Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          x/JpcmktLHGS+Fzwb3Zyobg8ATS2i4nvLOHK17unJJ0=
Subject key identifier:   D0:16:50:27:2E:62:ED:42:2E:BB:4A:28:55:F1:02:C7:D7:6E:9E:E8
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       0198D4E0A598E5DEEB09266F18016BAB02ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 03:02:28 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:28 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:28 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: j74mJwLmxfU6zzmxBU0CKAEJ+DG7JAB3HBHev0lS2fc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:a5:98:e5:de:eb:09:26:6f:18:01:6b:ab:02:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Aug 23 03:02:28 2025 GMT
            Not After : Aug 24 03:02:28 2025 GMT
        Subject: CN=d01650272e62ed422ebb4a2855f102c7d76e9ee8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:19:c8:63:ed:a0:c9:99:cc:a5:a9:66:07:e0:
                    fa:ab:f8:86:83:03:45:c6:b0:0b:d7:9d:e4:44:80:
                    6a:2e:72:45:aa:56:f9:60:22:af:b3:f4:23:f0:ad:
                    6c:d4:6f:53:19:30:ac:e4:c6:88:23:87:5f:84:7a:
                    0a:07:33:42:9b:1a:78:16:e6:6c:aa:cf:52:85:de:
                    d5:e7:bb:2e:08:0e:0f:33:95:7a:37:4e:5b:af:94:
                    61:71:ff:e5:01:6f:1c:17:a5:86:28:cc:e0:7a:f4:
                    81:3a:3f:b9:10:ae:e0:ca:ca:a1:3c:3e:00:86:12:
                    a7:95:38:a1:eb:0f:23:80:5c:cd:74:de:9a:91:75:
                    c2:37:b8:86:09:1e:02:8d:4d:cc:88:2b:e9:ec:45:
                    dc:06:e3:f9:e8:72:ae:a5:c3:c8:c7:c9:81:cd:07:
                    38:ee:25:0c:94:f5:1e:01:a1:54:50:3a:a2:64:36:
                    45:cd:f9:24:ed:5c:fe:94:41:10:1f:8a:59:36:4c:
                    5e:70:8a:1b:09:51:9e:40:22:27:db:a6:9d:5d:eb:
                    46:56:de:a7:f6:41:72:60:de:e4:bc:04:ef:c0:fd:
                    5c:75:05:8c:04:e9:19:16:b8:60:eb:2d:d3:c7:44:
                    e3:07:0e:42:60:d1:23:1a:d3:34:c9:eb:de:c4:4b:
                    d0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:16:50:27:2E:62:ED:42:2E:BB:4A:28:55:F1:02:C7:D7:6E:9E:E8
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:5d:48:cb:1e:e0:1a:9a:a9:78:d0:03:96:e6:4f:ae:c6:83:
         13:91:71:a1:2f:5c:6b:8b:cb:53:eb:ec:b6:ad:4b:b5:f8:a6:
         50:4c:75:cf:3b:58:7a:b0:1c:82:6a:1f:cb:bd:27:ea:6d:b7:
         0f:d9:3e:74:d5:f7:4f:ae:49:e2:5c:00:59:da:2c:cf:5f:f4:
         5a:76:c3:d5:07:12:20:49:40:b5:50:ed:a9:9b:c9:c6:e6:74:
         ae:42:b0:73:09:ee:fa:fe:21:2e:be:21:40:50:1f:c7:0e:09:
         68:e1:95:5b:05:1a:89:88:0b:93:e7:15:ab:fa:6d:d1:63:e2:
         94:a1:59:48:bf:92:3f:16:02:80:72:78:37:e6:77:0b:28:fb:
         1a:76:43:7b:51:25:20:9b:88:b1:76:21:89:60:89:11:71:13:
         3f:99:9b:98:48:ea:9a:1d:d6:9b:9a:b2:47:36:16:9e:1e:db:
         70:0c:e9:61:90:b6:d3:6c:92:5d:bf:05:39:0d:9f:31:76:23:
         f2:c0:f6:4a:b0:25:79:77:bd:7d:84:45:d5:1e:c7:10:2e:22:
         f1:d4:f2:1e:93:2f:5a:02:46:91:7b:b6:00:f7:30:a9:7d:67:
         5d:a2:d6:af:56:71:cc:36:f0:81:d1:40:77:79:ac:38:9b:a5:
         af:6e:f0:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4KWY5d7rCSZvGAFrqwLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUwODIzMDMwMjI4WhcNMjUwODI0MDMwMjI4WjAzMTEwLwYDVQQD
EyhkMDE2NTAyNzJlNjJlZDQyMmViYjRhMjg1NWYxMDJjN2Q3NmU5ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxnIY+2gyZnMpalmB+D6q/iGgwNF
xrAL153kRIBqLnJFqlb5YCKvs/Qj8K1s1G9TGTCs5MaII4dfhHoKBzNCmxp4FuZs
qs9Shd7V57suCA4PM5V6N05br5Rhcf/lAW8cF6WGKMzgevSBOj+5EK7gysqhPD4A
hhKnlTih6w8jgFzNdN6akXXCN7iGCR4CjU3MiCvp7EXcBuP56HKupcPIx8mBzQc4
7iUMlPUeAaFUUDqiZDZFzfkk7Vz+lEEQH4pZNkxecIobCVGeQCIn26adXetGVt6n
9kFyYN7kvATvwP1cdQWMBOkZFrhg6y3Tx0TjBw5CYNEjGtM0yevexEvQRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAWUCcuYu1CLrtKKFXxAsfXbp7oMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACV1Iyx7g
GpqpeNADluZPrsaDE5FxoS9ca4vLU+vstq1LtfimUEx1zztYerAcgmofy70n6m23
D9k+dNX3T65J4lwAWdosz1/0WnbD1QcSIElAtVDtqZvJxuZ0rkKwcwnu+v4hLr4h
QFAfxw4JaOGVWwUaiYgLk+cVq/pt0WPilKFZSL+SPxYCgHJ4N+Z3Cyj7GnZDe1El
IJuIsXYhiWCJEXETP5mbmEjqmh3Wm5qyRzYWnh7bcAzpYZC202ySXb8FOQ2fMXYj
8sD2SrAleXe9fYRF1R7HEC4i8dTyHpMvWgJGkXu2APcwqX1nXaLWr1ZxzDbwgdFA
d3msOJulr27wcg==
-----END CERTIFICATE-----