Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          4hjNoOpbqdOr28cCrtrUfZs6VInOq+Aa2nQcBc6k/O8=
Subject key identifier:   ED:5F:7B:7D:D0:F1:28:D7:DD:FA:43:03:76:8B:0C:C4:BF:BA:53:56
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       0198D4E0640A224A0EB4E6951BB823285746
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          0612
Signing time:             Sat 23 Aug 2025 03:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:12 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: w5ccfbBdlx/toHAvnW9xqSK22PkQop4OfhTdJV34Mfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:64:0a:22:4a:0e:b4:e6:95:1b:b8:23:28:57:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Aug 23 03:02:12 2025 GMT
            Not After : Aug 24 03:02:12 2025 GMT
        Subject: CN=ed5f7b7dd0f128d7ddfa4303768b0cc4bfba5356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:ac:d1:2b:d9:af:bc:1e:f3:6c:17:56:4e:44:
                    ec:94:92:6d:11:8c:2a:e0:49:76:83:52:d6:33:cb:
                    52:49:64:6a:c3:c5:83:ed:0a:21:cf:fc:0e:27:d6:
                    00:8a:52:e3:90:74:54:0c:13:27:aa:10:da:96:c0:
                    6c:2f:00:e8:4d:af:7c:dc:1e:f6:b5:1e:91:23:37:
                    00:78:4a:65:32:53:70:26:0e:94:8d:ed:21:7c:66:
                    e7:36:0d:64:76:f0:ac:9d:a6:bc:95:77:fc:21:b5:
                    5c:32:25:da:70:06:ad:fb:f8:38:ff:d7:31:24:01:
                    60:2f:0c:ff:0e:45:b5:82:ab:bf:5e:ca:d9:b0:21:
                    4b:96:8c:28:bb:8b:aa:58:f9:1e:ba:6b:61:33:b0:
                    28:4e:6a:f9:00:b7:d6:c3:07:d0:f9:15:f0:87:47:
                    cb:0b:ad:af:42:32:67:0e:2b:ac:e8:e0:0b:05:ff:
                    a6:72:3b:f6:4c:71:e4:b4:b5:1b:7d:fe:33:a5:21:
                    aa:9f:70:cc:cc:4d:9d:33:81:34:9d:b0:f1:1a:de:
                    dd:39:5d:9d:9f:36:f7:d0:54:1a:18:82:56:88:89:
                    ba:84:88:50:66:a3:19:e6:e9:7a:ff:cd:b7:c7:38:
                    fe:ee:b6:a7:c3:26:d5:21:f9:9c:0d:f0:e0:5c:9f:
                    52:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:5F:7B:7D:D0:F1:28:D7:DD:FA:43:03:76:8B:0C:C4:BF:BA:53:56
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:2e:a0:a4:5a:12:67:02:f1:e5:fd:89:23:13:32:8d:0e:a8:
         dc:54:da:c1:2d:17:d4:5f:24:8b:8b:d8:92:38:fb:3a:09:cd:
         37:d5:65:da:35:c5:8d:60:40:a4:6e:05:c1:dd:e5:69:2f:77:
         85:fa:0b:0a:c1:c1:c0:14:aa:94:ef:d6:4e:ff:d9:83:cb:fc:
         94:06:26:b1:c9:6b:12:8b:ab:f8:ae:fd:a8:4d:6f:31:f2:3d:
         bd:89:b3:70:fa:e3:31:d2:dd:7d:44:e7:8e:2a:20:e6:a5:28:
         ef:1f:c0:70:e1:ad:76:32:e4:d6:88:cb:f6:44:3b:1f:4d:09:
         14:61:4d:90:73:78:6d:72:f7:34:1b:3d:ab:95:e3:f4:44:94:
         f8:f2:8a:2f:90:3c:a4:dc:d4:7c:3a:d7:b9:4d:2f:68:2a:42:
         87:6a:b1:8e:fc:7a:35:e6:f9:75:4c:ea:fa:b4:6f:1a:e4:f4:
         0f:2a:51:f8:cc:88:2b:c9:b7:a3:7c:6a:d1:4c:54:c5:3e:f5:
         6f:5a:65:3d:e7:99:aa:ee:d3:66:94:a0:89:28:a8:6d:61:53:
         28:29:e6:95:1e:80:80:ac:14:c3:8f:c7:b4:d0:9b:d2:92:ca:
         39:26:95:9a:77:20:fa:29:51:73:cc:e7:3b:b5:96:38:ad:24:
         a1:d2:ea:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4GQKIkoOtOaVG7gjKFdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwODIzMDMwMjEyWhcNMjUwODI0MDMwMjEyWjAzMTEwLwYDVQQD
EyhlZDVmN2I3ZGQwZjEyOGQ3ZGRmYTQzMDM3NjhiMGNjNGJmYmE1MzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+6zRK9mvvB7zbBdWTkTslJJtEYwq
4El2g1LWM8tSSWRqw8WD7Qohz/wOJ9YAilLjkHRUDBMnqhDalsBsLwDoTa983B72
tR6RIzcAeEplMlNwJg6Uje0hfGbnNg1kdvCsnaa8lXf8IbVcMiXacAat+/g4/9cx
JAFgLwz/DkW1gqu/XsrZsCFLlowou4uqWPkeumthM7AoTmr5ALfWwwfQ+RXwh0fL
C62vQjJnDius6OALBf+mcjv2THHktLUbff4zpSGqn3DMzE2dM4E0nbDxGt7dOV2d
nzb30FQaGIJWiIm6hIhQZqMZ5ul6/823xzj+7ranwybVIfmcDfDgXJ9SxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1fe33Q8SjX3fpDA3aLDMS/ulNWMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYC6gpFoS
ZwLx5f2JIxMyjQ6o3FTawS0X1F8ki4vYkjj7OgnNN9Vl2jXFjWBApG4Fwd3laS93
hfoLCsHBwBSqlO/WTv/Zg8v8lAYmsclrEour+K79qE1vMfI9vYmzcPrjMdLdfUTn
jiog5qUo7x/AcOGtdjLk1ojL9kQ7H00JFGFNkHN4bXL3NBs9q5Xj9ESU+PKKL5A8
pNzUfDrXuU0vaCpCh2qxjvx6Neb5dUzq+rRvGuT0DypR+MyIK8m3o3xq0UxUxT71
b1plPeeZqu7TZpSgiSiobWFTKCnmlR6AgKwUw4/HtNCb0pLKOSaVmncg+ilRc8zn
O7WWOK0kodLqLw==
-----END CERTIFICATE-----