Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          +USEN2P9G7S0eR77KIm8lxnnBsCmCAHguI+Xm2lJqNs=
Subject key identifier:   02:02:B6:51:A2:A5:E8:D2:B3:AA:04:67:76:9B:E7:30:22:3E:E2:56
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       0198D7061CD40A5E127E74515E96ACE116FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 13:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:38 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: 19gybeUa0ZGnIlrhKq3R09XYugAEB96cd0oL4zhC+Vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:06:1c:d4:0a:5e:12:7e:74:51:5e:96:ac:e1:16:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Aug 23 13:02:38 2025 GMT
            Not After : Aug 24 13:02:38 2025 GMT
        Subject: CN=0202b651a2a5e8d2b3aa0467769be730223ee256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c4:68:5d:74:7a:7c:66:e6:2d:ba:89:b6:9f:
                    40:8c:0c:0a:d3:2e:7f:2d:54:5d:f7:cd:8a:b7:45:
                    ef:67:62:73:67:b1:41:8e:99:5c:3a:84:c1:86:b0:
                    c7:61:72:a9:52:69:b6:1d:2b:af:94:3e:34:77:b8:
                    9e:ba:56:ef:9c:d7:dd:12:63:e2:b8:9d:59:27:73:
                    13:73:ca:35:14:fe:f8:09:c4:63:1c:83:3c:e5:24:
                    0b:3e:1a:05:43:0c:6f:46:f4:61:fd:62:1e:b4:e8:
                    29:b1:11:28:e0:3d:51:6a:62:e0:af:77:d1:40:ad:
                    72:01:e5:4b:a8:d4:9b:a7:c4:81:c2:c8:09:fc:3c:
                    1f:31:b4:7e:91:c7:e0:9a:c1:f8:7f:cf:83:a9:88:
                    2b:8c:09:55:2b:1f:d0:64:2d:72:7d:3a:fc:51:7c:
                    b5:8d:da:9f:23:03:ad:7f:98:89:1d:c7:94:80:db:
                    f5:6b:85:8f:dc:f8:fa:ea:ac:52:92:51:8b:ea:91:
                    2a:c7:3f:99:93:83:79:bc:e7:b1:da:23:0d:fd:64:
                    c8:4b:cf:d3:b0:ca:26:5e:3f:56:3d:73:d8:ac:f7:
                    70:56:35:05:36:44:a3:3e:8b:51:02:3d:c1:23:cb:
                    61:2d:08:1d:8a:b2:e1:0e:81:8b:c5:d5:8b:0b:d8:
                    a4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:02:B6:51:A2:A5:E8:D2:B3:AA:04:67:76:9B:E7:30:22:3E:E2:56
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:16:71:08:1f:dc:54:1f:df:1c:83:4a:da:63:29:0d:d5:ee:
         08:75:eb:ac:7a:da:71:aa:c1:7f:03:f8:62:41:6c:f4:02:dd:
         c7:5c:21:6f:a1:ab:ea:34:4f:e8:2b:88:9c:66:e8:4a:cf:1c:
         51:ec:49:1d:d9:17:ef:5d:ce:df:5b:6a:de:25:4d:d6:45:1e:
         36:8e:1a:1c:97:c6:80:3d:20:24:7b:1b:b0:f6:80:9f:b9:9e:
         ad:8b:a0:04:6f:35:60:7d:c0:34:c3:02:6a:21:de:3b:a6:62:
         78:6b:03:6e:23:f9:fd:b2:07:b1:a3:d8:9d:ee:a6:4b:7c:7e:
         7d:ce:21:bd:7d:5c:8c:ae:09:5a:30:91:6a:a2:2d:ef:01:e3:
         ab:54:fb:f2:85:b1:56:0f:c6:9a:85:8d:3f:bd:28:9e:6a:be:
         10:4d:a5:7d:44:bc:52:ca:60:3b:64:70:e2:51:c2:69:2d:c3:
         b5:b3:ba:bc:9e:c6:3d:4f:9f:24:97:fb:4b:80:2c:c3:3b:a9:
         23:fe:d7:17:60:74:f5:3d:96:cc:cf:14:1e:fd:1b:4c:b4:03:
         99:b0:62:53:f8:58:8d:05:c3:9d:6b:44:be:5c:59:6f:98:79:
         37:43:f1:90:cd:bb:54:10:b3:32:bc:7b:fc:bb:b9:c2:97:ce:
         60:26:38:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBhzUCl4SfnRRXpas4Rb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUwODIzMTMwMjM4WhcNMjUwODI0MTMwMjM4WjAzMTEwLwYDVQQD
EygwMjAyYjY1MWEyYTVlOGQyYjNhYTA0Njc3NjliZTczMDIyM2VlMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcRoXXR6fGbmLbqJtp9AjAwK0y5/
LVRd982Kt0XvZ2JzZ7FBjplcOoTBhrDHYXKpUmm2HSuvlD40d7ieulbvnNfdEmPi
uJ1ZJ3MTc8o1FP74CcRjHIM85SQLPhoFQwxvRvRh/WIetOgpsREo4D1RamLgr3fR
QK1yAeVLqNSbp8SBwsgJ/DwfMbR+kcfgmsH4f8+DqYgrjAlVKx/QZC1yfTr8UXy1
jdqfIwOtf5iJHceUgNv1a4WP3Pj66qxSklGL6pEqxz+Zk4N5vOex2iMN/WTIS8/T
sMomXj9WPXPYrPdwVjUFNkSjPotRAj3BI8thLQgdirLhDoGLxdWLC9ikwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAICtlGipejSs6oEZ3ab5zAiPuJWMB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFRZxCB/c
VB/fHINK2mMpDdXuCHXrrHracarBfwP4YkFs9ALdx1whb6Gr6jRP6CuInGboSs8c
UexJHdkX713O31tq3iVN1kUeNo4aHJfGgD0gJHsbsPaAn7merYugBG81YH3ANMMC
aiHeO6ZieGsDbiP5/bIHsaPYne6mS3x+fc4hvX1cjK4JWjCRaqIt7wHjq1T78oWx
Vg/GmoWNP70onmq+EE2lfUS8UspgO2Rw4lHCaS3DtbO6vJ7GPU+fJJf7S4Aswzup
I/7XF2B09T2WzM8UHv0bTLQDmbBiU/hYjQXDnWtEvlxZb5h5N0PxkM27VBCzMrx7
/Lu5wpfOYCY41A==
-----END CERTIFICATE-----