Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
File:                     SO3JpU4ccjtWqu330BVAxbNr2rY.mft (raw, json)
Hash identifier:          H3fsNWByYtqBmBVkmFuf3DfLRXy5ebweIhj2JxLl4tI=
Subject key identifier:   BD:84:C6:C7:69:42:C5:57:83:13:94:B4:91:6B:D9:DD:8E:7E:2C:83
Authority key identifier: 48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6
Certificate issuer:       /CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
Certificate serial:       0199225566D36B3398420C6F6693D9095E2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
Manifest number:          65
Signing time:             Sun 07 Sep 2025 04:00:46 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:46 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:46 +0000
Files and hashes:         1: SO3JpU4ccjtWqu330BVAxbNr2rY.crl (hash: CfBDIaKt+YW++JaR4z/RbGHUgsXOjDb8sM9XmfDZWGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:66:d3:6b:33:98:42:0c:6f:66:93:d9:09:5e:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
        Validity
            Not Before: Sep  7 04:00:46 2025 GMT
            Not After : Sep  8 04:00:46 2025 GMT
        Subject: CN=bd84c6c76942c557831394b4916bd9dd8e7e2c83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:ef:49:04:bf:40:4f:e1:eb:ec:e9:2f:d7:d7:
                    30:a5:67:4a:f6:a5:28:63:17:0c:cd:c7:0f:85:5d:
                    d3:de:52:8a:7c:77:a2:b4:32:fb:d9:a6:a6:a3:b4:
                    3c:ee:93:9a:0b:08:9c:35:6a:7a:18:93:58:7f:4c:
                    bb:73:1b:63:79:98:54:09:fc:88:29:6c:16:ec:cd:
                    fb:8b:13:bd:73:64:e6:c2:07:00:a5:07:1e:25:97:
                    ae:51:8a:1c:c3:2b:98:45:96:dc:ee:fa:3c:32:a9:
                    82:14:b2:3a:74:13:94:70:38:79:6b:72:be:3a:ad:
                    d5:9f:eb:b7:c6:1b:37:89:13:58:f8:03:c0:41:3d:
                    1d:8d:af:76:2f:c3:da:01:ba:af:31:27:64:fe:cf:
                    58:02:5a:d0:03:96:61:af:a4:0f:2e:5b:d8:9b:3c:
                    12:eb:6c:53:e8:3a:ea:0a:6d:31:58:72:d1:cf:fb:
                    8f:a3:87:a8:86:19:e4:fa:03:1b:58:69:1f:9a:18:
                    50:81:4d:c4:b3:db:5f:0e:c8:63:8a:78:3c:ff:a6:
                    36:f8:46:43:6f:d1:06:a2:c6:a1:13:7a:17:fb:bc:
                    7b:d8:f1:4d:ac:67:5d:e5:0a:81:39:b2:44:9d:e7:
                    12:4e:ae:f9:ef:9b:3b:8b:60:1c:73:cb:00:2e:5b:
                    00:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:84:C6:C7:69:42:C5:57:83:13:94:B4:91:6B:D9:DD:8E:7E:2C:83
            X509v3 Authority Key Identifier:
                keyid:48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:5f:ca:fe:67:1b:94:47:50:7a:b1:77:88:ef:c5:14:a8:33:
         c9:2b:9f:96:19:dd:33:d4:ad:46:f8:44:06:8b:31:62:98:60:
         00:f6:ee:ca:83:52:2d:40:2b:c5:af:bb:ce:f2:0a:e3:2f:2e:
         a3:f2:c4:3e:5b:9a:f7:e1:a6:51:12:c0:63:c9:12:43:fc:14:
         a1:30:2d:5b:19:f5:36:3e:b7:41:dc:5c:3c:99:cf:d2:4e:d8:
         e5:73:0c:e7:a4:ff:44:95:7b:96:f2:31:cb:2c:8b:bc:a7:be:
         29:02:b6:c8:d3:30:2a:69:ff:da:44:c1:09:cd:0e:6a:29:c5:
         b8:5a:87:77:ab:4e:7c:a3:62:7b:99:12:b3:f2:c6:d9:86:6d:
         53:f2:49:5d:51:a5:a2:18:9d:c9:0a:05:b6:75:12:2e:52:f1:
         f1:50:9a:18:59:0a:7c:20:29:17:86:0f:67:ba:c7:22:cb:37:
         b1:85:2c:c6:24:ba:63:21:0f:f6:63:79:b3:b3:1c:2e:12:15:
         48:cc:89:6f:f9:d5:63:08:af:b6:3c:4b:5d:ba:b3:39:4e:5b:
         d1:8e:c6:8a:cc:f1:91:f4:37:db:e6:1d:43:dd:ab:6d:54:26:
         bd:14:c6:3b:46:56:0a:6c:b1:26:92:4f:4c:2b:f5:30:55:87:
         6f:34:08:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVWbTazOYQgxvZpPZCV4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZWRjOWE1NGUxYzcyM2I1NmFhZWRmN2QwMTU0MGM1YjM2
YmRhYjYwHhcNMjUwOTA3MDQwMDQ2WhcNMjUwOTA4MDQwMDQ2WjAzMTEwLwYDVQQD
EyhiZDg0YzZjNzY5NDJjNTU3ODMxMzk0YjQ5MTZiZDlkZDhlN2UyYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O9JBL9AT+Hr7Okv19cwpWdK9qUo
YxcMzccPhV3T3lKKfHeitDL72aamo7Q87pOaCwicNWp6GJNYf0y7cxtjeZhUCfyI
KWwW7M37ixO9c2TmwgcApQceJZeuUYocwyuYRZbc7vo8MqmCFLI6dBOUcDh5a3K+
Oq3Vn+u3xhs3iRNY+APAQT0dja92L8PaAbqvMSdk/s9YAlrQA5Zhr6QPLlvYmzwS
62xT6DrqCm0xWHLRz/uPo4eohhnk+gMbWGkfmhhQgU3Es9tfDshjing8/6Y2+EZD
b9EGosahE3oX+7x72PFNrGdd5QqBObJEnecSTq7575s7i2Acc8sALlsAOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2ExsdpQsVXgxOUtJFr2d2OfiyDMB8GA1UdIwQY
MBaAFEjtyaVOHHI7Vqrt99AVQMWza9q2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMt
YzJhNmFlMGJmNmJlLzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMtYzJhNmFlMGJmNmJl
LzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1/K/mcb
lEdQerF3iO/FFKgzySuflhndM9StRvhEBosxYphgAPbuyoNSLUArxa+7zvIK4y8u
o/LEPlua9+GmURLAY8kSQ/wUoTAtWxn1Nj63QdxcPJnP0k7Y5XMM56T/RJV7lvIx
yyyLvKe+KQK2yNMwKmn/2kTBCc0OainFuFqHd6tOfKNie5kSs/LG2YZtU/JJXVGl
ohidyQoFtnUSLlLx8VCaGFkKfCApF4YPZ7rHIss3sYUsxiS6YyEP9mN5s7McLhIV
SMyJb/nVYwivtjxLXbqzOU5b0Y7GiszxkfQ32+YdQ92rbVQmvRTGO0ZWCmyxJpJP
TCv1MFWHbzQIBw==
-----END CERTIFICATE-----