Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          rBXYay6U/GY9ucnEKqGVBRBj2DNVY0Y0lJcO4ETiQTE=
Subject key identifier:   2A:98:DA:D6:00:2C:BE:53:F5:74:78:90:4E:1D:59:49:8C:BA:B6:CB
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       019849D391BAD956946AADE0046B888FCDF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0BF3
Signing time:             Sun 27 Jul 2025 03:00:58 +0000
Manifest this update:     Sun 27 Jul 2025 03:00:58 +0000
Manifest next update:     Mon 28 Jul 2025 03:00:58 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: 9VXcHeknYxpvXj+axexHP7xZMfvSklDsTUBgDatEZQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:91:ba:d9:56:94:6a:ad:e0:04:6b:88:8f:cd:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Jul 27 03:00:58 2025 GMT
            Not After : Jul 28 03:00:58 2025 GMT
        Subject: CN=2a98dad6002cbe53f57478904e1d59498cbab6cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9f:5f:72:68:71:01:ac:1e:77:e7:26:f4:c3:
                    ba:a0:a0:4d:f3:6f:88:d4:a9:5e:2e:df:cd:e8:d9:
                    c3:ca:9b:54:ec:6d:45:31:04:ba:32:f4:fe:63:c2:
                    76:57:84:b3:29:28:04:8f:03:07:c1:98:4a:da:95:
                    02:37:bd:11:fc:21:83:74:b8:f9:27:06:88:d8:a3:
                    66:c4:86:c6:df:36:a9:74:1c:38:82:e0:d9:da:8a:
                    97:ad:36:a6:7a:a5:0b:4f:55:09:10:4e:ea:d8:12:
                    dc:4a:b1:30:1d:6f:84:ce:4c:61:d5:45:79:25:db:
                    1d:b7:f1:3e:a5:cb:cd:99:16:32:ea:5f:b8:3f:74:
                    f0:10:b8:a7:24:b4:10:a8:fa:90:34:70:d0:d7:25:
                    92:94:ba:b4:d8:78:93:cf:e0:e6:12:e9:63:c6:a7:
                    c4:10:88:87:78:3f:bf:c5:63:36:da:6b:1c:f8:10:
                    7f:cb:db:55:90:fa:24:b8:62:30:08:d0:53:7d:98:
                    48:f9:ab:e3:03:8d:18:ed:c0:76:91:c5:08:2a:31:
                    2f:13:25:d4:37:a5:fc:17:8c:9b:87:47:37:9e:65:
                    50:92:00:7d:d3:4c:35:5b:e1:d2:2c:88:ac:ae:a5:
                    46:ac:2d:d2:91:6e:4d:0e:23:23:fe:f9:d5:b4:b8:
                    d0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:98:DA:D6:00:2C:BE:53:F5:74:78:90:4E:1D:59:49:8C:BA:B6:CB
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:5b:0a:04:db:af:e5:39:41:fd:0c:29:19:d1:ce:eb:ae:46:
         b1:79:9b:cf:c2:d0:03:7d:bb:18:7d:7c:99:dd:d7:39:08:ed:
         6d:dc:d7:4e:66:06:03:5c:7a:7c:1f:f9:c5:8d:99:9a:85:7e:
         d6:78:9f:2e:b4:c3:5c:68:53:b5:80:93:a3:7c:a9:40:94:81:
         33:ad:6e:b8:5e:2f:a6:1a:37:f4:a0:bf:b3:cc:4a:80:7a:42:
         99:14:a0:c1:32:4f:3a:a0:dd:46:b2:d7:5f:39:1b:71:d0:5b:
         b2:b6:97:87:8e:1f:ed:07:98:b1:89:c1:e9:02:e7:36:b3:e5:
         ee:c3:d2:e4:36:e1:92:3d:f3:b6:8a:d4:ed:f8:e3:aa:6c:90:
         ee:f6:f8:8b:30:a4:3e:3d:19:48:71:10:59:ee:0d:c4:71:d3:
         17:79:b8:82:66:45:05:86:1f:d8:c0:7a:62:f3:1e:16:b5:fd:
         4b:62:fc:67:2f:4e:fb:3d:d1:f3:ef:e1:ec:be:0a:e6:13:ec:
         7d:a5:2a:16:b5:f7:95:12:eb:e7:46:13:92:9e:52:d1:8a:d0:
         a0:b2:53:e4:15:e0:ac:8b:93:ed:fd:8c:2b:82:13:ce:43:ba:
         38:47:12:f6:c0:56:0d:ca:bb:96:83:b4:44:cd:5a:d0:0c:3d:
         2b:81:2c:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ05G62VaUaq3gBGuIj83zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwNzI3MDMwMDU4WhcNMjUwNzI4MDMwMDU4WjAzMTEwLwYDVQQD
EygyYTk4ZGFkNjAwMmNiZTUzZjU3NDc4OTA0ZTFkNTk0OThjYmFiNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ9fcmhxAawed+cm9MO6oKBN82+I
1KleLt/N6NnDyptU7G1FMQS6MvT+Y8J2V4SzKSgEjwMHwZhK2pUCN70R/CGDdLj5
JwaI2KNmxIbG3zapdBw4guDZ2oqXrTameqULT1UJEE7q2BLcSrEwHW+Ezkxh1UV5
Jdsdt/E+pcvNmRYy6l+4P3TwELinJLQQqPqQNHDQ1yWSlLq02HiTz+DmEuljxqfE
EIiHeD+/xWM22msc+BB/y9tVkPokuGIwCNBTfZhI+avjA40Y7cB2kcUIKjEvEyXU
N6X8F4ybh0c3nmVQkgB900w1W+HSLIisrqVGrC3SkW5NDiMj/vnVtLjQoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqY2tYALL5T9XR4kE4dWUmMurbLMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq1sKBNuv
5TlB/QwpGdHO665GsXmbz8LQA327GH18md3XOQjtbdzXTmYGA1x6fB/5xY2ZmoV+
1nifLrTDXGhTtYCTo3ypQJSBM61uuF4vpho39KC/s8xKgHpCmRSgwTJPOqDdRrLX
XzkbcdBbsraXh44f7QeYsYnB6QLnNrPl7sPS5Dbhkj3ztorU7fjjqmyQ7vb4izCk
Pj0ZSHEQWe4NxHHTF3m4gmZFBYYf2MB6YvMeFrX9S2L8Zy9O+z3R8+/h7L4K5hPs
faUqFrX3lRLr50YTkp5S0YrQoLJT5BXgrIuT7f2MK4ITzkO6OEcS9sBWDcq7loO0
RM1a0Aw9K4EsDA==
-----END CERTIFICATE-----