Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
File:                     3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft (raw, json)
Hash identifier:          zIVUelO8O+C6AUU4zAILUPPUULRc1eZKc32fhTNIe2Y=
Subject key identifier:   0F:A8:6B:02:87:D6:6A:DC:D5:CD:80:91:E0:7E:57:28:6F:44:B3:64
Authority key identifier: DE:8E:07:83:94:B3:40:C1:CE:E4:79:F9:E6:13:A1:EB:D2:B3:68:6D
Certificate issuer:       /CN=de8e078394b340c1cee479f9e613a1ebd2b3686d
Certificate serial:       0198D5BB8C5DF22CE11E3E3134EC234E6E83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
Manifest number:          9E
Signing time:             Sat 23 Aug 2025 07:01:34 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:34 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:34 +0000
Files and hashes:         1: 3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl (hash: w1BW1Lg7Ikcflxa3LeOcQ7VdeNqznlQ3Z7NsokjWjpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:8c:5d:f2:2c:e1:1e:3e:31:34:ec:23:4e:6e:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de8e078394b340c1cee479f9e613a1ebd2b3686d
        Validity
            Not Before: Aug 23 07:01:34 2025 GMT
            Not After : Aug 24 07:01:34 2025 GMT
        Subject: CN=0fa86b0287d66adcd5cd8091e07e57286f44b364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:41:90:bc:2d:22:04:85:90:6a:01:ee:d6:45:
                    aa:f2:00:d4:b0:4e:ef:f4:a2:31:18:91:29:c5:18:
                    bb:b8:38:1f:27:44:a5:3f:89:46:81:e1:95:df:8a:
                    79:db:71:8b:d5:33:81:d2:cf:2c:f6:79:13:74:0e:
                    18:fb:19:14:41:95:b9:29:6f:a3:39:69:00:1b:50:
                    06:f4:f4:63:84:c4:e6:e5:d5:bc:99:0b:02:cf:77:
                    8f:47:6b:fe:d1:6e:67:68:77:2f:95:46:11:c4:c4:
                    b3:ff:b2:5c:8c:75:e1:e4:74:6c:30:67:61:20:57:
                    a4:89:b8:0e:c4:a2:b4:7b:66:4a:c1:ac:a5:76:6a:
                    cc:1f:be:ae:4a:c4:35:c4:fe:a5:ff:a3:a7:b0:e6:
                    64:2b:9d:67:ce:33:42:30:cf:92:a8:bc:8d:bc:f9:
                    51:bc:35:b4:52:ba:93:d2:d2:78:da:f3:d2:2f:6d:
                    2d:4e:f4:5f:d1:93:cc:be:54:65:bc:06:9a:57:b5:
                    c6:89:18:df:64:63:3b:9f:6b:67:e0:c9:49:cf:4b:
                    53:34:a5:aa:ea:a1:5c:f1:41:fb:d1:89:76:d6:8e:
                    40:b6:59:90:45:41:28:ac:6f:f8:46:86:05:a6:59:
                    6e:9d:6f:c6:41:3f:38:36:82:67:f0:c5:52:d0:a5:
                    ca:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:A8:6B:02:87:D6:6A:DC:D5:CD:80:91:E0:7E:57:28:6F:44:B3:64
            X509v3 Authority Key Identifier:
                keyid:DE:8E:07:83:94:B3:40:C1:CE:E4:79:F9:E6:13:A1:EB:D2:B3:68:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:38:73:da:a6:4c:7c:9f:90:86:29:0f:33:4e:c5:d1:2e:72:
         dd:85:61:6c:51:8e:18:9b:d9:ff:69:ef:73:52:75:e3:e8:f5:
         85:cd:9a:cf:8b:9a:a5:90:f7:01:63:89:e0:db:8f:30:5d:6b:
         f9:93:9e:36:de:62:a7:b7:c9:24:75:bd:ed:dd:f8:f2:fc:82:
         bd:44:46:35:7f:be:ed:44:fb:64:26:a9:66:80:f0:92:10:27:
         90:c9:42:12:ef:1e:bb:7c:a6:c1:a0:84:a8:c3:e9:f8:48:d2:
         83:0b:84:c5:ec:72:25:e4:a9:95:e1:36:19:d3:e8:f6:22:f2:
         a9:39:f3:51:22:2c:1d:ff:92:2d:f7:64:1d:5e:8b:01:44:23:
         9f:2d:01:cc:0e:9c:98:b0:ab:87:c1:17:c0:a8:e0:6f:b7:2a:
         e3:59:2f:47:eb:38:40:af:55:a3:f3:a6:c3:02:2b:06:01:e7:
         38:41:3e:b1:38:d7:37:9b:46:ca:a1:1a:bd:46:1d:7a:0c:54:
         02:b8:ec:b0:e1:5e:eb:e3:b4:f5:fc:2a:b0:85:77:45:b7:f4:
         16:4c:af:1f:78:1c:40:20:68:2b:1b:59:47:f1:ca:3f:af:0f:
         18:8c:88:e4:b1:dc:29:e2:7c:43:db:4b:8f:e7:fd:3b:4f:c9:
         ee:fd:56:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu4xd8izhHj4xNOwjTm6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOGUwNzgzOTRiMzQwYzFjZWU0NzlmOWU2MTNhMWViZDJi
MzY4NmQwHhcNMjUwODIzMDcwMTM0WhcNMjUwODI0MDcwMTM0WjAzMTEwLwYDVQQD
EygwZmE4NmIwMjg3ZDY2YWRjZDVjZDgwOTFlMDdlNTcyODZmNDRiMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEGQvC0iBIWQagHu1kWq8gDUsE7v
9KIxGJEpxRi7uDgfJ0SlP4lGgeGV34p523GL1TOB0s8s9nkTdA4Y+xkUQZW5KW+j
OWkAG1AG9PRjhMTm5dW8mQsCz3ePR2v+0W5naHcvlUYRxMSz/7JcjHXh5HRsMGdh
IFekibgOxKK0e2ZKwayldmrMH76uSsQ1xP6l/6OnsOZkK51nzjNCMM+SqLyNvPlR
vDW0UrqT0tJ42vPSL20tTvRf0ZPMvlRlvAaaV7XGiRjfZGM7n2tn4MlJz0tTNKWq
6qFc8UH70Yl21o5AtlmQRUEorG/4RoYFpllunW/GQT84NoJn8MVS0KXKdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+oawKH1mrc1c2AkeB+VyhvRLNkMB8GA1UdIwQY
MBaAFN6OB4OUs0DBzuR5+eYToevSs2htMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84ZWJlYzItNDQ5Zi00M2Q3LTg4OGYt
MGFkODMwNmRjMzU1LzEvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84ZWJlYzItNDQ5Zi00M2Q3LTg4OGYtMGFkODMwNmRjMzU1
LzEvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDhz2qZM
fJ+QhikPM07F0S5y3YVhbFGOGJvZ/2nvc1J14+j1hc2az4uapZD3AWOJ4NuPMF1r
+ZOeNt5ip7fJJHW97d348vyCvURGNX++7UT7ZCapZoDwkhAnkMlCEu8eu3ymwaCE
qMPp+EjSgwuExexyJeSpleE2GdPo9iLyqTnzUSIsHf+SLfdkHV6LAUQjny0BzA6c
mLCrh8EXwKjgb7cq41kvR+s4QK9Vo/OmwwIrBgHnOEE+sTjXN5tGyqEavUYdegxU
ArjssOFe6+O09fwqsIV3Rbf0FkyvH3gcQCBoKxtZR/HKP68PGIyI5LHcKeJ8Q9tL
j+f9O0/J7v1W1Q==
-----END CERTIFICATE-----