Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File:                     3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier:          MEeiVm45xzFD7G2vf7mhJIJWlcjriwDnvzDQ4cgbfU0=
Subject key identifier:   7E:70:CB:24:9D:AE:1C:1A:6C:05:A6:AB:A1:6B:56:88:5D:21:9E:A2
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer:       /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial:       0198D5F14694076E04D710BE4136ABE8F8B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number:          0F79
Signing time:             Sat 23 Aug 2025 08:00:15 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:15 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:15 +0000
Files and hashes:         1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: qck3/ibQkz95eMxEiCNXRyw4qanxXCu0toaMggXhkOw=)
                          2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:46:94:07:6e:04:d7:10:be:41:36:ab:e8:f8:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
        Validity
            Not Before: Aug 23 08:00:15 2025 GMT
            Not After : Aug 24 08:00:15 2025 GMT
        Subject: CN=7e70cb249dae1c1a6c05a6aba16b56885d219ea2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8f:19:0d:f9:75:d1:34:01:bc:68:45:73:f9:
                    d1:a3:64:39:3c:f1:7f:47:19:a0:4d:05:f1:0b:13:
                    87:d5:7c:01:fb:25:26:6b:e1:41:b1:eb:60:bd:8a:
                    80:76:74:19:45:3d:13:9a:77:06:14:4f:0d:74:34:
                    2b:ba:53:d8:29:c8:17:3b:70:05:09:84:f1:12:e0:
                    c3:0c:1a:b2:f6:17:32:10:52:9b:42:c2:5e:6f:bf:
                    f6:f6:3d:b1:1b:bd:08:7d:64:dd:b1:ca:79:4e:2c:
                    9a:a1:a5:de:5f:98:4b:52:ca:10:80:8d:ea:fb:d7:
                    c9:66:77:8f:08:03:47:f2:98:2a:58:58:59:48:d4:
                    1f:d7:d8:9c:99:b6:96:13:ef:9c:f0:0d:e3:3e:98:
                    7e:27:c8:12:c4:9a:ac:dd:6b:ed:13:8c:9b:89:e2:
                    d3:66:84:9f:f9:f6:5c:73:62:98:1c:5f:f7:c1:99:
                    c7:9c:f7:f7:e5:2f:fb:07:ed:eb:6a:d5:81:ae:ff:
                    57:e8:10:ed:3d:a9:23:b2:ea:a3:1d:20:ce:a2:f2:
                    40:18:3f:58:62:5c:9b:b5:ab:c1:4e:20:e5:7b:c9:
                    39:7c:10:e7:5b:60:48:58:c8:84:df:ee:bc:e6:b5:
                    29:8e:98:9f:f2:a8:78:62:76:f3:a5:f2:79:60:78:
                    3d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:70:CB:24:9D:AE:1C:1A:6C:05:A6:AB:A1:6B:56:88:5D:21:9E:A2
            X509v3 Authority Key Identifier:
                keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:35:fe:80:4e:f5:e0:36:87:1d:52:3d:fd:ea:1f:a6:9d:3c:
         c6:02:ce:ed:57:0e:ba:b7:04:b0:03:be:c7:de:56:51:eb:90:
         45:63:0a:4a:5e:be:83:43:9d:cb:e6:df:36:0f:61:c3:d1:3d:
         9d:22:2a:3b:bf:4a:f1:5b:a1:7b:4a:e5:77:47:c5:a5:0a:c2:
         86:28:fc:06:32:56:75:f1:90:e6:1c:68:5a:a0:5b:ce:7c:75:
         6b:be:e2:da:eb:ea:95:46:83:cf:b7:af:45:68:6f:6d:3c:d2:
         bb:7f:02:79:af:b9:f1:bb:5b:96:51:16:96:bc:ec:16:30:7c:
         aa:bf:29:c8:59:8b:1d:c1:3a:95:27:7f:b1:76:9c:bf:4c:44:
         09:b7:04:c5:71:30:4c:ea:77:40:51:6c:e8:8a:13:f1:91:1f:
         17:ca:ad:0f:b8:74:55:d3:b0:0a:d8:31:aa:da:c3:38:56:36:
         3c:de:b5:a1:29:8c:08:5e:1b:c9:15:f0:8b:7e:29:cf:cf:58:
         d9:5f:d8:f5:ab:bc:92:b5:a3:38:2b:f4:de:d8:43:5b:0e:c8:
         77:de:d9:94:9e:5c:60:e2:e6:1f:1e:ab:ec:05:8d:b9:ac:b0:
         4c:76:0c:be:ce:3e:6c:ae:2e:80:ca:74:4f:e5:ab:77:4d:5b:
         47:19:7e:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8UaUB24E1xC+QTar6Pi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjUwODIzMDgwMDE1WhcNMjUwODI0MDgwMDE1WjAzMTEwLwYDVQQD
Eyg3ZTcwY2IyNDlkYWUxYzFhNmMwNWE2YWJhMTZiNTY4ODVkMjE5ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA048ZDfl10TQBvGhFc/nRo2Q5PPF/
RxmgTQXxCxOH1XwB+yUma+FBsetgvYqAdnQZRT0TmncGFE8NdDQrulPYKcgXO3AF
CYTxEuDDDBqy9hcyEFKbQsJeb7/29j2xG70IfWTdscp5TiyaoaXeX5hLUsoQgI3q
+9fJZnePCANH8pgqWFhZSNQf19icmbaWE++c8A3jPph+J8gSxJqs3WvtE4ybieLT
ZoSf+fZcc2KYHF/3wZnHnPf35S/7B+3ratWBrv9X6BDtPakjsuqjHSDOovJAGD9Y
YlybtavBTiDle8k5fBDnW2BIWMiE3+685rUpjpif8qh4YnbzpfJ5YHg9OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5wyySdrhwabAWmq6FrVohdIZ6iMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzX+gE71
4DaHHVI9/eofpp08xgLO7VcOurcEsAO+x95WUeuQRWMKSl6+g0Ody+bfNg9hw9E9
nSIqO79K8Vuhe0rld0fFpQrChij8BjJWdfGQ5hxoWqBbznx1a77i2uvqlUaDz7ev
RWhvbTzSu38Cea+58btbllEWlrzsFjB8qr8pyFmLHcE6lSd/sXacv0xECbcExXEw
TOp3QFFs6IoT8ZEfF8qtD7h0VdOwCtgxqtrDOFY2PN61oSmMCF4byRXwi34pz89Y
2V/Y9au8krWjOCv03thDWw7Id97ZlJ5cYOLmHx6r7AWNuaywTHYMvs4+bK4ugMp0
T+Wrd01bRxl+9w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:03:01 2025 by rpki-client