Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          sogeBfLlscq8aRZXYu6wLjCGEvbIZYQSbQY7uHnyVRI=
Subject key identifier:   BB:2B:BC:27:FF:C3:00:C4:D4:AC:D5:18:5D:EF:0F:65:66:64:0B:01
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       0198D4E0468A07BFF9AB5D3E6BDC7D592F67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          09F3
Signing time:             Sat 23 Aug 2025 03:02:04 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:04 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:04 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: cd1S4gHR+yI4mE6to+kCJHB64tdxd0dG2Zhq0gFCTME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:46:8a:07:bf:f9:ab:5d:3e:6b:dc:7d:59:2f:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Aug 23 03:02:04 2025 GMT
            Not After : Aug 24 03:02:04 2025 GMT
        Subject: CN=bb2bbc27ffc300c4d4acd5185def0f6566640b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4b:85:11:f9:c1:54:ce:58:5b:d3:ad:26:af:
                    30:af:55:59:84:64:69:17:cf:af:c2:34:70:97:6e:
                    5b:55:2d:85:69:f3:36:e3:b5:d7:15:b7:ce:d4:b6:
                    72:04:76:07:94:44:0b:0f:1f:c7:7f:27:83:87:b8:
                    b4:b8:f9:53:9c:08:c4:28:76:e4:19:32:9d:45:aa:
                    a6:51:79:a2:4a:42:35:17:c3:f5:03:89:22:e8:23:
                    75:09:08:a3:80:5d:79:24:43:58:a6:61:1c:42:0e:
                    0c:22:f8:3b:56:ec:e4:01:d7:5e:ce:9b:52:11:b3:
                    99:26:bf:62:e5:fe:eb:44:a1:07:90:00:d7:56:e1:
                    0b:0f:fa:f7:65:f3:4c:8a:c1:66:67:ec:c3:10:00:
                    f8:18:6b:4c:dc:da:5e:23:9f:bc:0f:2b:49:73:37:
                    3c:17:b7:ba:12:1a:69:87:60:1c:5f:a3:5c:1f:50:
                    67:59:e8:a3:6a:30:81:e9:92:bc:fe:5d:52:72:1f:
                    9c:ea:29:da:b3:bd:86:72:6b:f8:b0:20:64:0d:83:
                    b4:4c:4c:0a:57:7d:5a:70:f3:32:91:3b:fa:df:f9:
                    02:f0:48:93:02:95:4e:8b:52:a4:87:42:cc:31:2c:
                    fd:29:5e:83:5e:ea:ca:2e:48:fd:6c:c5:0c:11:8d:
                    b1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:2B:BC:27:FF:C3:00:C4:D4:AC:D5:18:5D:EF:0F:65:66:64:0B:01
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:ad:f5:f0:eb:b2:86:96:e0:9a:3c:c6:2b:fd:44:53:25:38:
         98:84:66:de:f7:ba:62:f1:6a:b6:85:b9:1c:29:3b:eb:77:8d:
         ed:62:9f:7b:55:7a:e0:92:6d:d9:32:70:9c:fe:8c:ae:d7:c7:
         14:83:65:9c:1c:93:96:d4:db:a8:04:d3:70:96:41:8d:a9:0d:
         18:dd:e8:6c:68:8e:8f:35:b4:52:76:ef:fb:91:82:f2:a7:b6:
         85:45:51:b5:30:1b:45:61:58:d5:92:37:aa:da:cb:98:20:1e:
         b3:f3:c9:c7:54:ac:cd:ed:5d:d3:8c:4a:4f:76:1e:f8:93:86:
         19:a4:f7:f6:3c:5c:60:cf:15:50:a8:47:86:f0:4b:11:f9:6c:
         b1:23:77:71:8f:98:23:df:24:db:8c:e0:84:8f:fe:ce:41:7d:
         57:63:38:17:63:f7:a2:09:f6:44:d2:1e:04:2e:22:0d:4a:e7:
         18:01:02:8c:e2:ba:8d:4e:a9:dc:47:31:f3:3f:aa:dd:3e:38:
         7c:f4:e4:bc:5c:6b:2b:34:ef:6a:72:ff:b5:75:46:89:cf:b4:
         e6:9e:46:70:76:90:76:62:8a:e8:25:35:af:fe:2f:2f:dd:ff:
         ce:ab:77:c9:44:d2:12:d8:18:fb:05:56:f9:88:c5:9e:81:b3:
         e5:d2:48:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4EaKB7/5q10+a9x9WS9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUwODIzMDMwMjA0WhcNMjUwODI0MDMwMjA0WjAzMTEwLwYDVQQD
EyhiYjJiYmMyN2ZmYzMwMGM0ZDRhY2Q1MTg1ZGVmMGY2NTY2NjQwYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkuFEfnBVM5YW9OtJq8wr1VZhGRp
F8+vwjRwl25bVS2FafM247XXFbfO1LZyBHYHlEQLDx/HfyeDh7i0uPlTnAjEKHbk
GTKdRaqmUXmiSkI1F8P1A4ki6CN1CQijgF15JENYpmEcQg4MIvg7VuzkAddezptS
EbOZJr9i5f7rRKEHkADXVuELD/r3ZfNMisFmZ+zDEAD4GGtM3NpeI5+8DytJczc8
F7e6Ehpph2AcX6NcH1BnWeijajCB6ZK8/l1Sch+c6inas72Gcmv4sCBkDYO0TEwK
V31acPMykTv63/kC8EiTApVOi1Kkh0LMMSz9KV6DXurKLkj9bMUMEY2x+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsrvCf/wwDE1KzVGF3vD2VmZAsBMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfq318Ouy
hpbgmjzGK/1EUyU4mIRm3ve6YvFqtoW5HCk763eN7WKfe1V64JJt2TJwnP6MrtfH
FINlnByTltTbqATTcJZBjakNGN3obGiOjzW0Unbv+5GC8qe2hUVRtTAbRWFY1ZI3
qtrLmCAes/PJx1Ssze1d04xKT3Ye+JOGGaT39jxcYM8VUKhHhvBLEflssSN3cY+Y
I98k24zghI/+zkF9V2M4F2P3ogn2RNIeBC4iDUrnGAECjOK6jU6p3Ecx8z+q3T44
fPTkvFxrKzTvanL/tXVGic+05p5GcHaQdmKK6CU1r/4vL93/zqt3yUTSEtgY+wVW
+YjFnoGz5dJILA==
-----END CERTIFICATE-----