Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          YPGN07UBxYCUq/aOnuoTn7+iWOowG7OWbQ2fR6o9WN4=
Subject key identifier:   0D:EC:DD:6A:26:F4:B3:C3:6F:29:0C:38:E0:70:83:F1:CE:22:E3:78
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       0198D4E0662DC21F9DE4370B9D1AF4DE241E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:12 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: XAFhV7B4IY3sSpCZY2wtGs9oGpBiSMT3VjgDYFksdas=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:66:2d:c2:1f:9d:e4:37:0b:9d:1a:f4:de:24:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Aug 23 03:02:12 2025 GMT
            Not After : Aug 24 03:02:12 2025 GMT
        Subject: CN=0decdd6a26f4b3c36f290c38e07083f1ce22e378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5a:4d:2c:3c:88:2b:ac:fb:5a:09:b3:d8:93:
                    6b:c2:c4:43:df:e2:75:ad:54:13:78:52:67:d7:92:
                    08:3b:58:22:48:7d:2d:0b:a8:51:82:8d:2a:e7:65:
                    94:0c:ee:8f:72:44:bd:2c:1f:2c:d6:de:00:8a:3a:
                    04:86:65:09:5c:1f:47:10:23:28:22:bb:3f:cc:17:
                    0f:ee:e5:6f:9b:bb:87:2f:c3:ae:14:6e:18:66:10:
                    2a:e2:a5:af:20:b6:7b:91:d3:fd:3f:e7:3f:a9:f4:
                    c0:bc:41:13:69:4f:11:ef:bd:c7:38:85:c1:12:19:
                    6f:52:a7:07:12:e8:2f:ec:c3:99:eb:77:0e:c8:14:
                    3b:5d:3b:fa:cb:8e:de:55:97:ef:1f:2c:98:b0:62:
                    95:6b:2e:7b:a5:79:dd:33:d7:d2:b7:df:f5:5c:d4:
                    b0:8a:c0:97:80:ac:37:97:35:4f:ba:3c:85:16:cb:
                    a6:95:7e:0e:1a:f9:4c:9a:88:94:90:57:38:5d:67:
                    8a:63:8a:1d:85:6e:cb:d3:77:0b:56:74:82:6a:b4:
                    3f:76:18:a8:73:20:45:a8:c1:0e:08:e5:5d:2e:c1:
                    0a:76:26:31:fa:c1:c7:b7:a3:7d:88:3b:ac:e9:71:
                    88:b4:a5:a1:01:c3:d7:9f:f6:18:cf:1c:81:19:02:
                    79:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:EC:DD:6A:26:F4:B3:C3:6F:29:0C:38:E0:70:83:F1:CE:22:E3:78
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:49:6f:01:26:1a:df:13:e3:96:f8:44:d2:bf:e7:a2:6d:52:
         98:4f:63:be:e2:7f:fc:a0:02:c9:9b:a8:05:ac:82:19:32:7e:
         12:b0:fb:31:55:25:b4:d8:b2:e1:15:f8:35:10:b1:ee:d8:a9:
         41:11:e6:8a:22:a0:c6:cb:88:ed:12:32:e9:21:cf:06:ff:0c:
         cb:c3:45:cf:73:a7:b5:11:f3:4c:59:45:99:36:76:c1:a6:88:
         f7:4a:34:7c:3d:32:b4:c8:1f:56:2a:40:96:13:c0:4f:18:f8:
         70:b9:d8:da:73:c5:2f:ec:fa:23:1b:a5:14:63:b0:55:bb:35:
         4a:f8:6a:ef:d2:3a:da:7e:57:67:34:0d:1d:d8:ca:84:bd:76:
         2f:54:9e:c2:1f:bb:ca:11:09:e4:75:8e:45:ee:20:7d:70:bb:
         28:5d:61:73:8e:17:cb:d2:35:27:ab:84:f2:6f:a2:fc:8c:83:
         e9:b3:1c:1f:82:05:63:d6:2b:50:f7:95:26:66:5a:76:6e:75:
         f9:e2:cf:8b:30:0a:63:20:0e:2a:56:c2:e1:6d:ed:4a:14:d9:
         22:c7:e4:cc:b4:d0:76:1c:c2:6a:ec:8c:5a:b8:e9:13:ab:ac:
         06:04:13:a8:63:e9:4e:22:4e:97:44:a9:d9:33:29:f2:2c:d3:
         9d:0e:85:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4GYtwh+d5DcLnRr03iQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwODIzMDMwMjEyWhcNMjUwODI0MDMwMjEyWjAzMTEwLwYDVQQD
EygwZGVjZGQ2YTI2ZjRiM2MzNmYyOTBjMzhlMDcwODNmMWNlMjJlMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lpNLDyIK6z7Wgmz2JNrwsRD3+J1
rVQTeFJn15IIO1giSH0tC6hRgo0q52WUDO6PckS9LB8s1t4AijoEhmUJXB9HECMo
Irs/zBcP7uVvm7uHL8OuFG4YZhAq4qWvILZ7kdP9P+c/qfTAvEETaU8R773HOIXB
EhlvUqcHEugv7MOZ63cOyBQ7XTv6y47eVZfvHyyYsGKVay57pXndM9fSt9/1XNSw
isCXgKw3lzVPujyFFsumlX4OGvlMmoiUkFc4XWeKY4odhW7L03cLVnSCarQ/dhio
cyBFqMEOCOVdLsEKdiYx+sHHt6N9iDus6XGItKWhAcPXn/YYzxyBGQJ5AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3s3Wom9LPDbykMOOBwg/HOIuN4MB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0lvASYa
3xPjlvhE0r/nom1SmE9jvuJ//KACyZuoBayCGTJ+ErD7MVUltNiy4RX4NRCx7tip
QRHmiiKgxsuI7RIy6SHPBv8My8NFz3OntRHzTFlFmTZ2waaI90o0fD0ytMgfVipA
lhPATxj4cLnY2nPFL+z6IxulFGOwVbs1Svhq79I62n5XZzQNHdjKhL12L1Sewh+7
yhEJ5HWORe4gfXC7KF1hc44Xy9I1J6uE8m+i/IyD6bMcH4IFY9YrUPeVJmZadm51
+eLPizAKYyAOKlbC4W3tShTZIsfkzLTQdhzCauyMWrjpE6usBgQTqGPpTiJOl0Sp
2TMp8izTnQ6FWw==
-----END CERTIFICATE-----