Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          zpeyQaxNolu91WH6snenY31F/VXrfZwiIOP34ytVE5Q=
Subject key identifier:   9D:DB:EF:84:8B:3E:F8:CA:75:34:69:6E:3F:43:DD:EF:A2:13:B9:20
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       0198D5163CFFB61A5ACE323BF1C76927C8EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          06F8
Signing time:             Sat 23 Aug 2025 04:01:00 +0000
Manifest this update:     Sat 23 Aug 2025 04:01:00 +0000
Manifest next update:     Sun 24 Aug 2025 04:01:00 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: MRACUIMw2F5mrKnKHVSnore85NB44RSe6e0BRtBHwEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:3c:ff:b6:1a:5a:ce:32:3b:f1:c7:69:27:c8:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Aug 23 04:01:00 2025 GMT
            Not After : Aug 24 04:01:00 2025 GMT
        Subject: CN=9ddbef848b3ef8ca7534696e3f43ddefa213b920
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:91:a2:9b:c6:36:a2:cd:76:07:7f:14:8f:bb:
                    8d:03:0b:93:c3:a8:68:07:cd:f2:ed:8a:6b:58:65:
                    2a:37:9c:6e:90:06:c3:13:6e:ba:9f:5f:10:74:68:
                    72:72:f4:6e:46:02:c3:d4:54:25:ca:b6:c3:ca:fe:
                    c1:ce:a2:60:e2:fe:62:50:5a:e6:ce:78:4d:7d:cc:
                    1e:da:66:65:5f:e8:82:de:b4:35:a6:24:89:0e:b6:
                    dd:43:ee:8d:83:84:c2:85:53:3a:be:26:f2:39:24:
                    fa:95:cc:95:e5:b3:f4:d5:5f:34:40:4c:15:91:24:
                    57:57:e4:27:17:cd:ed:a4:2d:db:fc:7b:ca:e9:80:
                    c6:50:06:5d:ae:8b:2c:d0:17:a7:67:b0:e2:03:31:
                    5a:fe:66:24:12:63:04:43:ab:cb:24:01:55:84:b8:
                    b9:9f:bb:07:bb:9c:00:ca:81:a9:5b:89:df:4a:aa:
                    ee:d6:11:d3:ba:07:17:83:90:0b:37:cb:f9:88:13:
                    be:a9:f5:c6:6b:7e:73:ff:97:22:c2:d0:35:b4:a6:
                    fd:9b:af:38:62:d0:9c:4c:35:26:3b:13:d9:a7:8f:
                    c2:96:8e:3e:75:66:48:80:a8:dc:7f:e3:e8:8d:fb:
                    9b:36:a3:2c:90:28:56:28:6e:0b:74:68:e0:2b:e0:
                    c3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:DB:EF:84:8B:3E:F8:CA:75:34:69:6E:3F:43:DD:EF:A2:13:B9:20
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:7a:17:06:8d:bb:e7:a2:a1:26:23:c9:dc:67:20:62:e5:f9:
         df:f4:ae:f5:0f:b3:f9:b7:29:6e:4f:f4:22:c8:0c:02:21:49:
         20:75:8d:1e:95:50:f0:de:0d:6e:c9:4d:56:9a:74:dc:42:7b:
         c4:35:94:12:8d:2d:e4:7a:36:ac:b9:3a:bc:e0:d5:71:c2:aa:
         74:39:91:e4:bd:07:a0:77:a1:5b:f2:33:12:0a:9b:a0:19:ed:
         fc:16:ff:8e:34:89:76:9e:c7:b8:f5:1d:18:94:dc:28:64:8f:
         0b:d5:a3:ea:d7:fa:ec:2a:15:33:be:38:4c:93:5f:fb:ac:e2:
         31:a1:c5:ab:1c:ce:7c:cf:f0:11:79:dc:f0:b2:99:4e:b5:7a:
         ac:9f:91:13:0f:20:a4:4a:58:94:60:8b:a1:73:8b:66:f0:d2:
         bf:4e:fe:ee:d6:3d:13:24:93:60:d0:91:f6:4a:e9:11:7e:6a:
         c1:3d:34:fe:88:a9:19:33:a2:d8:0e:40:a6:6b:fe:63:a2:df:
         be:84:5c:09:43:a0:d2:6b:2d:82:9f:f1:f7:1b:7d:c2:dc:05:
         25:b9:15:5a:82:c0:72:20:6a:5e:90:f9:a1:19:ee:56:ff:6b:
         13:53:a0:5a:67:74:f8:01:8a:44:f2:29:9e:c8:c7:35:cf:fa:
         6f:58:05:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFjz/thpazjI78cdpJ8jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwODIzMDQwMTAwWhcNMjUwODI0MDQwMTAwWjAzMTEwLwYDVQQD
Eyg5ZGRiZWY4NDhiM2VmOGNhNzUzNDY5NmUzZjQzZGRlZmEyMTNiOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5Gim8Y2os12B38Uj7uNAwuTw6ho
B83y7YprWGUqN5xukAbDE266n18QdGhycvRuRgLD1FQlyrbDyv7BzqJg4v5iUFrm
znhNfcwe2mZlX+iC3rQ1piSJDrbdQ+6Ng4TChVM6vibyOST6lcyV5bP01V80QEwV
kSRXV+QnF83tpC3b/HvK6YDGUAZdross0BenZ7DiAzFa/mYkEmMEQ6vLJAFVhLi5
n7sHu5wAyoGpW4nfSqru1hHTugcXg5ALN8v5iBO+qfXGa35z/5ciwtA1tKb9m684
YtCcTDUmOxPZp4/Clo4+dWZIgKjcf+PojfubNqMskChWKG4LdGjgK+DDuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3b74SLPvjKdTRpbj9D3e+iE7kgMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHoXBo27
56KhJiPJ3GcgYuX53/Su9Q+z+bcpbk/0IsgMAiFJIHWNHpVQ8N4NbslNVpp03EJ7
xDWUEo0t5Ho2rLk6vODVccKqdDmR5L0HoHehW/IzEgqboBnt/Bb/jjSJdp7HuPUd
GJTcKGSPC9Wj6tf67CoVM744TJNf+6ziMaHFqxzOfM/wEXnc8LKZTrV6rJ+REw8g
pEpYlGCLoXOLZvDSv07+7tY9EySTYNCR9krpEX5qwT00/oipGTOi2A5Apmv+Y6Lf
voRcCUOg0mstgp/x9xt9wtwFJbkVWoLAciBqXpD5oRnuVv9rE1OgWmd0+AGKRPIp
nsjHNc/6b1gF+A==
-----END CERTIFICATE-----