Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
File:                     b_rHiuobz0OKYe-RUCRI9glkHS0.mft (raw, json)
Hash identifier:          4PdvtRedmdxNPQQr0gqHRNEhCiHrQrpz6OmPENtbaFA=
Subject key identifier:   E3:CB:3B:0A:2F:BF:23:6D:D9:CF:2A:11:20:29:2A:DA:99:9B:E4:5C
Authority key identifier: 6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D
Certificate issuer:       /CN=6ffac78aea1bcf438a61ef91502448f609641d2d
Certificate serial:       01985268CAF422EF4D9F2A731AD5D6C2F23E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
Manifest number:          1297
Signing time:             Mon 28 Jul 2025 19:00:55 +0000
Manifest this update:     Mon 28 Jul 2025 19:00:55 +0000
Manifest next update:     Tue 29 Jul 2025 19:00:55 +0000
Files and hashes:         1: b_rHiuobz0OKYe-RUCRI9glkHS0.crl (hash: ScqkXw7/HTDI0S8TYm4O6SXHEMqKiVda132cXhXeJwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 19:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:52:68:ca:f4:22:ef:4d:9f:2a:73:1a:d5:d6:c2:f2:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ffac78aea1bcf438a61ef91502448f609641d2d
        Validity
            Not Before: Jul 28 19:00:55 2025 GMT
            Not After : Jul 29 19:00:55 2025 GMT
        Subject: CN=e3cb3b0a2fbf236dd9cf2a1120292ada999be45c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a6:6f:f2:54:7f:7e:dd:f4:b2:0e:4a:fa:4f:
                    e5:ae:56:24:e4:64:af:be:90:e2:21:91:e2:df:4b:
                    8b:fa:a8:e4:96:50:ff:37:94:0b:65:01:e6:3c:bf:
                    a8:16:61:a5:26:4e:6c:d9:2b:0d:10:54:b4:13:0f:
                    dd:4a:fa:2c:d6:e4:49:14:e2:ae:da:bb:0c:64:b2:
                    18:7e:31:d8:51:87:d7:3e:dd:ac:c6:17:4f:02:05:
                    88:33:ad:60:18:b6:cc:e4:18:fb:01:6a:97:3e:0e:
                    24:1f:78:c9:4b:e8:3a:e0:e0:fb:d9:3d:be:ec:44:
                    de:43:11:4b:32:22:c7:87:82:1f:c7:01:1f:b2:50:
                    8f:37:18:96:ad:91:1a:ab:5a:88:1d:90:81:40:53:
                    7a:48:25:7c:87:45:50:b8:93:38:50:03:ac:b6:c9:
                    b0:ac:86:f4:05:34:fe:42:c9:f0:fb:ed:b8:a9:60:
                    c5:4c:99:1d:ef:0e:31:c7:7d:0f:10:10:45:b4:c4:
                    05:e6:b2:8d:bc:c1:3c:75:3d:38:c1:fa:a3:a5:69:
                    47:ec:1b:68:f4:1e:9e:13:6f:8f:72:0f:04:47:b1:
                    40:36:68:2c:02:1b:ef:48:bd:c8:e2:b3:6a:ce:29:
                    f4:7d:55:9e:a6:3e:9b:ef:07:a9:94:dc:83:da:08:
                    ff:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:CB:3B:0A:2F:BF:23:6D:D9:CF:2A:11:20:29:2A:DA:99:9B:E4:5C
            X509v3 Authority Key Identifier:
                keyid:6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:72:cc:6c:14:a4:ad:d9:3d:e5:98:c7:84:cc:d0:1a:02:a1:
         1c:ed:76:47:ef:37:c6:36:ae:a2:20:ca:57:c8:3e:b8:86:41:
         ac:9f:e0:53:0e:40:f0:3e:58:68:08:7e:14:b3:aa:f2:c6:eb:
         ff:4e:b7:6b:ff:9b:d9:53:e1:2c:1f:1c:79:1c:1f:1d:ba:a2:
         2a:e1:a8:12:29:d4:1b:2e:e2:44:62:14:04:05:b1:a0:b1:47:
         a2:96:a8:57:6e:bc:4f:c6:da:12:af:68:01:45:72:c6:b3:e1:
         5a:18:fe:81:28:30:e0:89:1a:ef:26:51:78:c0:e7:6c:69:d8:
         b0:01:c0:db:04:81:1b:1f:ec:a6:3a:d7:01:1c:da:30:9f:ee:
         4b:43:36:d2:f1:92:9d:fa:0b:87:1e:84:e1:e8:e4:c1:c4:7b:
         2f:10:ee:bf:b7:88:40:3b:c7:ad:d1:e0:21:43:9f:0d:28:59:
         ba:b3:8a:67:c6:c7:20:5a:bb:f3:3c:ce:c8:0d:bc:9b:76:8b:
         d3:80:0e:e5:c7:80:fb:d2:03:5e:ab:6c:b1:0a:6e:56:ce:9f:
         88:f2:92:33:17:ed:55:4d:e2:bb:50:8d:a0:07:e2:87:d1:bd:
         6b:50:9d:19:29:f2:dc:80:3f:68:cf:29:b9:34:0d:1f:d5:ba:
         6e:47:47:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSaMr0Iu9NnypzGtXWwvI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmFjNzhhZWExYmNmNDM4YTYxZWY5MTUwMjQ0OGY2MDk2
NDFkMmQwHhcNMjUwNzI4MTkwMDU1WhcNMjUwNzI5MTkwMDU1WjAzMTEwLwYDVQQD
EyhlM2NiM2IwYTJmYmYyMzZkZDljZjJhMTEyMDI5MmFkYTk5OWJlNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaZv8lR/ft30sg5K+k/lrlYk5GSv
vpDiIZHi30uL+qjkllD/N5QLZQHmPL+oFmGlJk5s2SsNEFS0Ew/dSvos1uRJFOKu
2rsMZLIYfjHYUYfXPt2sxhdPAgWIM61gGLbM5Bj7AWqXPg4kH3jJS+g64OD72T2+
7ETeQxFLMiLHh4IfxwEfslCPNxiWrZEaq1qIHZCBQFN6SCV8h0VQuJM4UAOstsmw
rIb0BTT+Qsnw++24qWDFTJkd7w4xx30PEBBFtMQF5rKNvME8dT04wfqjpWlH7Bto
9B6eE2+Pcg8ER7FANmgsAhvvSL3I4rNqzin0fVWepj6b7weplNyD2gj/dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPLOwovvyNt2c8qESApKtqZm+RcMB8GA1UdIwQY
MBaAFG/6x4rqG89DimHvkVAkSPYJZB0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAt
MGMzNDM1MTNhZGUzLzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAtMGMzNDM1MTNhZGUz
LzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnLMbBSk
rdk95ZjHhMzQGgKhHO12R+83xjauoiDKV8g+uIZBrJ/gUw5A8D5YaAh+FLOq8sbr
/063a/+b2VPhLB8ceRwfHbqiKuGoEinUGy7iRGIUBAWxoLFHopaoV268T8baEq9o
AUVyxrPhWhj+gSgw4Ika7yZReMDnbGnYsAHA2wSBGx/spjrXARzaMJ/uS0M20vGS
nfoLhx6E4ejkwcR7LxDuv7eIQDvHrdHgIUOfDShZurOKZ8bHIFq78zzOyA28m3aL
04AO5ceA+9IDXqtssQpuVs6fiPKSMxftVU3iu1CNoAfih9G9a1CdGSny3IA/aM8p
uTQNH9W6bkdHfQ==
-----END CERTIFICATE-----