Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          9ZJtyaRlpndveQG1FqsIiHUtL+7m3TaHT8LKNfel1kM=
Subject key identifier:   8F:D4:34:66:EC:10:60:DD:08:B0:8C:6A:94:C6:62:3A:EB:A9:2D:FF
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       0198D73B18A3805D581D700FFDA8A6A2F393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          0387
Signing time:             Sat 23 Aug 2025 14:00:30 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:30 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:30 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: aJPsGXEomAsW2GMGAKyETMIDAtvrWDn1dVc0gtw+vjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:18:a3:80:5d:58:1d:70:0f:fd:a8:a6:a2:f3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Aug 23 14:00:30 2025 GMT
            Not After : Aug 24 14:00:30 2025 GMT
        Subject: CN=8fd43466ec1060dd08b08c6a94c6623aeba92dff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f2:1e:44:14:37:14:4e:9b:34:20:43:2f:4f:
                    38:8b:46:e0:fb:e1:85:89:61:97:a6:be:b6:20:d4:
                    96:dd:38:15:43:36:83:89:10:7e:44:c5:ed:89:5e:
                    f3:1f:f2:b9:20:49:09:15:ce:f4:eb:a2:d7:ce:df:
                    44:6e:d5:05:ff:9f:a0:0d:31:50:e9:c5:f5:92:6e:
                    1e:14:80:c2:37:c6:87:53:08:93:f4:8e:55:29:a4:
                    47:1d:5e:86:0f:91:4e:dc:6c:c0:e7:70:86:d8:0b:
                    80:be:fe:a8:e8:4c:6d:18:96:a7:e9:1e:f5:84:36:
                    41:09:b5:6d:8e:f0:0d:39:05:b2:6f:d4:5e:2a:3d:
                    d4:5e:90:a3:f6:70:ac:a0:fd:5c:4d:17:83:90:93:
                    df:0d:26:14:09:13:55:16:0e:c7:7a:4f:d5:ea:b3:
                    d1:bd:cf:91:f7:9c:74:cb:6b:8c:be:92:e2:d9:b4:
                    7d:19:c3:b6:be:53:fc:ac:1a:cf:70:93:32:de:0e:
                    9f:62:dc:8e:e5:37:2a:7e:f1:04:c6:b5:91:68:51:
                    71:1e:09:fc:14:2c:2f:d9:74:db:98:fa:a6:37:30:
                    a8:24:72:42:61:ab:41:d3:4e:44:51:1c:3a:ab:d0:
                    87:81:4b:68:d7:bb:54:d4:fe:5e:46:c1:54:3e:36:
                    d8:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:D4:34:66:EC:10:60:DD:08:B0:8C:6A:94:C6:62:3A:EB:A9:2D:FF
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:20:d0:da:fa:e7:a6:a0:7e:62:ad:94:f2:8b:65:8a:5f:71:
         e8:8e:e1:1c:e5:21:24:8d:5e:76:2c:e7:cf:5e:f9:be:0f:a2:
         0b:f7:c7:2a:4b:26:e1:70:8b:f3:84:a2:c8:80:13:64:d9:f8:
         d7:c5:6b:46:02:40:6e:61:d0:5b:03:5b:5a:38:b3:54:ef:39:
         e4:3f:e9:b6:75:44:90:4c:fd:3b:a8:66:0a:d5:99:b5:38:7d:
         9a:4e:6a:b3:6e:18:a4:48:57:26:e8:fb:b8:b3:1a:78:93:9b:
         f1:97:e3:69:24:7b:3a:29:0d:08:24:16:48:d3:c9:61:06:56:
         a8:e5:72:88:26:d7:8f:49:85:4f:d1:70:7d:3e:ab:b4:e0:9d:
         02:ab:1d:31:1f:73:ae:ad:06:1b:01:3d:f1:06:ad:3f:6b:e8:
         4e:4c:86:84:ee:29:51:ef:1f:34:8a:32:f2:db:9a:d6:b8:96:
         29:9f:ec:01:7a:55:32:6f:51:a4:45:5a:b5:7e:51:88:57:29:
         16:ba:0c:49:66:70:01:74:83:0d:ca:9d:ba:a5:fa:82:fd:84:
         67:b4:98:42:33:1d:38:a5:00:c4:3b:03:39:e2:a2:5b:ba:6c:
         21:f9:5d:53:e5:50:bf:e7:e5:99:ee:d5:26:69:d3:a1:25:62:
         d9:f6:e0:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOxijgF1YHXAP/aimovOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwODIzMTQwMDMwWhcNMjUwODI0MTQwMDMwWjAzMTEwLwYDVQQD
Eyg4ZmQ0MzQ2NmVjMTA2MGRkMDhiMDhjNmE5NGM2NjIzYWViYTkyZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/IeRBQ3FE6bNCBDL084i0bg++GF
iWGXpr62INSW3TgVQzaDiRB+RMXtiV7zH/K5IEkJFc7066LXzt9EbtUF/5+gDTFQ
6cX1km4eFIDCN8aHUwiT9I5VKaRHHV6GD5FO3GzA53CG2AuAvv6o6ExtGJan6R71
hDZBCbVtjvANOQWyb9ReKj3UXpCj9nCsoP1cTReDkJPfDSYUCRNVFg7Hek/V6rPR
vc+R95x0y2uMvpLi2bR9GcO2vlP8rBrPcJMy3g6fYtyO5TcqfvEExrWRaFFxHgn8
FCwv2XTbmPqmNzCoJHJCYatB005EURw6q9CHgUto17tU1P5eRsFUPjbY8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/UNGbsEGDdCLCMapTGYjrrqS3/MB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSDQ2vrn
pqB+Yq2U8otlil9x6I7hHOUhJI1ediznz175vg+iC/fHKksm4XCL84SiyIATZNn4
18VrRgJAbmHQWwNbWjizVO855D/ptnVEkEz9O6hmCtWZtTh9mk5qs24YpEhXJuj7
uLMaeJOb8ZfjaSR7OikNCCQWSNPJYQZWqOVyiCbXj0mFT9FwfT6rtOCdAqsdMR9z
rq0GGwE98QatP2voTkyGhO4pUe8fNIoy8tua1riWKZ/sAXpVMm9RpEVatX5RiFcp
FroMSWZwAXSDDcqduqX6gv2EZ7SYQjMdOKUAxDsDOeKiW7psIfldU+VQv+flme7V
JmnToSVi2fbguQ==
-----END CERTIFICATE-----