Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          g/ddYwJCcEmmLgq3YDTPc+EkTyiqn4PsWWtInQSN+Oc=
Subject key identifier:   14:D4:1E:56:0C:31:16:BB:3C:17:87:38:7A:66:44:E9:25:3A:4D:64
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       0198D4E088B1ED565DE7558CB2E7D96E0E5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0DAC
Signing time:             Sat 23 Aug 2025 03:02:21 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:21 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:21 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: KH1oFSLjCAIcwkoCP0k6VOmNQBqI4N/k3z5UPrNAcxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:88:b1:ed:56:5d:e7:55:8c:b2:e7:d9:6e:0e:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Aug 23 03:02:21 2025 GMT
            Not After : Aug 24 03:02:21 2025 GMT
        Subject: CN=14d41e560c3116bb3c1787387a6644e9253a4d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ee:a9:d1:83:36:b8:b6:af:67:43:cb:73:79:
                    28:d9:9e:01:98:68:49:0d:37:3e:b1:4a:f5:71:ad:
                    b0:1c:a4:39:cc:7c:f3:dc:a7:c1:0a:7b:67:ae:e4:
                    08:d2:cf:18:fb:78:09:7e:43:44:05:b2:4d:f9:15:
                    8b:bf:47:d5:22:d3:fa:1b:6f:cc:da:9e:ca:84:f7:
                    5d:f1:e3:5a:84:b9:28:f1:eb:28:62:a9:0d:35:5a:
                    dd:64:1f:3c:2e:69:f4:a6:5e:cb:d0:18:04:9e:96:
                    b6:ac:fe:41:d6:0f:3c:70:e7:83:a3:1d:50:7a:a1:
                    3e:0c:07:a4:90:e3:5c:28:03:ae:60:83:4c:2c:8e:
                    ed:5c:3c:86:5f:f0:f3:12:25:0f:1f:f9:b1:e6:e0:
                    c2:d5:a7:23:c3:85:a9:e6:ea:73:f0:66:74:30:9f:
                    ad:26:b7:8e:16:0e:d2:ec:da:56:2e:25:3d:c0:d4:
                    e0:68:2e:41:15:fb:fd:1e:8a:ad:be:bd:ca:b7:25:
                    39:f7:be:bd:0d:c4:4b:a3:f7:51:cb:52:82:18:7d:
                    09:c7:5c:14:c9:db:94:4f:74:c3:c3:8d:f0:db:64:
                    26:0c:17:e5:17:8f:ca:f6:72:f9:06:a0:9b:d8:fe:
                    de:be:e1:32:cd:3c:a0:0d:8d:96:c0:f7:23:e7:60:
                    6c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D4:1E:56:0C:31:16:BB:3C:17:87:38:7A:66:44:E9:25:3A:4D:64
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:27:a4:d8:f3:c0:34:49:e9:a9:39:4d:26:6a:5b:3a:e3:54:
         98:cd:2f:97:d5:f2:72:8c:6a:bf:56:31:c1:99:a1:46:15:b7:
         b5:bc:5b:0c:a4:70:5b:4a:bc:3c:15:7f:96:4b:9a:eb:fe:07:
         34:d5:ec:91:b0:8d:85:97:2e:a0:db:9e:58:5f:0c:05:fd:d0:
         f4:30:f8:98:fd:d9:a7:b8:a1:d3:e3:e4:e7:3e:9c:e1:05:dc:
         66:d6:e8:97:0b:41:2d:21:77:64:ff:b7:35:2a:e8:2b:b9:e5:
         0d:83:62:bd:b3:45:d2:dc:e7:9e:36:00:66:21:7a:40:59:2c:
         ac:8c:e7:43:42:10:d5:b2:4c:9e:84:26:76:7f:66:23:29:3e:
         15:63:f0:6e:20:b7:d3:43:63:57:6d:51:9a:41:50:59:38:32:
         ea:37:53:82:f7:8d:f6:aa:4d:a7:c8:d9:e1:2a:97:e1:c6:a4:
         cc:a7:ac:94:be:95:73:b3:a9:f4:67:3d:7f:d1:ba:d5:a8:06:
         ff:09:56:97:29:b6:8c:bd:9a:1f:90:d6:02:ad:91:a4:de:f9:
         30:22:74:de:c4:69:b2:9a:ab:6e:2d:91:0f:68:9e:b2:9c:bc:
         bb:28:a7:75:a6:25:b6:30:9a:2c:69:ce:58:ec:98:2a:00:4d:
         5b:bc:ff:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4Iix7VZd51WMsufZbg5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjUwODIzMDMwMjIxWhcNMjUwODI0MDMwMjIxWjAzMTEwLwYDVQQD
EygxNGQ0MWU1NjBjMzExNmJiM2MxNzg3Mzg3YTY2NDRlOTI1M2E0ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+6p0YM2uLavZ0PLc3ko2Z4BmGhJ
DTc+sUr1ca2wHKQ5zHzz3KfBCntnruQI0s8Y+3gJfkNEBbJN+RWLv0fVItP6G2/M
2p7KhPdd8eNahLko8esoYqkNNVrdZB88Lmn0pl7L0BgEnpa2rP5B1g88cOeDox1Q
eqE+DAekkONcKAOuYINMLI7tXDyGX/DzEiUPH/mx5uDC1acjw4Wp5upz8GZ0MJ+t
JreOFg7S7NpWLiU9wNTgaC5BFfv9Hoqtvr3KtyU59769DcRLo/dRy1KCGH0Jx1wU
yduUT3TDw43w22QmDBflF4/K9nL5BqCb2P7evuEyzTygDY2WwPcj52BsbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTUHlYMMRa7PBeHOHpmROklOk1kMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsSek2PPA
NEnpqTlNJmpbOuNUmM0vl9Xycoxqv1YxwZmhRhW3tbxbDKRwW0q8PBV/lkua6/4H
NNXskbCNhZcuoNueWF8MBf3Q9DD4mP3Zp7ih0+Pk5z6c4QXcZtbolwtBLSF3ZP+3
NSroK7nlDYNivbNF0tznnjYAZiF6QFksrIznQ0IQ1bJMnoQmdn9mIyk+FWPwbiC3
00NjV21RmkFQWTgy6jdTgveN9qpNp8jZ4SqX4cakzKeslL6Vc7Op9Gc9f9G61agG
/wlWlym2jL2aH5DWAq2RpN75MCJ03sRpspqrbi2RD2iespy8uyindaYltjCaLGnO
WOyYKgBNW7z/Pg==
-----END CERTIFICATE-----