Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          tP8QDvMSQ0c7ExiIOumNH2HX+AcX9aLxCFnlckeARoI=
Subject key identifier:   64:59:9B:2D:85:A6:05:92:CC:E8:03:68:64:1C:2C:D3:09:96:0A:4F
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       0198D5839E72F65145275713DD240A3673A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          0208
Signing time:             Sat 23 Aug 2025 06:00:29 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:29 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:29 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: Btt+zdmJX/FxcIgbG3AIl/WDhIIvkZ/iiGTZtfF2us0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:9e:72:f6:51:45:27:57:13:dd:24:0a:36:73:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Aug 23 06:00:29 2025 GMT
            Not After : Aug 24 06:00:29 2025 GMT
        Subject: CN=64599b2d85a60592cce80368641c2cd309960a4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5f:08:1b:5a:df:74:d6:94:9a:41:98:72:58:
                    ad:5a:65:91:e8:ec:ba:e7:ef:ce:dd:44:4d:45:fc:
                    a2:fa:63:de:3d:e8:3f:c0:d4:86:44:6f:5d:6e:67:
                    80:c6:c6:6b:d3:64:09:66:f8:82:a5:d3:92:18:43:
                    67:9b:43:21:65:19:15:b9:14:b2:04:69:d2:20:8c:
                    40:b7:57:8c:85:3c:2a:80:ae:fc:94:80:4a:ef:2e:
                    6f:ce:8b:31:1a:d8:36:93:fe:27:c3:56:d9:80:f0:
                    67:11:53:bf:4a:91:e7:db:d1:a7:aa:0d:08:95:ea:
                    a2:31:f1:62:65:11:68:01:1b:da:c6:e3:e9:c6:cf:
                    f8:f2:22:db:f4:45:e3:2a:55:7f:e0:79:77:84:62:
                    27:61:92:99:89:ad:b9:e5:82:82:52:87:d2:39:d5:
                    90:25:2c:7d:f8:b0:37:c7:ad:f5:50:02:13:ee:32:
                    58:02:a1:00:3d:65:5c:17:65:d2:7e:47:ec:7d:85:
                    63:36:af:d0:75:67:72:90:12:ba:45:67:44:9c:94:
                    90:44:92:44:15:1c:3f:00:34:34:b5:26:7a:5c:2f:
                    d8:f4:d8:54:11:e2:32:4b:66:ca:97:a5:00:1e:0a:
                    e3:85:2e:77:db:29:22:54:e4:9b:5b:c4:8a:dc:28:
                    9f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:59:9B:2D:85:A6:05:92:CC:E8:03:68:64:1C:2C:D3:09:96:0A:4F
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:44:4e:28:49:15:7b:8a:72:bc:a4:3f:be:f1:b1:4a:bb:9b:
         8b:cd:9b:dd:63:19:31:be:53:45:ff:35:64:69:dd:94:a8:e2:
         6c:e4:b2:f6:b1:fe:a6:99:6c:e8:4f:8b:cc:4d:ee:15:c7:d9:
         7c:74:e8:35:1d:df:ee:66:96:a4:98:63:52:d2:4d:40:e3:a2:
         6c:64:7d:e8:95:12:93:ca:22:8a:ec:1d:2d:60:b3:6f:1d:6e:
         be:aa:77:fc:32:50:88:fe:17:47:8a:26:e1:00:da:28:24:22:
         7b:6b:a2:f6:a3:4c:24:c0:e7:99:f6:79:f6:61:34:03:51:2f:
         9d:24:bb:6a:10:cc:9b:19:1d:ad:d6:79:53:3c:be:f3:ae:a1:
         be:de:66:ce:af:41:06:1d:04:ef:0b:b9:d0:2b:1e:b8:af:c8:
         a9:12:3b:4a:48:0d:f1:af:84:5d:7f:a9:bf:e6:84:4e:a4:77:
         54:02:b3:e4:d3:57:4a:aa:4a:1b:1d:ef:ea:0a:59:2b:7e:a5:
         73:7e:9f:6a:3c:10:8d:67:3c:bd:be:95:99:81:ff:26:ca:1c:
         7b:a0:0a:c8:d2:37:7c:1f:7a:64:56:86:4f:45:a3:03:86:dd:
         65:30:b2:24:7b:d2:9e:44:17:60:31:60:97:dd:fc:86:88:96:
         9e:c1:86:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg55y9lFFJ1cT3SQKNnOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwODIzMDYwMDI5WhcNMjUwODI0MDYwMDI5WjAzMTEwLwYDVQQD
Eyg2NDU5OWIyZDg1YTYwNTkyY2NlODAzNjg2NDFjMmNkMzA5OTYwYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV8IG1rfdNaUmkGYclitWmWR6Oy6
5+/O3URNRfyi+mPePeg/wNSGRG9dbmeAxsZr02QJZviCpdOSGENnm0MhZRkVuRSy
BGnSIIxAt1eMhTwqgK78lIBK7y5vzosxGtg2k/4nw1bZgPBnEVO/SpHn29Gnqg0I
leqiMfFiZRFoARvaxuPpxs/48iLb9EXjKlV/4Hl3hGInYZKZia255YKCUofSOdWQ
JSx9+LA3x631UAIT7jJYAqEAPWVcF2XSfkfsfYVjNq/QdWdykBK6RWdEnJSQRJJE
FRw/ADQ0tSZ6XC/Y9NhUEeIyS2bKl6UAHgrjhS532ykiVOSbW8SK3CifcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRZmy2FpgWSzOgDaGQcLNMJlgpPMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEROKEkV
e4pyvKQ/vvGxSrubi82b3WMZMb5TRf81ZGndlKjibOSy9rH+ppls6E+LzE3uFcfZ
fHToNR3f7maWpJhjUtJNQOOibGR96JUSk8oiiuwdLWCzbx1uvqp3/DJQiP4XR4om
4QDaKCQie2ui9qNMJMDnmfZ59mE0A1EvnSS7ahDMmxkdrdZ5Uzy+866hvt5mzq9B
Bh0E7wu50CseuK/IqRI7SkgN8a+EXX+pv+aETqR3VAKz5NNXSqpKGx3v6gpZK36l
c36fajwQjWc8vb6VmYH/Jsoce6AKyNI3fB96ZFaGT0WjA4bdZTCyJHvSnkQXYDFg
l938hoiWnsGGaA==
-----END CERTIFICATE-----