Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
File:                     FHVOhj0RfOYhDylUYajGqgQ8bIA.mft (raw, json)
Hash identifier:          /xWIk4FJVN0cOe/ESuxbOfbdQ5FL4wqvxVDSK5JG26U=
Subject key identifier:   98:C9:76:DA:2A:43:46:0F:63:CD:51:AA:62:9B:39:57:A4:7A:C0:DC
Authority key identifier: 14:75:4E:86:3D:11:7C:E6:21:0F:29:54:61:A8:C6:AA:04:3C:6C:80
Certificate issuer:       /CN=14754e863d117ce6210f295461a8c6aa043c6c80
Certificate serial:       0197CE3B0E6160049257A0A96AD865280360
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
Manifest number:          15BD
Signing time:             Thu 03 Jul 2025 03:01:06 +0000
Manifest this update:     Thu 03 Jul 2025 03:01:06 +0000
Manifest next update:     Fri 04 Jul 2025 03:01:06 +0000
Files and hashes:         1: FHVOhj0RfOYhDylUYajGqgQ8bIA.crl (hash: JJbRw71RbB5VZv/XixQ5I2h8hM9Lx87M9dgIq26qBKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 03:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ce:3b:0e:61:60:04:92:57:a0:a9:6a:d8:65:28:03:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14754e863d117ce6210f295461a8c6aa043c6c80
        Validity
            Not Before: Jul  3 03:01:06 2025 GMT
            Not After : Jul  4 03:01:06 2025 GMT
        Subject: CN=98c976da2a43460f63cd51aa629b3957a47ac0dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1c:f9:71:b5:6f:f3:3d:d6:8c:a6:59:9c:c4:
                    6d:73:66:c0:e9:87:13:6b:d5:ab:75:e3:d9:5b:ba:
                    a6:85:59:42:47:45:e9:a9:dc:04:f4:79:f3:b5:2b:
                    54:aa:3d:bb:f2:dd:49:7f:55:4c:bb:ac:8b:3b:23:
                    39:18:52:4b:49:98:8f:76:7e:aa:89:53:4b:fd:7e:
                    ab:f2:e3:dd:2b:26:91:50:37:2c:31:06:f6:0d:4f:
                    2b:9c:93:e7:52:78:95:bc:e2:e7:f2:4e:ab:aa:5e:
                    b4:f7:fa:c1:5e:a8:6d:f3:65:23:ef:c2:84:d5:3d:
                    60:47:a5:f7:65:f4:96:f5:65:12:7c:f2:9b:7e:7c:
                    62:b6:4f:74:a1:f5:83:b5:4d:1d:44:02:44:ef:74:
                    be:29:aa:5d:23:73:32:d4:64:e7:24:ea:b4:ba:72:
                    03:55:1f:56:46:5b:21:58:c5:3e:1e:8c:9a:7f:df:
                    3b:c6:8b:c9:96:68:49:c0:7f:1a:be:d3:ec:b1:d8:
                    94:61:48:f9:c8:62:a2:c3:af:52:64:8a:d8:1b:9d:
                    61:bc:d0:d9:e1:bf:25:c8:3b:2a:2d:ec:46:9e:41:
                    93:5f:be:a9:b7:e6:ac:b4:d6:b6:f9:62:3c:4c:75:
                    d6:e7:82:15:77:38:12:ff:f2:43:b3:3e:cf:b7:b2:
                    90:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C9:76:DA:2A:43:46:0F:63:CD:51:AA:62:9B:39:57:A4:7A:C0:DC
            X509v3 Authority Key Identifier:
                keyid:14:75:4E:86:3D:11:7C:E6:21:0F:29:54:61:A8:C6:AA:04:3C:6C:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:42:e4:c9:39:91:2c:e7:ea:0d:3b:2b:ca:9b:35:3e:5e:62:
         d7:48:e7:4e:37:e5:7a:c5:c1:75:86:36:a5:9a:64:e8:e5:a5:
         d1:01:c2:59:3b:40:8c:af:de:b2:dd:86:b6:eb:03:0e:49:57:
         a2:67:0e:7b:19:57:48:ca:6e:94:21:0f:bb:1c:f4:79:cd:d1:
         87:92:fb:dc:5b:9b:54:0f:5b:e8:a9:8b:d5:6a:dc:94:2f:b8:
         a3:65:9e:11:f8:6e:0c:2d:54:9e:af:f4:e4:ff:fa:3f:ec:e1:
         68:ce:55:dc:3c:ff:35:58:4a:3d:97:ba:cf:44:5b:95:96:d4:
         43:1b:87:b3:87:a6:15:c8:e3:72:fe:8d:79:ce:ce:1d:9b:7e:
         74:6f:f4:3f:9b:5d:bc:84:c9:7b:ce:59:da:70:63:6c:a3:94:
         f4:93:ec:73:8c:1b:08:b0:69:66:14:26:82:92:08:9c:8e:40:
         88:66:9b:a0:71:39:d4:5e:b9:e0:96:8b:1d:1b:a2:83:31:85:
         f3:01:15:08:c5:9a:10:51:63:7a:d8:bf:ad:23:9c:1e:60:07:
         74:11:fa:ba:23:6b:ce:5d:31:47:06:46:d4:cb:1c:d8:01:7f:
         57:8e:c7:6b:fc:53:a5:f0:dd:f3:dc:30:c0:60:2c:48:a3:80:
         ef:58:eb:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfOOw5hYASSV6CpathlKANgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzU0ZTg2M2QxMTdjZTYyMTBmMjk1NDYxYThjNmFhMDQz
YzZjODAwHhcNMjUwNzAzMDMwMTA2WhcNMjUwNzA0MDMwMTA2WjAzMTEwLwYDVQQD
Eyg5OGM5NzZkYTJhNDM0NjBmNjNjZDUxYWE2MjliMzk1N2E0N2FjMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBz5cbVv8z3WjKZZnMRtc2bA6YcT
a9WrdePZW7qmhVlCR0XpqdwE9HnztStUqj278t1Jf1VMu6yLOyM5GFJLSZiPdn6q
iVNL/X6r8uPdKyaRUDcsMQb2DU8rnJPnUniVvOLn8k6rql609/rBXqht82Uj78KE
1T1gR6X3ZfSW9WUSfPKbfnxitk90ofWDtU0dRAJE73S+KapdI3My1GTnJOq0unID
VR9WRlshWMU+Hoyaf987xovJlmhJwH8avtPssdiUYUj5yGKiw69SZIrYG51hvNDZ
4b8lyDsqLexGnkGTX76pt+astNa2+WI8THXW54IVdzgS//JDsz7Pt7KQOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjJdtoqQ0YPY81RqmKbOVekesDcMB8GA1UdIwQY
MBaAFBR1ToY9EXzmIQ8pVGGoxqoEPGyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kOWMzYzAtMmVhZi00MzI2LThlZTIt
YTdkODBlNjAwODQ0LzEvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kOWMzYzAtMmVhZi00MzI2LThlZTItYTdkODBlNjAwODQ0
LzEvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHULkyTmR
LOfqDTsryps1Pl5i10jnTjflesXBdYY2pZpk6OWl0QHCWTtAjK/est2GtusDDklX
omcOexlXSMpulCEPuxz0ec3Rh5L73FubVA9b6KmL1WrclC+4o2WeEfhuDC1Unq/0
5P/6P+zhaM5V3Dz/NVhKPZe6z0RblZbUQxuHs4emFcjjcv6Nec7OHZt+dG/0P5td
vITJe85Z2nBjbKOU9JPsc4wbCLBpZhQmgpIInI5AiGaboHE51F654JaLHRuigzGF
8wEVCMWaEFFjeti/rSOcHmAHdBH6uiNrzl0xRwZG1Msc2AF/V47Ha/xTpfDd89ww
wGAsSKOA71jrSw==
-----END CERTIFICATE-----