Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          foaZFxwXZWoMpN6IAhtz9OV+8uCGpgWW0fEpznqR7p4=
Subject key identifier:   04:E3:D3:F5:D3:96:74:4F:8F:6F:61:46:D6:44:B0:C8:AA:88:14:C3
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       01984DE6C0820115DEF6A5A2B32FC968B15B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          1609
Signing time:             Sun 27 Jul 2025 22:00:24 +0000
Manifest this update:     Sun 27 Jul 2025 22:00:24 +0000
Manifest next update:     Mon 28 Jul 2025 22:00:24 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: y0e4NDGXhvm4dzXONi2mcHZ2los4WUl0Y8WjGWL6vXo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 18:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4d:e6:c0:82:01:15:de:f6:a5:a2:b3:2f:c9:68:b1:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Jul 27 22:00:24 2025 GMT
            Not After : Jul 28 22:00:24 2025 GMT
        Subject: CN=04e3d3f5d396744f8f6f6146d644b0c8aa8814c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:92:b9:02:a5:48:81:4c:99:87:fa:68:32:91:
                    0f:de:4e:01:d4:2b:0f:c8:28:e2:4f:25:53:89:70:
                    85:30:98:aa:98:ed:5a:e6:e6:ae:a0:5e:e2:de:32:
                    a4:73:9e:db:bf:9e:43:b0:c0:2c:6f:c2:fc:fe:f3:
                    f5:06:3d:38:be:a7:45:4c:e4:c1:78:57:35:83:24:
                    67:06:11:d4:1d:5a:73:a9:b1:75:d4:33:db:ae:ea:
                    a8:a5:3a:dc:50:5b:1e:fb:f2:68:08:43:ef:4a:cd:
                    fc:9d:fd:a7:06:25:65:ad:5f:6e:1d:08:95:f2:9d:
                    bf:7c:c7:0e:53:3b:6c:0d:2c:fe:2d:e6:4a:5e:64:
                    81:53:cc:6e:f4:7a:27:00:8b:e7:99:79:6b:5f:bd:
                    dd:22:b3:d9:3e:1a:af:2a:00:d6:a8:18:5c:e0:52:
                    04:66:b2:28:c3:ed:3c:07:2f:33:2d:bd:38:d9:ad:
                    c1:e2:4c:5c:d5:40:82:20:19:13:9b:7e:c6:f0:ff:
                    0e:d2:52:7a:56:c4:01:99:d2:12:05:c8:f2:c3:f9:
                    55:f0:7f:f2:ed:c4:d7:2d:b5:40:b2:ae:b0:b1:07:
                    57:06:62:8e:65:ab:53:6d:93:bc:a7:a5:81:9e:c5:
                    26:7a:6e:ce:1c:13:5e:61:cb:9d:7a:b7:72:79:67:
                    ec:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E3:D3:F5:D3:96:74:4F:8F:6F:61:46:D6:44:B0:C8:AA:88:14:C3
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:e1:5b:31:54:c3:fa:d2:a6:83:7c:50:d8:8a:75:20:78:a9:
         fc:03:ef:da:32:c4:23:f2:5a:76:05:2a:6f:a1:24:4f:48:ef:
         56:1c:18:83:79:00:45:5d:1f:2a:6e:e5:91:20:ce:c0:d1:ce:
         b6:f7:03:01:13:72:58:27:02:2d:ac:8a:59:a7:f9:a6:b4:0d:
         f5:c0:d6:88:27:d7:ab:d6:5e:1f:f9:30:e5:9e:37:ec:a4:30:
         fe:d2:47:23:c1:6a:b2:ca:ca:dc:93:63:3a:1e:c4:f8:e9:af:
         7d:db:4b:f7:a9:61:e9:1d:4f:6c:15:dd:de:87:18:b6:61:46:
         d1:bb:8a:1e:41:0d:26:fc:2c:80:ce:0e:b4:c9:b9:8a:fc:8e:
         b4:c2:87:09:81:f0:e8:df:ed:1b:c3:38:6c:12:26:89:e4:81:
         19:f4:5e:6a:59:b5:5b:c3:6d:63:0e:e3:76:99:ed:1c:15:5b:
         fd:9f:5f:1d:95:7c:c3:01:86:51:51:48:90:9d:e2:ac:8b:d7:
         26:38:b4:e3:d7:87:f7:26:cd:18:06:ee:21:ab:fe:42:f5:2e:
         2e:04:5f:de:d8:e8:8d:43:06:20:2a:33:68:42:bf:a6:7a:3f:
         3e:18:33:2a:0d:1b:d3:43:54:c0:14:52:24:e4:07:0e:89:bb:
         d6:9a:d2:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhN5sCCARXe9qWisy/JaLFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUwNzI3MjIwMDI0WhcNMjUwNzI4MjIwMDI0WjAzMTEwLwYDVQQD
EygwNGUzZDNmNWQzOTY3NDRmOGY2ZjYxNDZkNjQ0YjBjOGFhODgxNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5K5AqVIgUyZh/poMpEP3k4B1CsP
yCjiTyVTiXCFMJiqmO1a5uauoF7i3jKkc57bv55DsMAsb8L8/vP1Bj04vqdFTOTB
eFc1gyRnBhHUHVpzqbF11DPbruqopTrcUFse+/JoCEPvSs38nf2nBiVlrV9uHQiV
8p2/fMcOUztsDSz+LeZKXmSBU8xu9HonAIvnmXlrX73dIrPZPhqvKgDWqBhc4FIE
ZrIow+08By8zLb042a3B4kxc1UCCIBkTm37G8P8O0lJ6VsQBmdISBcjyw/lV8H/y
7cTXLbVAsq6wsQdXBmKOZatTbZO8p6WBnsUmem7OHBNeYcuderdyeWfsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATj0/XTlnRPj29hRtZEsMiqiBTDMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOFbMVTD
+tKmg3xQ2Ip1IHip/APv2jLEI/JadgUqb6EkT0jvVhwYg3kARV0fKm7lkSDOwNHO
tvcDARNyWCcCLayKWaf5prQN9cDWiCfXq9ZeH/kw5Z437KQw/tJHI8FqssrK3JNj
Oh7E+OmvfdtL96lh6R1PbBXd3ocYtmFG0buKHkENJvwsgM4OtMm5ivyOtMKHCYHw
6N/tG8M4bBImieSBGfRealm1W8NtYw7jdpntHBVb/Z9fHZV8wwGGUVFIkJ3irIvX
Jji049eH9ybNGAbuIav+QvUuLgRf3tjojUMGICozaEK/pno/PhgzKg0b00NUwBRS
JOQHDom71prSRw==
-----END CERTIFICATE-----