Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          xSOy2Zw/T2o74IYE8++TeZtG1A9yDsSE6Nip7ncFQyA=
Subject key identifier:   84:2B:2A:DA:A4:3B:D8:8D:E1:3D:1B:82:FA:4C:34:68:D2:1B:60:EC
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       0198D7A8C2CDC010EDF3AA572D9470229DF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0DE3
Signing time:             Sat 23 Aug 2025 16:00:18 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:18 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:18 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: GXKYCrEoeJUtvfM8RCX45BlO3Uh11ca3kW7GwrHXswQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:c2:cd:c0:10:ed:f3:aa:57:2d:94:70:22:9d:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Aug 23 16:00:18 2025 GMT
            Not After : Aug 24 16:00:18 2025 GMT
        Subject: CN=842b2adaa43bd88de13d1b82fa4c3468d21b60ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a1:be:69:47:c2:0e:01:2f:ae:d1:fa:18:2c:
                    12:08:b5:ae:ad:58:6e:d9:cd:21:91:29:c9:a2:0e:
                    a7:f1:a6:89:bd:30:fe:95:0a:b7:44:32:59:a5:70:
                    69:a8:0b:99:c9:e8:2f:92:b4:6d:f0:1e:41:ef:92:
                    46:f0:5f:2e:d9:d8:60:0d:6f:e5:8a:d9:a5:6e:fe:
                    29:b2:6e:4b:5e:9c:3d:98:fa:e1:54:4e:56:0e:ba:
                    24:e2:34:34:2b:92:25:a8:b8:68:13:77:de:08:2c:
                    e3:5e:09:07:98:7d:b7:09:c3:de:c4:8b:39:36:5d:
                    46:cb:d4:24:22:bc:e1:09:97:44:39:78:d9:05:13:
                    6f:3f:d5:f3:6e:7c:bc:94:fb:e2:cd:52:1a:76:5d:
                    09:9f:86:3b:45:07:84:71:80:3c:4e:b5:96:cf:af:
                    2d:e3:72:d6:26:f5:95:fa:3d:97:0a:ae:33:35:27:
                    b9:1c:52:67:c6:af:3c:85:31:1c:ca:64:ea:a5:a9:
                    f0:e2:4a:c4:3b:a9:2f:8c:67:16:d1:d0:04:7f:11:
                    19:97:b6:f8:29:f2:20:2b:1f:85:69:8e:76:33:4b:
                    8a:35:49:e6:2a:e2:55:d9:54:7e:fa:95:18:6d:3e:
                    74:8c:a8:21:aa:dc:cf:c7:7a:54:38:68:7f:07:5a:
                    ce:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:2B:2A:DA:A4:3B:D8:8D:E1:3D:1B:82:FA:4C:34:68:D2:1B:60:EC
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:ae:7f:58:d1:97:1e:33:f7:e8:69:e8:00:98:3e:ae:c9:0d:
         b9:32:06:b3:a1:3a:d2:61:b8:2f:ea:8b:9a:69:49:c8:5b:d0:
         16:5e:26:8e:55:9f:da:d6:da:c8:96:2a:56:92:a1:2a:57:c3:
         38:37:a1:06:9d:5f:e9:d3:90:1a:81:ae:0d:d9:f2:90:be:2f:
         d1:fd:7e:b3:47:e1:16:aa:a1:83:bf:46:49:57:95:8a:a7:99:
         61:53:f0:34:c9:27:2b:dc:28:eb:42:9c:8d:fb:8c:a0:18:e3:
         47:38:3f:17:08:03:c5:bd:64:92:52:d5:4f:07:f3:17:b6:c0:
         55:01:c5:f2:99:c6:39:db:3d:a5:ab:a5:ff:86:28:5b:ad:81:
         87:35:f2:65:ef:3e:50:73:15:50:9c:12:39:30:69:2d:cf:2a:
         52:47:61:62:4d:ee:23:99:ec:c4:ee:19:a4:46:4b:06:57:f2:
         f6:c2:fc:33:af:d9:23:ab:e4:2c:1d:32:20:41:51:b8:dd:94:
         85:f1:e6:a7:67:25:db:a4:47:9a:ae:fb:be:57:6b:27:22:73:
         6f:3e:bd:03:7b:b4:c4:c3:8f:16:0f:71:50:38:8d:e6:c7:44:
         d4:c2:e8:63:c3:17:b5:54:74:79:73:71:71:71:96:c3:8e:71:
         40:7e:e2:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqMLNwBDt86pXLZRwIp3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwODIzMTYwMDE4WhcNMjUwODI0MTYwMDE4WjAzMTEwLwYDVQQD
Eyg4NDJiMmFkYWE0M2JkODhkZTEzZDFiODJmYTRjMzQ2OGQyMWI2MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36G+aUfCDgEvrtH6GCwSCLWurVhu
2c0hkSnJog6n8aaJvTD+lQq3RDJZpXBpqAuZyegvkrRt8B5B75JG8F8u2dhgDW/l
itmlbv4psm5LXpw9mPrhVE5WDrok4jQ0K5IlqLhoE3feCCzjXgkHmH23CcPexIs5
Nl1Gy9QkIrzhCZdEOXjZBRNvP9Xzbny8lPvizVIadl0Jn4Y7RQeEcYA8TrWWz68t
43LWJvWV+j2XCq4zNSe5HFJnxq88hTEcymTqpanw4krEO6kvjGcW0dAEfxEZl7b4
KfIgKx+FaY52M0uKNUnmKuJV2VR++pUYbT50jKghqtzPx3pUOGh/B1rOXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQrKtqkO9iN4T0bgvpMNGjSG2DsMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPq5/WNGX
HjP36GnoAJg+rskNuTIGs6E60mG4L+qLmmlJyFvQFl4mjlWf2tbayJYqVpKhKlfD
ODehBp1f6dOQGoGuDdnykL4v0f1+s0fhFqqhg79GSVeViqeZYVPwNMknK9wo60Kc
jfuMoBjjRzg/FwgDxb1kklLVTwfzF7bAVQHF8pnGOds9paul/4YoW62BhzXyZe8+
UHMVUJwSOTBpLc8qUkdhYk3uI5nsxO4ZpEZLBlfy9sL8M6/ZI6vkLB0yIEFRuN2U
hfHmp2cl26RHmq77vldrJyJzbz69A3u0xMOPFg9xUDiN5sdE1MLoY8MXtVR0eXNx
cXGWw45xQH7i6g==
-----END CERTIFICATE-----