:01:03 2025 GMT
        Subject: CN=3c3864e3af89632fdf21879a739a96600008b8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:16:0e:e7:7e:70:c6:96:f2:9f:d3:a7:09:9f:
                    4d:db:d1:7d:57:1f:07:53:96:d7:49:96:50:5b:05:
                    a9:c0:ad:6e:e5:a3:3e:96:31:02:2e:b2:50:0c:64:
                    01:db:d1:ea:b6:03:7c:54:9a:75:59:b7:66:fc:0d:
                    3e:5e:bc:15:89:a0:71:0b:7b:a7:c1:34:a6:75:72:
                    3c:cb:50:d7:26:1b:88:cc:c0:49:2f:43:bf:27:2a:
                    7c:16:a8:bd:f5:c0:c8:81:e4:f4:be:db:d8:98:95:
                    a8:5b:43:51:4c:17:ee:8f:40:d6:28:00:2e:1b:64:
                    ba:33:af:4b:6a:52:bb:ed:3e:4a:8d:42:c9:08:71:
                    2a:59:a5:35:3c:ad:26:ba:d9:2d:1e:31:b8:c3:0f:
                    75:79:84:7c:37:33:a6:c0:85:67:28:69:10:c4:e0:
                    6c:cc:b7:c1:72:60:ab:03:75:c3:94:e0:03:43:5c:
                    4e:51:f8:48:e0:f2:82:86:98:db:08:73:3f:41:29:
                    e9:46:b0:70:94:98:c9:5c:0c:98:57:85:e2:d2:20:
                    68:a8:93:2a:d7:d0:86:3c:82:ee:07:08:91:08:a6:
                    de:c6:95:07:ef:0f:fb:5b:e4:7f:23:a2:67:b3:e7:
                    53:ba:9d:e4:2f:39:b5:90:12:2e:c7:ef:8e:6c:86:
                    97:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:38:64:E3:AF:89:63:2F:DF:21:87:9A:73:9A:96:60:00:08:B8:C5
            X509v3 Authority Key Identifier:
                keyid:6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:58:80:bb:7a:bf:9e:7d:c4:9d:4a:f9:ad:b8:63:fd:e4:5c:
         7f:e0:c3:c7:82:df:08:b2:22:62:1a:c6:c1:4b:00:5c:83:5d:
         47:4a:3a:74:90:ba:ba:09:02:15:9d:bb:2c:d8:92:0c:7f:7b:
         b6:b1:96:72:89:26:d2:52:e7:80:f7:f5:58:ce:83:cf:6e:5b:
         6b:eb:0b:95:5c:48:41:04:cc:97:50:aa:d6:f8:5e:a2:52:2f:
         c4:8d:33:5c:74:89:e1:a7:44:15:54:e2:f3:e8:bd:2f:b3:c2:
         f2:d1:0c:e4:de:9f:e1:76:8c:91:0d:2a:ba:1a:23:fe:8b:dc:
         6f:75:79:18:15:0f:df:ce:0d:d6:1e:b7:b9:d3:4e:e8:04:6b:
         0a:fc:58:52:e9:66:e1:dd:b3:19:ed:be:c0:b7:32:2c:22:17:
         fb:55:bc:f5:bd:83:42:19:5a:1f:7c:c0:d0:6d:82:3f:fa:59:
         8d:a7:1a:fa:5e:df:2c:2a:e3:15:3d:64:23:6a:19:f9:3a:d9:
         f8:5a:71:b6:8d:a7:9f:a3:e9:08:c9:96:e1:c3:ff:a0:ae:e0:
         53:d4:25:fc:91:1a:32:37:fd:e0:9d:b3:34:82:3d:61:f9:11:
         4b:90:74:40:73:bf:ae:bc:16:f5:0b:40:b3:21:21:3b:ce:fe:
         1b:5d:c6:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO5fjLvFazhSdfhqhXNznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNjQ4ZTNjYWI2MDliZDE0ODNjYTNlNTE5MTFjZWFhNTNm
MGM2YTEwHhcNMjUwODIzMTQwMTAzWhcNMjUwODI0MTQwMTAzWjAzMTEwLwYDVQQD
EygzYzM4NjRlM2FmODk2MzJmZGYyMTg3OWE3MzlhOTY2MDAwMDhiOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhYO535wxpbyn9OnCZ9N29F9Vx8H
U5bXSZZQWwWpwK1u5aM+ljECLrJQDGQB29HqtgN8VJp1Wbdm/A0+XrwViaBxC3un
wTSmdXI8y1DXJhuIzMBJL0O/Jyp8Fqi99cDIgeT0vtvYmJWoW0NRTBfuj0DWKAAu
G2S6M69LalK77T5KjULJCHEqWaU1PK0mutktHjG4ww91eYR8NzOmwIVnKGkQxOBs
zLfBcmCrA3XDlOADQ1xOUfhI4PKChpjbCHM/QSnpRrBwlJjJXAyYV4Xi0iBoqJMq
19CGPILuBwiRCKbexpUH7w/7W+R/I6Jns+dTup3kLzm1kBIux++ObIaX+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDw4ZOOviWMv3yGHmnOalmAACLjFMB8GA1UdIwQY
MBaAFG9kjjyrYJvRSDyj5RkRzqpT8MahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEt
YTA2OWFmODU0YjA1LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEtYTA2OWFmODU0YjA1
LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIliAu3q/
nn3EnUr5rbhj/eRcf+DDx4LfCLIiYhrGwUsAXINdR0o6dJC6ugkCFZ27LNiSDH97
trGWcokm0lLngPf1WM6Dz25ba+sLlVxIQQTMl1Cq1vheolIvxI0zXHSJ4adEFVTi
8+i9L7PC8tEM5N6f4XaMkQ0quhoj/ovcb3V5GBUP384N1h63udNO6ARrCvxYUulm
4d2zGe2+wLcyLCIX+1W89b2DQhlaH3zA0G2CP/pZjaca+l7fLCrjFT1kI2oZ+TrZ
+Fpxto2nn6PpCMmW4cP/oK7gU9Ql/JEaMjf94J2zNII9YfkRS5B0QHO/rrwW9QtA
syEhO87+G13Gbw==
-----END CERTIFICATE-----