Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          mqZH+bN4wVspkmiPz7J+5Uhsvcym6c5bnaCsAtZPZ5Q=
Subject key identifier:   8F:7D:DD:16:B0:02:8F:AB:06:6B:50:AB:00:91:36:A3:09:F0:AE:9C
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0198D84F2BFA487981B7FB234DC19D7FB4F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          06DC
Signing time:             Sat 23 Aug 2025 19:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:03 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: 0HYMUDxox2KY4ljz1ev4111AI4E0mMfadX9bd7bXel0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:2b:fa:48:79:81:b7:fb:23:4d:c1:9d:7f:b4:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Aug 23 19:02:03 2025 GMT
            Not After : Aug 24 19:02:03 2025 GMT
        Subject: CN=8f7ddd16b0028fab066b50ab009136a309f0ae9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5a:f3:d1:a9:36:a9:29:3e:23:a6:a9:85:27:
                    a1:0e:85:00:21:48:54:ba:b6:91:c1:2d:c4:0d:a0:
                    37:b7:26:79:75:53:d1:e2:13:be:b0:e3:30:eb:d0:
                    e2:0a:ad:c5:a1:15:d6:f9:e8:26:48:27:3c:2f:83:
                    9b:a7:fb:0a:fd:19:f8:49:9f:55:f8:a0:a1:3f:a1:
                    6c:b9:00:97:dc:54:cb:30:74:4d:b4:3a:64:34:6a:
                    03:b1:90:f5:ba:b7:eb:5f:6b:b7:df:42:31:b4:77:
                    ed:ad:77:c9:6b:b3:82:47:a5:b3:dc:81:fb:fb:6c:
                    9e:af:2d:f2:68:4c:24:47:ba:9c:36:c0:cd:be:7a:
                    29:79:e6:f2:c8:40:ef:e1:02:ec:15:c3:28:6b:bc:
                    db:5e:8e:e8:f7:be:5f:9c:3f:e3:d7:d1:2a:94:b2:
                    62:4d:06:0b:8e:c1:59:58:43:cd:e3:cb:7a:03:22:
                    7a:27:3b:4f:24:90:d6:b9:fd:a0:53:2a:07:f5:37:
                    d1:29:f7:74:ee:15:81:1b:59:fc:a3:74:d7:86:bc:
                    84:6c:fa:5a:8a:bb:33:38:f4:b5:cc:54:65:70:28:
                    b8:ae:b4:60:3d:5c:71:6d:bd:18:19:bd:5c:a0:3a:
                    99:37:4d:db:ce:88:8b:0b:88:ce:dd:0d:4e:1e:81:
                    e9:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7D:DD:16:B0:02:8F:AB:06:6B:50:AB:00:91:36:A3:09:F0:AE:9C
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:60:1b:87:e1:2d:f4:7c:71:8b:f8:62:c9:36:1d:9e:e8:47:
         a7:79:56:61:b6:8d:28:a2:8b:cd:f7:de:ed:01:3b:6e:2d:92:
         80:87:b2:95:4b:c6:43:61:87:a5:ea:61:b9:4d:8c:cb:65:f8:
         d1:1a:70:53:df:6d:af:ce:90:22:12:f8:77:a1:c2:37:0d:a1:
         70:9c:67:d7:76:71:9f:87:cd:8e:f1:e3:5d:00:41:0b:51:d5:
         25:49:05:d6:a3:de:30:3e:23:82:d9:bb:51:64:9e:20:01:b4:
         8d:d6:3c:11:92:ad:ec:e5:bf:8e:be:51:0f:1a:37:7b:47:8e:
         ae:d7:8b:af:d3:bc:36:1b:9c:86:97:8f:2b:e4:bb:c4:df:97:
         92:a7:16:54:77:81:d4:d6:6c:3d:1b:31:e8:da:b0:ab:68:2a:
         84:06:55:d7:48:b3:58:9f:2b:31:32:ee:1b:a7:08:b6:8d:c3:
         cc:ec:06:d0:93:5b:87:d4:ba:1d:74:1e:c1:95:5a:af:97:fd:
         dc:40:c7:48:c8:ac:8c:26:05:e1:38:4a:09:21:1e:f7:ff:f1:
         5a:49:98:ec:9b:cb:fd:c5:b6:ea:26:36:e5:a2:8c:af:7c:50:
         48:df:6c:7c:8c:55:45:d7:e8:4b:e5:c4:28:1c:15:80:80:96:
         9e:40:85:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYTyv6SHmBt/sjTcGdf7T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwODIzMTkwMjAzWhcNMjUwODI0MTkwMjAzWjAzMTEwLwYDVQQD
Eyg4ZjdkZGQxNmIwMDI4ZmFiMDY2YjUwYWIwMDkxMzZhMzA5ZjBhZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVrz0ak2qSk+I6aphSehDoUAIUhU
uraRwS3EDaA3tyZ5dVPR4hO+sOMw69DiCq3FoRXW+egmSCc8L4Obp/sK/Rn4SZ9V
+KChP6FsuQCX3FTLMHRNtDpkNGoDsZD1urfrX2u330IxtHftrXfJa7OCR6Wz3IH7
+2yery3yaEwkR7qcNsDNvnopeebyyEDv4QLsFcMoa7zbXo7o975fnD/j19EqlLJi
TQYLjsFZWEPN48t6AyJ6JztPJJDWuf2gUyoH9TfRKfd07hWBG1n8o3TXhryEbPpa
irszOPS1zFRlcCi4rrRgPVxxbb0YGb1coDqZN03bzoiLC4jO3Q1OHoHpLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI993RawAo+rBmtQqwCRNqMJ8K6cMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABmAbh+Et
9Hxxi/hiyTYdnuhHp3lWYbaNKKKLzffe7QE7bi2SgIeylUvGQ2GHpephuU2My2X4
0RpwU99tr86QIhL4d6HCNw2hcJxn13Zxn4fNjvHjXQBBC1HVJUkF1qPeMD4jgtm7
UWSeIAG0jdY8EZKt7OW/jr5RDxo3e0eOrteLr9O8NhuchpePK+S7xN+XkqcWVHeB
1NZsPRsx6Nqwq2gqhAZV10izWJ8rMTLuG6cIto3DzOwG0JNbh9S6HXQewZVar5f9
3EDHSMisjCYF4ThKCSEe9//xWkmY7JvL/cW26iY25aKMr3xQSN9sfIxVRdfoS+XE
KBwVgICWnkCFQA==
-----END CERTIFICATE-----