Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          vQxgI4KcddfJT/xO1KdF46C56atQsmQnoJzhOfqywBY=
Subject key identifier:   A1:EF:CC:4B:9A:CC:34:81:5C:1E:D5:43:38:87:C0:83:DB:F0:04:49
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       0198D66013659D2D917ABB0677F6FF363883
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          018D
Signing time:             Sat 23 Aug 2025 10:01:17 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:17 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:17 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: eIuz8alFB+u+Ii2W3b68Q0nnIGdbTk3BpShoC0RynM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:13:65:9d:2d:91:7a:bb:06:77:f6:ff:36:38:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: Aug 23 10:01:17 2025 GMT
            Not After : Aug 24 10:01:17 2025 GMT
        Subject: CN=a1efcc4b9acc34815c1ed5433887c083dbf00449
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4b:c6:a7:62:3d:91:ea:d2:ce:c9:98:2f:26:
                    0a:5c:1c:69:d8:c9:66:22:61:4d:ed:5c:8b:df:4e:
                    bf:57:c0:0f:05:6b:85:c6:51:cc:dd:5d:94:44:9e:
                    85:13:3f:59:02:b7:59:47:0f:33:ce:82:e9:ea:7a:
                    3a:6f:2a:ad:84:ee:4c:df:93:38:e4:da:e8:d6:fb:
                    54:72:50:94:20:38:d3:c6:72:44:d0:8e:d8:bd:ca:
                    8d:18:74:d7:c9:c5:f5:73:2e:81:ec:2a:c3:37:c1:
                    48:20:27:09:f1:13:81:2c:77:6e:8f:f9:ef:a3:95:
                    c0:48:54:a9:73:7d:43:6f:44:e1:4b:99:97:8e:3b:
                    57:95:75:07:e4:22:88:c3:9a:1f:85:28:db:50:4f:
                    ff:22:16:d9:98:cc:2d:01:50:e4:57:66:be:b8:c2:
                    a0:92:c0:44:f1:de:15:f4:09:d7:fa:92:06:00:0e:
                    b7:3a:68:e7:5e:5b:42:52:35:1b:e1:ca:d1:01:44:
                    0c:d2:1f:31:b6:fb:84:4e:6a:e3:56:eb:a1:80:7c:
                    22:0b:12:07:18:ee:dc:38:3d:62:7b:77:e5:2c:21:
                    80:39:e9:f9:b5:5c:f5:77:50:fe:ec:09:4a:d1:6a:
                    22:7a:62:19:2e:60:78:56:45:43:96:19:76:ae:e2:
                    e4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:EF:CC:4B:9A:CC:34:81:5C:1E:D5:43:38:87:C0:83:DB:F0:04:49
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:af:56:ac:51:7b:8c:3f:92:f4:4b:89:cb:26:be:81:ad:31:
         05:29:12:b1:6d:24:a3:44:3b:b6:9a:a7:b4:37:52:e7:28:89:
         84:3e:aa:85:ff:5a:11:24:a1:fd:5d:5e:c0:5d:c4:aa:62:f3:
         17:f5:cc:01:a2:27:a8:8b:20:17:17:f4:7c:ee:ec:01:a1:1c:
         92:ac:8f:61:c1:e8:ba:58:2c:75:8a:b5:34:49:c0:70:da:10:
         30:14:51:62:37:5f:dc:75:c9:c9:af:a5:50:ac:a0:7e:9b:d3:
         f9:41:b6:5c:4c:09:89:b3:b2:44:38:27:53:82:ee:4c:ec:ac:
         0f:80:21:fd:39:70:4b:d5:b3:e7:45:8e:06:ea:fd:63:e2:08:
         29:aa:19:60:6d:0d:5d:53:69:76:50:79:7e:02:e9:67:52:ab:
         b2:b8:1c:45:dd:8e:5e:4d:a8:b5:5f:b3:8c:1d:12:7b:c6:92:
         f8:f0:e8:44:33:c8:18:71:ef:c8:b8:10:5e:a8:7e:d9:88:ec:
         18:f7:82:9e:00:49:8c:52:58:59:e3:64:64:52:f0:01:78:27:
         7d:52:db:f0:26:24:0b:4b:6f:3e:fc:86:d1:cd:4e:d9:7c:47:
         9c:16:a6:01:f7:d3:6e:91:9c:4e:2c:b9:c5:c1:18:d8:7d:f9:
         4d:c7:26:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYBNlnS2RersGd/b/NjiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUwODIzMTAwMTE3WhcNMjUwODI0MTAwMTE3WjAzMTEwLwYDVQQD
EyhhMWVmY2M0YjlhY2MzNDgxNWMxZWQ1NDMzODg3YzA4M2RiZjAwNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEvGp2I9kerSzsmYLyYKXBxp2Mlm
ImFN7VyL306/V8APBWuFxlHM3V2URJ6FEz9ZArdZRw8zzoLp6no6byqthO5M35M4
5Nro1vtUclCUIDjTxnJE0I7YvcqNGHTXycX1cy6B7CrDN8FIICcJ8ROBLHduj/nv
o5XASFSpc31Db0ThS5mXjjtXlXUH5CKIw5ofhSjbUE//IhbZmMwtAVDkV2a+uMKg
ksBE8d4V9AnX+pIGAA63OmjnXltCUjUb4crRAUQM0h8xtvuETmrjVuuhgHwiCxIH
GO7cOD1ie3flLCGAOen5tVz1d1D+7AlK0WoiemIZLmB4VkVDlhl2ruLkRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHvzEuazDSBXB7VQziHwIPb8ARJMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgK9WrFF7
jD+S9EuJyya+ga0xBSkSsW0ko0Q7tpqntDdS5yiJhD6qhf9aESSh/V1ewF3EqmLz
F/XMAaInqIsgFxf0fO7sAaEckqyPYcHoulgsdYq1NEnAcNoQMBRRYjdf3HXJya+l
UKygfpvT+UG2XEwJibOyRDgnU4LuTOysD4Ah/TlwS9Wz50WOBur9Y+IIKaoZYG0N
XVNpdlB5fgLpZ1KrsrgcRd2OXk2otV+zjB0Se8aS+PDoRDPIGHHvyLgQXqh+2Yjs
GPeCngBJjFJYWeNkZFLwAXgnfVLb8CYkC0tvPvyG0c1O2XxHnBamAffTbpGcTiy5
xcEY2H35TccmWQ==
-----END CERTIFICATE-----