Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          rwzKB+vbRPYVy9pOMvqXeeVfi/q92WP2jsurXOqNPpM=
Subject key identifier:   40:4F:FA:07:D2:E0:C4:86:77:7B:3A:64:36:D8:BE:F6:00:BA:6B:15
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       0198D661249019A7FFA4FCECD89C0BFA934D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:27 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: 59pQILkMkz1fRlNNp070OtcoZXHVL2MKOQFDfI7l3pE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:24:90:19:a7:ff:a4:fc:ec:d8:9c:0b:fa:93:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Aug 23 10:02:27 2025 GMT
            Not After : Aug 24 10:02:27 2025 GMT
        Subject: CN=404ffa07d2e0c486777b3a6436d8bef600ba6b15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:16:c3:42:b5:98:a3:b1:71:2b:84:b8:a2:0c:
                    2f:89:be:15:c7:c0:fc:fb:a7:f4:6a:54:55:a1:07:
                    47:1d:c4:b9:83:88:94:e6:e2:e7:da:fd:6c:82:c5:
                    31:05:13:d6:cd:49:d0:89:20:5f:ae:d6:24:be:0b:
                    5c:49:4a:07:0d:ce:90:39:e1:c8:9a:0e:be:f8:b9:
                    a2:81:90:b2:06:0f:be:cb:d7:26:bf:80:cf:7e:24:
                    cf:b3:f5:18:c3:0c:90:10:ac:03:cf:3f:4c:9c:16:
                    0f:ec:20:6b:f2:59:25:32:d2:47:02:73:b7:b2:ac:
                    64:73:1c:3e:f3:eb:94:9a:ac:6a:54:f5:04:64:04:
                    0f:a9:9d:e2:1d:8a:2a:00:f8:19:20:c5:3d:13:52:
                    cf:98:fd:66:fe:a1:28:08:74:55:cf:d0:d5:3a:1a:
                    8c:68:4f:0c:32:17:95:f3:6e:f8:47:06:18:6b:c1:
                    bd:d2:0f:20:a8:8a:7f:05:20:23:07:e0:a8:84:d2:
                    d7:d1:09:c8:de:45:f9:d7:e6:11:35:92:28:03:5d:
                    76:e8:85:64:5e:b8:bb:5d:54:3f:3c:6a:40:67:ad:
                    cc:ec:51:83:07:e5:d9:36:e6:19:ee:de:e7:74:ca:
                    35:9b:57:fc:bb:6e:9c:93:19:a1:1a:6f:ea:cc:91:
                    4f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:4F:FA:07:D2:E0:C4:86:77:7B:3A:64:36:D8:BE:F6:00:BA:6B:15
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:25:1a:7b:60:cd:62:a8:13:de:3e:86:74:03:36:ac:ef:79:
         a8:43:4b:5e:c9:cc:e4:c6:a1:1d:0d:24:6a:48:36:73:e6:c5:
         0f:02:12:83:64:32:9b:d7:f2:0d:1e:3d:b6:b2:a1:36:83:e8:
         fe:f2:89:85:e3:4b:2a:5a:de:68:6a:be:93:b4:8b:17:c9:4d:
         7e:f3:10:04:b9:38:37:80:04:bb:b1:45:6b:00:73:8c:0d:73:
         c7:b8:b1:5f:aa:05:5d:9d:05:39:c0:39:a4:2c:d1:38:0c:39:
         7c:57:35:23:5c:b8:90:9e:15:6b:aa:7d:00:ed:72:63:ff:b7:
         9e:e4:96:56:cd:57:fe:6b:d5:02:90:7c:51:54:4a:3e:5d:95:
         5e:b3:db:b4:04:74:19:24:96:5b:75:18:5a:39:94:6a:37:a0:
         f7:17:30:a0:65:74:9b:52:ee:4c:2d:7d:2b:d3:c7:54:57:4c:
         32:85:96:b1:aa:6f:56:90:78:c4:52:b6:88:3d:99:8f:2a:2c:
         70:4d:27:ab:af:b2:de:33:0a:73:d8:8e:76:b0:85:29:fe:ec:
         2f:68:a4:36:4f:0a:e8:43:76:f2:f5:90:b6:31:8a:81:61:7e:
         fa:bc:9e:63:ff:90:0b:39:03:a9:ec:f3:53:9d:96:a0:97:bc:
         42:cf:0a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYSSQGaf/pPzs2JwL+pNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwODIzMTAwMjI3WhcNMjUwODI0MTAwMjI3WjAzMTEwLwYDVQQD
Eyg0MDRmZmEwN2QyZTBjNDg2Nzc3YjNhNjQzNmQ4YmVmNjAwYmE2YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhbDQrWYo7FxK4S4ogwvib4Vx8D8
+6f0alRVoQdHHcS5g4iU5uLn2v1sgsUxBRPWzUnQiSBfrtYkvgtcSUoHDc6QOeHI
mg6++LmigZCyBg++y9cmv4DPfiTPs/UYwwyQEKwDzz9MnBYP7CBr8lklMtJHAnO3
sqxkcxw+8+uUmqxqVPUEZAQPqZ3iHYoqAPgZIMU9E1LPmP1m/qEoCHRVz9DVOhqM
aE8MMheV8274RwYYa8G90g8gqIp/BSAjB+CohNLX0QnI3kX51+YRNZIoA1126IVk
Xri7XVQ/PGpAZ63M7FGDB+XZNuYZ7t7ndMo1m1f8u26ckxmhGm/qzJFP9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBP+gfS4MSGd3s6ZDbYvvYAumsVMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApiUae2DN
YqgT3j6GdAM2rO95qENLXsnM5MahHQ0kakg2c+bFDwISg2Qym9fyDR49trKhNoPo
/vKJheNLKlreaGq+k7SLF8lNfvMQBLk4N4AEu7FFawBzjA1zx7ixX6oFXZ0FOcA5
pCzROAw5fFc1I1y4kJ4Va6p9AO1yY/+3nuSWVs1X/mvVApB8UVRKPl2VXrPbtAR0
GSSWW3UYWjmUajeg9xcwoGV0m1LuTC19K9PHVFdMMoWWsapvVpB4xFK2iD2Zjyos
cE0nq6+y3jMKc9iOdrCFKf7sL2ikNk8K6EN28vWQtjGKgWF++ryeY/+QCzkDqezz
U52WoJe8Qs8KGA==
-----END CERTIFICATE-----