Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          uXdSw4qgXO9SUe00khgIK6QR+0jIDjVGBU08m9LeS+Y=
Subject key identifier:   0D:BF:73:59:44:EA:46:7F:99:45:CA:23:6C:64:B7:50:42:A6:F9:8F
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0198D6CD060C49AA4959C44906343F751E78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0DF5
Signing time:             Sat 23 Aug 2025 12:00:17 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:17 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:17 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: TPjHSOD0l3a9akSby7VOoUtHV6uBmEkMRTRjlQZ0bvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:06:0c:49:aa:49:59:c4:49:06:34:3f:75:1e:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Aug 23 12:00:17 2025 GMT
            Not After : Aug 24 12:00:17 2025 GMT
        Subject: CN=0dbf735944ea467f9945ca236c64b75042a6f98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:38:98:86:09:54:da:ce:5b:b6:d3:ed:dc:
                    a7:6d:2c:40:38:e9:8c:fb:c3:6f:6a:0d:b5:76:bf:
                    2f:db:87:09:a9:16:60:ca:42:b8:7f:70:7c:66:79:
                    d5:41:3d:6a:ed:07:8b:be:e1:8c:68:8f:d2:12:60:
                    b7:d3:05:1c:94:70:fd:d3:fe:97:bd:d1:cf:77:27:
                    55:2b:9c:09:dc:24:b3:bc:49:50:d6:e3:fd:7e:3f:
                    d6:f3:10:45:42:22:7c:16:74:27:3a:b3:06:9c:6a:
                    36:3e:f7:fa:56:14:88:51:43:00:51:96:41:3f:4c:
                    f4:7a:f0:4e:c4:69:e5:c1:74:5d:67:fe:46:92:cb:
                    a7:20:3c:59:37:97:9f:5b:e9:28:3a:be:f1:8c:00:
                    0e:c9:df:94:a1:ee:8a:6d:8b:75:db:af:b0:21:b0:
                    a5:02:49:4e:59:78:a0:a9:9f:19:1e:49:97:c3:14:
                    13:f2:06:8a:3f:ad:df:23:9b:9d:9a:0b:3b:c3:25:
                    85:3a:cd:80:8a:74:d5:df:fb:ab:fb:32:ac:f2:d7:
                    a8:d3:8f:1f:a5:0b:fa:24:48:31:20:4d:89:cc:47:
                    4b:0b:f4:d9:96:3f:d3:c4:95:0a:f5:c4:11:9e:60:
                    00:b1:46:57:a5:04:c7:b8:dc:56:5d:0b:f3:d2:a3:
                    2c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:BF:73:59:44:EA:46:7F:99:45:CA:23:6C:64:B7:50:42:A6:F9:8F
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:9e:19:2d:4f:9f:56:21:63:84:d7:7f:23:13:76:57:74:0f:
         62:0b:45:fb:d7:21:fe:bd:24:50:66:67:32:4c:4f:7d:a3:bb:
         25:fa:d2:b6:18:08:c1:03:64:b9:e5:39:1f:6e:84:a2:8b:ad:
         30:8b:99:65:c0:b5:87:ab:50:56:5e:29:f6:f7:50:42:2e:a9:
         72:01:71:f3:d6:bc:70:6b:89:dd:e6:5f:36:e9:03:71:20:87:
         0a:dc:be:ab:31:b5:41:38:36:fe:fa:17:34:da:41:e8:c9:53:
         86:66:32:a8:9c:24:c5:5f:09:44:a5:15:df:18:77:49:1d:db:
         ff:13:de:05:21:18:3d:14:56:dd:b3:50:72:18:1f:ed:fa:ed:
         a7:9b:3d:9b:b7:89:61:8d:97:6a:e6:f5:97:f5:c2:48:1d:ac:
         b5:2c:a2:40:c6:ca:61:fe:80:fc:a7:ce:0f:63:a7:5f:5c:f0:
         83:f1:c0:97:df:d1:e3:05:e8:aa:65:28:dc:4f:57:ad:41:de:
         ce:81:4a:86:63:b1:58:18:24:8a:b5:4b:97:3a:96:8a:ac:f5:
         ee:d6:0f:04:65:1e:62:6b:39:31:d8:1a:19:bd:6f:e3:ef:3e:
         28:a4:2c:4f:50:17:13:e3:b7:ff:01:ce:0a:ca:87:5d:30:0a:
         26:be:45:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzQYMSapJWcRJBjQ/dR54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwODIzMTIwMDE3WhcNMjUwODI0MTIwMDE3WjAzMTEwLwYDVQQD
EygwZGJmNzM1OTQ0ZWE0NjdmOTk0NWNhMjM2YzY0Yjc1MDQyYTZmOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw04mIYJVNrOW7bT7dynbSxAOOmM
+8Nvag21dr8v24cJqRZgykK4f3B8ZnnVQT1q7QeLvuGMaI/SEmC30wUclHD90/6X
vdHPdydVK5wJ3CSzvElQ1uP9fj/W8xBFQiJ8FnQnOrMGnGo2Pvf6VhSIUUMAUZZB
P0z0evBOxGnlwXRdZ/5GksunIDxZN5efW+koOr7xjAAOyd+Uoe6KbYt126+wIbCl
AklOWXigqZ8ZHkmXwxQT8gaKP63fI5udmgs7wyWFOs2AinTV3/ur+zKs8teo048f
pQv6JEgxIE2JzEdLC/TZlj/TxJUK9cQRnmAAsUZXpQTHuNxWXQvz0qMsBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2/c1lE6kZ/mUXKI2xkt1BCpvmPMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfJ4ZLU+f
ViFjhNd/IxN2V3QPYgtF+9ch/r0kUGZnMkxPfaO7JfrSthgIwQNkueU5H26Eoout
MIuZZcC1h6tQVl4p9vdQQi6pcgFx89a8cGuJ3eZfNukDcSCHCty+qzG1QTg2/voX
NNpB6MlThmYyqJwkxV8JRKUV3xh3SR3b/xPeBSEYPRRW3bNQchgf7frtp5s9m7eJ
YY2Xaub1l/XCSB2stSyiQMbKYf6A/KfOD2OnX1zwg/HAl9/R4wXoqmUo3E9XrUHe
zoFKhmOxWBgkirVLlzqWiqz17tYPBGUeYms5MdgaGb1v4+8+KKQsT1AXE+O3/wHO
CsqHXTAKJr5FMQ==
-----END CERTIFICATE-----