Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          +WP3nHZR8xY3ISgkINCKEo//ePk+FeR9xoij+8jvJno=
Subject key identifier:   29:35:F4:FC:61:6D:29:21:66:62:2D:B2:CC:54:28:63:35:86:75:42
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       0198D515B46CC6DF178D2EF72459CC67941B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          03F3
Signing time:             Sat 23 Aug 2025 04:00:26 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:26 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:26 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: vRN8Qa7NEsu9loibGuqkIaQd06vGx3L/9uyydBf9GVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:b4:6c:c6:df:17:8d:2e:f7:24:59:cc:67:94:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Aug 23 04:00:26 2025 GMT
            Not After : Aug 24 04:00:26 2025 GMT
        Subject: CN=2935f4fc616d292166622db2cc54286335867542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:47:fe:0d:4a:3f:8d:d3:79:f1:71:f4:48:34:
                    1b:ca:d9:ed:66:88:fb:0c:21:67:b0:7e:b7:ed:c5:
                    69:cc:31:95:2b:ac:fc:79:19:c6:7e:dd:ba:2b:f3:
                    74:69:1d:b1:ee:80:f5:63:52:4c:50:c4:af:ab:bd:
                    8f:98:cf:0c:98:d6:49:9d:d5:7f:f3:02:fb:34:d7:
                    93:76:27:03:f6:9b:5c:24:bd:da:79:5c:3f:54:25:
                    9c:ca:bd:dd:83:eb:d7:d2:09:28:5e:4c:a1:61:32:
                    bd:23:6b:1e:38:24:2b:4b:ac:8f:ee:bd:15:13:fe:
                    25:bb:27:8d:57:37:23:f3:15:cf:e9:7d:19:ef:28:
                    9f:c0:c4:75:ef:fa:85:11:5e:0d:82:9f:82:43:81:
                    69:f1:40:70:be:bf:18:b0:a5:85:8b:1f:4b:35:b1:
                    ee:c6:90:05:84:42:e3:25:a1:cf:ca:f8:75:46:9c:
                    10:6c:4f:5c:51:32:ab:30:3d:f1:bd:28:9c:80:ff:
                    ee:9c:90:98:75:ca:37:71:25:56:5e:c9:03:70:49:
                    73:48:38:85:5b:c8:a5:35:a2:df:aa:8f:ec:53:29:
                    83:a5:59:48:1b:07:e9:d5:1a:81:13:70:c0:c7:37:
                    39:3c:6e:f7:47:00:08:70:52:8d:78:fc:87:be:8e:
                    3f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:35:F4:FC:61:6D:29:21:66:62:2D:B2:CC:54:28:63:35:86:75:42
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:e7:f7:5d:ea:27:ea:9e:11:59:0b:69:f3:95:8e:f7:8d:4f:
         a7:7f:aa:70:4a:0f:ef:b9:50:59:ae:dd:e8:21:37:92:b1:01:
         87:c7:24:d3:60:0b:46:c3:b9:2d:9b:28:46:42:dc:5b:11:52:
         7e:f4:01:a2:0c:1d:09:1c:53:9a:52:35:cf:bb:2c:19:14:ad:
         fd:ca:9d:0a:c5:7e:5e:e5:e1:9b:d6:28:e2:39:6f:35:2d:c8:
         f0:39:0f:8c:43:c9:17:22:7d:4b:1e:f3:25:0a:19:c1:e7:be:
         d1:81:d7:e0:97:21:1a:24:bf:39:f4:74:3a:97:92:ad:dd:bc:
         1a:0e:a2:e3:f3:d5:20:22:a1:84:ab:5b:2b:62:77:9b:71:14:
         b5:63:43:29:7b:6a:bd:03:74:82:8a:07:dc:8a:98:c7:b4:ce:
         1e:6a:a9:b7:bf:3c:c9:14:2a:78:ba:9b:5b:8f:f0:56:3c:60:
         1d:a6:93:87:04:15:42:2d:0b:5f:f5:49:30:d8:c5:d0:1b:5c:
         55:21:0a:54:cd:bf:62:f9:2d:52:45:67:44:aa:e8:7c:d6:c7:
         06:84:7a:83:77:1f:3c:d5:06:8c:b4:ae:89:c6:7f:fb:cd:10:
         ac:32:e5:68:5d:b9:56:e5:19:e4:bb:1e:8b:e5:ea:9c:4e:d6:
         2c:95:9c:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFbRsxt8XjS73JFnMZ5QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwODIzMDQwMDI2WhcNMjUwODI0MDQwMDI2WjAzMTEwLwYDVQQD
EygyOTM1ZjRmYzYxNmQyOTIxNjY2MjJkYjJjYzU0Mjg2MzM1ODY3NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEf+DUo/jdN58XH0SDQbytntZoj7
DCFnsH637cVpzDGVK6z8eRnGft26K/N0aR2x7oD1Y1JMUMSvq72PmM8MmNZJndV/
8wL7NNeTdicD9ptcJL3aeVw/VCWcyr3dg+vX0gkoXkyhYTK9I2seOCQrS6yP7r0V
E/4luyeNVzcj8xXP6X0Z7yifwMR17/qFEV4Ngp+CQ4Fp8UBwvr8YsKWFix9LNbHu
xpAFhELjJaHPyvh1RpwQbE9cUTKrMD3xvSicgP/unJCYdco3cSVWXskDcElzSDiF
W8ilNaLfqo/sUymDpVlIGwfp1RqBE3DAxzc5PG73RwAIcFKNePyHvo4/1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCk19PxhbSkhZmItssxUKGM1hnVCMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqef3Xeon
6p4RWQtp85WO941Pp3+qcEoP77lQWa7d6CE3krEBh8ck02ALRsO5LZsoRkLcWxFS
fvQBogwdCRxTmlI1z7ssGRSt/cqdCsV+XuXhm9Yo4jlvNS3I8DkPjEPJFyJ9Sx7z
JQoZwee+0YHX4JchGiS/OfR0OpeSrd28Gg6i4/PVICKhhKtbK2J3m3EUtWNDKXtq
vQN0gooH3IqYx7TOHmqpt788yRQqeLqbW4/wVjxgHaaThwQVQi0LX/VJMNjF0Btc
VSEKVM2/YvktUkVnRKrofNbHBoR6g3cfPNUGjLSuicZ/+80QrDLlaF25VuUZ5Lse
i+XqnE7WLJWcUg==
-----END CERTIFICATE-----