Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          8DCbPuOnI/HPAfX663USwfbUrX6j0w0CurdXJuktiro=
Subject key identifier:   01:47:DD:35:A4:44:24:97:BC:83:46:77:9C:74:2B:6A:D3:04:FE:6E
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       0198D73AD8E1BA74C031D8C32C2DF28AFFC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          072F
Signing time:             Sat 23 Aug 2025 14:00:14 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:14 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:14 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: 0vZ9PN0YyjDbM7EpFqJgEqMVVO82aqn/cU/yGixC4ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3a:d8:e1:ba:74:c0:31:d8:c3:2c:2d:f2:8a:ff:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Aug 23 14:00:14 2025 GMT
            Not After : Aug 24 14:00:14 2025 GMT
        Subject: CN=0147dd35a4442497bc8346779c742b6ad304fe6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:29:36:66:bd:17:7d:09:28:93:62:cb:fb:18:
                    c1:9d:ed:f9:40:9d:2b:2a:13:4a:d4:08:cd:89:08:
                    35:c5:87:e6:2d:eb:ed:ad:93:1b:31:56:d6:30:e4:
                    52:fc:e5:19:c5:27:2f:7a:7c:05:d2:3d:7a:de:47:
                    60:55:68:0f:78:c3:25:38:9b:5a:67:ff:43:ae:b5:
                    45:0d:37:47:51:2f:59:c6:6b:83:95:92:92:fd:7c:
                    73:0a:57:1d:a7:a6:a2:a2:42:75:ae:10:09:42:0d:
                    f3:aa:19:31:18:ed:bc:c9:dc:7f:cc:ea:fc:84:9e:
                    22:68:f5:56:94:b7:3a:f6:b9:21:6b:f1:17:c5:02:
                    90:78:a0:41:9e:21:9d:d8:56:16:00:0c:1d:48:f9:
                    5e:0a:06:aa:87:d2:9f:c0:56:c7:9e:b9:67:27:e8:
                    3c:4d:cd:9a:00:3e:2b:b2:ca:6f:8a:3e:20:ad:74:
                    6d:aa:30:86:56:66:85:66:14:72:9f:63:bf:24:0f:
                    eb:30:b0:9e:6d:3f:08:e2:bd:44:88:00:8b:ab:44:
                    39:c1:75:dc:6b:62:bd:64:65:05:e6:f3:06:23:7e:
                    e2:07:f6:ea:03:7e:b0:9c:ba:9f:1c:f4:35:52:d8:
                    e6:8a:c3:87:c2:11:b0:da:eb:75:16:c1:b2:6e:3e:
                    45:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:47:DD:35:A4:44:24:97:BC:83:46:77:9C:74:2B:6A:D3:04:FE:6E
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:63:2b:76:60:da:09:a2:f9:2d:63:26:0d:a4:e0:4e:ee:71:
         30:83:63:39:b5:d9:c8:93:83:05:43:c5:ee:5e:eb:d3:2d:a5:
         55:74:86:36:86:ca:d5:48:0e:64:98:8f:a0:a4:c5:aa:25:16:
         84:69:08:ec:4e:e2:50:6b:e4:c7:d4:ad:29:62:27:0f:84:8c:
         27:1d:99:bb:9e:54:08:fd:58:35:db:ae:fe:0e:95:80:e2:5d:
         4d:19:2e:89:26:aa:43:70:b5:3b:0b:ba:32:be:99:0b:6b:e7:
         36:8e:28:62:b0:49:fd:ed:57:3e:8a:97:2a:4a:9c:16:23:ee:
         29:85:e4:8f:ee:9a:91:e0:01:3f:1d:98:6f:e9:8c:3d:36:d6:
         ec:61:1a:26:d9:1e:42:a6:99:86:8b:9e:0e:1d:e6:40:27:cf:
         c4:da:e5:fc:ef:8f:47:83:05:70:bc:43:1d:4a:24:e7:73:d1:
         11:90:07:a2:d5:2c:27:7b:4c:37:cb:35:d6:85:4c:14:63:6a:
         fa:19:b9:82:83:fe:22:c7:b1:d4:b5:ec:3b:cc:27:69:5a:29:
         bb:e3:2d:1b:55:43:2e:68:a9:4c:12:ad:4a:25:86:c4:d2:7b:
         d9:68:d1:5d:9b:91:68:9e:1b:23:8f:00:3e:18:a3:0c:09:3b:
         f9:ec:62:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOtjhunTAMdjDLC3yiv/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjUwODIzMTQwMDE0WhcNMjUwODI0MTQwMDE0WjAzMTEwLwYDVQQD
EygwMTQ3ZGQzNWE0NDQyNDk3YmM4MzQ2Nzc5Yzc0MmI2YWQzMDRmZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSk2Zr0XfQkok2LL+xjBne35QJ0r
KhNK1AjNiQg1xYfmLevtrZMbMVbWMORS/OUZxScvenwF0j163kdgVWgPeMMlOJta
Z/9DrrVFDTdHUS9ZxmuDlZKS/XxzClcdp6aiokJ1rhAJQg3zqhkxGO28ydx/zOr8
hJ4iaPVWlLc69rkha/EXxQKQeKBBniGd2FYWAAwdSPleCgaqh9KfwFbHnrlnJ+g8
Tc2aAD4rsspvij4grXRtqjCGVmaFZhRyn2O/JA/rMLCebT8I4r1EiACLq0Q5wXXc
a2K9ZGUF5vMGI37iB/bqA36wnLqfHPQ1UtjmisOHwhGw2ut1FsGybj5F1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFH3TWkRCSXvINGd5x0K2rTBP5uMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANGMrdmDa
CaL5LWMmDaTgTu5xMINjObXZyJODBUPF7l7r0y2lVXSGNobK1UgOZJiPoKTFqiUW
hGkI7E7iUGvkx9StKWInD4SMJx2Zu55UCP1YNduu/g6VgOJdTRkuiSaqQ3C1Owu6
Mr6ZC2vnNo4oYrBJ/e1XPoqXKkqcFiPuKYXkj+6akeABPx2Yb+mMPTbW7GEaJtke
QqaZhoueDh3mQCfPxNrl/O+PR4MFcLxDHUok53PREZAHotUsJ3tMN8s11oVMFGNq
+hm5goP+Isex1LXsO8wnaVopu+MtG1VDLmipTBKtSiWGxNJ72WjRXZuRaJ4bI48A
PhijDAk7+exiHw==
-----END CERTIFICATE-----