Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          cE+I1KwrzDV0scPjA8lSf6KJYCKonc9GnBrFpuw/hu8=
Subject key identifier:   9C:05:5B:F5:22:C9:FD:0E:14:FA:35:01:AA:FF:2A:00:F5:DA:00:17
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       0198D65FBA41760167105F051687919D04CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          08F5
Signing time:             Sat 23 Aug 2025 10:00:54 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:54 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:54 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: /FL6wbYdfRipMZnGozJItPxc4mHIy6XkcNTSElWYIq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:ba:41:76:01:67:10:5f:05:16:87:91:9d:04:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: Aug 23 10:00:54 2025 GMT
            Not After : Aug 24 10:00:54 2025 GMT
        Subject: CN=9c055bf522c9fd0e14fa3501aaff2a00f5da0017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d5:e2:d6:c2:23:54:05:2b:a3:46:18:ff:e2:
                    6f:0f:ea:0c:e9:8a:2b:0c:5b:57:32:9a:85:da:36:
                    ee:87:ad:60:a9:e9:18:e1:d9:33:50:49:be:24:8b:
                    fb:67:da:97:4f:59:83:b4:80:ef:2c:1b:95:0e:79:
                    46:07:46:85:1a:56:f7:33:ee:3d:56:d9:83:f4:e1:
                    6b:78:da:5d:e6:f9:5d:96:97:ba:2f:ea:8e:a6:68:
                    c0:3a:e2:36:85:f1:f9:67:71:47:99:82:9b:b2:28:
                    5d:da:2a:af:f6:73:d9:0d:d3:65:9e:7b:1d:24:a0:
                    6b:93:26:d4:c5:c6:d6:9c:24:2e:aa:27:dc:5a:f2:
                    5f:d3:94:e8:3d:e2:df:6e:f5:26:c3:80:7c:d7:2c:
                    1a:78:42:9f:f9:46:3b:e3:30:d5:d0:7f:cc:07:d5:
                    e8:de:16:03:32:5e:61:58:eb:34:90:35:d5:7d:91:
                    93:05:68:39:63:7b:2d:4e:fa:79:37:5c:e4:61:ff:
                    08:41:ec:7d:96:f0:43:f4:9b:e1:c0:5c:f3:af:d0:
                    fe:61:53:4c:ac:c3:6d:4d:a1:df:dc:78:b3:cb:2c:
                    80:c9:0f:3d:ac:0a:bb:43:67:82:b9:2a:92:23:d3:
                    70:9b:93:ca:e8:02:8a:44:fb:9d:63:17:a6:a6:3f:
                    a4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:05:5B:F5:22:C9:FD:0E:14:FA:35:01:AA:FF:2A:00:F5:DA:00:17
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:5f:e2:d4:b1:b7:61:ef:26:8e:25:f7:e0:ba:4a:22:8a:76:
         c1:98:a5:a5:df:6a:36:7d:69:04:b8:1b:98:66:f7:ec:03:48:
         15:bd:f3:01:c3:25:e1:37:4b:c0:6c:88:0b:76:1f:f9:c3:7d:
         e5:98:00:8e:81:d9:ae:92:1d:5c:11:ba:2d:48:ea:16:e6:f7:
         15:ca:2b:a2:66:53:ef:57:2d:33:57:63:cb:8b:77:5b:31:60:
         a4:72:25:ce:50:34:37:2c:50:8e:90:55:66:1b:0c:7d:62:4a:
         b5:c4:22:c7:c7:b6:b7:ee:64:12:b5:1a:4f:26:93:69:62:62:
         c3:b3:f2:9d:38:4c:e6:3d:02:0d:23:02:4e:b4:09:4b:62:b3:
         27:ef:8b:df:de:87:68:48:4e:fc:21:fd:ea:2d:2a:64:e2:f4:
         25:1e:e6:5c:3e:80:8a:b8:25:0b:d1:41:bf:89:ab:d5:ec:02:
         7a:d4:e8:f2:19:78:a1:6f:9c:99:cb:a5:a9:c2:a4:aa:ac:61:
         8e:4a:7a:1d:dc:36:ed:51:1a:9b:ef:4b:43:7e:1d:e4:e8:cc:
         cd:ec:7b:d3:26:b8:ba:52:ce:2a:c6:be:ec:b1:e7:34:58:db:
         4e:90:99:50:f5:b1:ad:a8:8a:d2:87:7a:7d:ec:55:7d:60:e0:
         f3:0f:76:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX7pBdgFnEF8FFoeRnQTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjUwODIzMTAwMDU0WhcNMjUwODI0MTAwMDU0WjAzMTEwLwYDVQQD
Eyg5YzA1NWJmNTIyYzlmZDBlMTRmYTM1MDFhYWZmMmEwMGY1ZGEwMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNXi1sIjVAUro0YY/+JvD+oM6Yor
DFtXMpqF2jbuh61gqekY4dkzUEm+JIv7Z9qXT1mDtIDvLBuVDnlGB0aFGlb3M+49
VtmD9OFreNpd5vldlpe6L+qOpmjAOuI2hfH5Z3FHmYKbsihd2iqv9nPZDdNlnnsd
JKBrkybUxcbWnCQuqifcWvJf05ToPeLfbvUmw4B81ywaeEKf+UY74zDV0H/MB9Xo
3hYDMl5hWOs0kDXVfZGTBWg5Y3stTvp5N1zkYf8IQex9lvBD9JvhwFzzr9D+YVNM
rMNtTaHf3HizyyyAyQ89rAq7Q2eCuSqSI9Nwm5PK6AKKRPudYxempj+koQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwFW/Uiyf0OFPo1Aar/KgD12gAXMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKF/i1LG3
Ye8mjiX34LpKIop2wZilpd9qNn1pBLgbmGb37ANIFb3zAcMl4TdLwGyIC3Yf+cN9
5ZgAjoHZrpIdXBG6LUjqFub3FcoromZT71ctM1djy4t3WzFgpHIlzlA0NyxQjpBV
ZhsMfWJKtcQix8e2t+5kErUaTyaTaWJiw7PynThM5j0CDSMCTrQJS2KzJ++L396H
aEhO/CH96i0qZOL0JR7mXD6AirglC9FBv4mr1ewCetTo8hl4oW+cmculqcKkqqxh
jkp6Hdw27VEam+9LQ34d5OjMzex70ya4ulLOKsa+7LHnNFjbTpCZUPWxraiK0od6
fexVfWDg8w92Qw==
-----END CERTIFICATE-----