Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          4vULgjlzY4Yr81rHjcGVWvoh9EgCRj8wTxuIiK9LWvs=
Subject key identifier:   2D:67:7B:BD:AA:7A:38:4B:E6:44:CC:0A:EF:71:A7:80:EF:FA:D6:CA
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       0197B5C48C4EF563C9201F8EB158B9158700
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          0173
Signing time:             Sat 28 Jun 2025 09:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 09:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 09:00:46 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: 400w7DeBLstMeUZq6wsijPugTz2ixw7tQQyy18MO4vU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 09:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:c4:8c:4e:f5:63:c9:20:1f:8e:b1:58:b9:15:87:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Jun 28 09:00:46 2025 GMT
            Not After : Jun 29 09:00:46 2025 GMT
        Subject: CN=2d677bbdaa7a384be644cc0aef71a780effad6ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5c:47:ac:9b:43:b1:2c:f3:f7:10:3c:71:05:
                    ab:43:4a:7b:95:d9:93:cd:24:3a:b5:72:9f:ca:fc:
                    05:dd:08:00:02:3b:37:51:2b:91:3a:81:15:f6:93:
                    84:01:a1:1e:5b:b1:1b:94:f6:5e:d6:65:5a:8f:49:
                    76:4d:52:c5:ab:8a:57:b4:42:cf:d3:44:ec:1d:cc:
                    33:6f:bc:eb:75:f6:97:1c:73:53:50:04:b7:c5:58:
                    1c:06:0f:74:e3:7c:84:5a:bd:b6:95:03:a1:a1:a4:
                    56:86:0a:c5:c7:c3:4d:39:f6:11:6d:a1:db:3a:82:
                    84:5d:41:ab:0d:ea:d8:c1:26:d0:cd:74:32:4a:c6:
                    3e:14:77:3e:c5:84:d9:62:ea:8d:e7:01:5f:a0:5e:
                    d3:99:2b:54:c1:7b:9b:2a:1c:88:bb:de:73:34:80:
                    ce:9f:d2:d4:cf:c9:61:80:60:e4:65:54:cb:92:58:
                    ef:ef:e2:d3:41:cf:7f:0e:44:52:7e:64:1f:7b:63:
                    7f:e5:03:8b:a9:a5:55:69:53:be:63:30:29:f5:04:
                    61:23:f8:26:97:ba:17:22:ba:6e:44:13:c4:6f:be:
                    b0:07:3d:14:a6:36:75:4b:9c:36:1e:87:82:6c:28:
                    5d:c6:8f:31:af:93:12:11:eb:ba:66:92:b0:d3:46:
                    dd:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:67:7B:BD:AA:7A:38:4B:E6:44:CC:0A:EF:71:A7:80:EF:FA:D6:CA
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:33:0e:f8:d2:b2:a5:63:11:6d:56:50:1c:66:86:85:44:d9:
         34:1b:6b:8d:6b:a1:ed:10:a4:8e:9e:38:8f:f4:50:a6:be:85:
         e0:4d:35:52:fa:ca:6f:6d:37:e7:b4:15:3b:20:cf:07:ca:49:
         4f:f9:4f:84:e2:e0:b6:37:e0:5a:4c:26:7a:b9:d2:3b:26:12:
         bc:21:dc:9f:2b:bd:91:c7:6b:b5:0b:cd:23:e9:ff:1b:0a:cd:
         fb:80:6a:aa:68:d5:1c:59:2f:41:90:95:9b:13:ee:cc:67:8b:
         57:31:c4:96:1c:85:44:ac:11:bb:25:0e:48:d7:c1:8b:32:84:
         11:8f:66:fd:30:61:04:f8:9f:ac:4f:e5:a0:c4:fb:4f:40:f5:
         a5:98:07:59:c9:05:fb:65:13:5a:3d:6a:aa:ea:27:5d:e9:08:
         bd:88:8f:d4:f8:3d:d8:d7:ca:48:41:7a:6d:d6:bb:cf:f4:69:
         00:07:79:ae:60:a7:b8:e8:f7:f2:31:d9:e8:fb:cd:56:10:f0:
         eb:69:0f:ce:cc:d3:f0:d2:aa:2c:5d:44:4a:08:34:d0:8b:7d:
         74:d8:6a:93:57:4e:8b:27:44:51:82:e9:d6:6e:59:e2:f1:83:
         76:f1:2c:28:90:a9:c0:1b:c7:3b:42:88:05:88:a8:37:94:4f:
         7e:fa:fe:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xIxO9WPJIB+OsVi5FYcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwNjI4MDkwMDQ2WhcNMjUwNjI5MDkwMDQ2WjAzMTEwLwYDVQQD
EygyZDY3N2JiZGFhN2EzODRiZTY0NGNjMGFlZjcxYTc4MGVmZmFkNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlxHrJtDsSzz9xA8cQWrQ0p7ldmT
zSQ6tXKfyvwF3QgAAjs3USuROoEV9pOEAaEeW7EblPZe1mVaj0l2TVLFq4pXtELP
00TsHcwzb7zrdfaXHHNTUAS3xVgcBg9043yEWr22lQOhoaRWhgrFx8NNOfYRbaHb
OoKEXUGrDerYwSbQzXQySsY+FHc+xYTZYuqN5wFfoF7TmStUwXubKhyIu95zNIDO
n9LUz8lhgGDkZVTLkljv7+LTQc9/DkRSfmQfe2N/5QOLqaVVaVO+YzAp9QRhI/gm
l7oXIrpuRBPEb76wBz0UpjZ1S5w2HoeCbChdxo8xr5MSEeu6ZpKw00bdaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1ne72qejhL5kTMCu9xp4Dv+tbKMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkDMO+NKy
pWMRbVZQHGaGhUTZNBtrjWuh7RCkjp44j/RQpr6F4E01UvrKb20357QVOyDPB8pJ
T/lPhOLgtjfgWkwmernSOyYSvCHcnyu9kcdrtQvNI+n/GwrN+4BqqmjVHFkvQZCV
mxPuzGeLVzHElhyFRKwRuyUOSNfBizKEEY9m/TBhBPifrE/loMT7T0D1pZgHWckF
+2UTWj1qquonXekIvYiP1Pg92NfKSEF6bda7z/RpAAd5rmCnuOj38jHZ6PvNVhDw
62kPzszT8NKqLF1ESgg00It9dNhqk1dOiydEUYLp1m5Z4vGDdvEsKJCpwBvHO0KI
BYioN5RPfvr+nA==
-----END CERTIFICATE-----