Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          mxWaJmchZ/gi0g+si11TY5vVfo0El7wy8BPkAI5aOV0=
Subject key identifier:   47:02:09:4B:E7:FD:0B:4D:1D:79:CE:D2:D6:55:FD:7E:ED:58:E1:EE
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019847E46B33B1FC2C49D8F36FC9F0745D82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          15FD
Signing time:             Sat 26 Jul 2025 18:00:08 +0000
Manifest this update:     Sat 26 Jul 2025 18:00:08 +0000
Manifest next update:     Sun 27 Jul 2025 18:00:08 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: HnkQLMZlH+9Ecji3rWaM1JHc6SbC2G3vPxBj2XJms8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:e4:6b:33:b1:fc:2c:49:d8:f3:6f:c9:f0:74:5d:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Jul 26 18:00:08 2025 GMT
            Not After : Jul 27 18:00:08 2025 GMT
        Subject: CN=4702094be7fd0b4d1d79ced2d655fd7eed58e1ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:74:0c:4d:d7:5e:d7:52:b5:aa:b9:d7:59:b4:
                    66:42:ab:25:c3:35:49:69:37:ca:29:b2:e8:3b:51:
                    9f:6f:df:4d:29:0e:b2:39:fc:b3:d4:2d:07:68:fb:
                    5b:12:53:49:1e:bc:26:92:72:dd:e7:67:28:51:b4:
                    e9:60:22:d8:c9:4a:67:28:a7:de:9f:d0:7c:af:a2:
                    cd:b8:63:41:94:6a:f6:b2:44:63:48:94:0e:09:e3:
                    ed:bf:29:0d:a3:76:6a:5c:8a:ec:80:34:09:3b:1f:
                    8a:25:d0:19:da:f8:24:ba:bc:85:d3:08:e0:82:ee:
                    89:cd:58:51:36:9b:2c:78:3e:27:ef:d2:6f:f5:09:
                    57:49:1d:6a:bc:b8:a5:35:e7:5a:cd:b9:bb:23:b7:
                    29:5e:8f:7d:21:08:a6:21:54:36:80:c4:e3:cc:44:
                    84:04:0d:79:24:9f:b9:22:33:0f:5f:9a:0b:4c:66:
                    aa:9b:4d:2d:be:db:7f:6c:2c:39:29:e6:55:67:b2:
                    76:0d:a3:eb:be:a2:0e:62:ef:a3:23:13:5f:77:84:
                    01:43:e9:62:26:39:04:d3:a9:07:d2:3e:b5:b2:cd:
                    5c:e7:05:97:7e:14:f8:17:5b:6f:f5:ce:bf:47:f7:
                    ef:4d:57:39:19:11:cb:d3:4e:3a:d2:98:b0:d5:18:
                    b4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:02:09:4B:E7:FD:0B:4D:1D:79:CE:D2:D6:55:FD:7E:ED:58:E1:EE
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:43:1f:73:8e:0f:cb:de:c5:6d:e9:af:fb:e4:0c:23:c8:e5:
         a1:45:08:f3:0b:32:10:48:b6:6f:72:89:3c:5b:24:7e:f0:30:
         01:d2:52:01:b4:fa:8f:14:90:1f:a7:1f:d8:47:47:f2:50:87:
         1c:e2:e0:f6:a0:9f:7c:55:a9:8c:03:b6:13:de:e4:c6:17:b2:
         2a:71:4f:c7:9d:41:60:2d:42:d5:86:a3:b6:94:69:aa:75:56:
         a3:28:ab:f8:1e:2b:46:55:79:34:80:f8:05:28:6b:b2:05:ef:
         1a:b0:cb:f1:a7:e5:b7:53:1c:55:35:eb:47:bc:38:84:90:08:
         77:e8:18:a2:75:0d:03:d9:61:ec:cb:15:86:24:40:1e:22:b0:
         2f:db:b5:a4:18:5b:5c:5e:26:81:1a:ba:ff:1b:32:5d:9d:2f:
         03:2c:de:3b:dc:da:90:c5:14:5b:2b:d9:90:3e:10:f3:34:98:
         2f:25:f8:97:bb:7b:34:8e:d4:51:81:72:cd:8d:ea:80:4a:db:
         a5:25:58:20:52:79:63:29:0b:d2:a0:20:95:45:64:12:ee:51:
         ae:18:ef:18:7d:b0:33:dc:21:e5:1e:77:41:3d:80:69:eb:03:
         84:b6:58:69:b9:a8:1c:e4:e0:f8:61:3f:a3:41:a3:6e:27:44:
         e6:da:57:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhH5GszsfwsSdjzb8nwdF2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNzI2MTgwMDA4WhcNMjUwNzI3MTgwMDA4WjAzMTEwLwYDVQQD
Eyg0NzAyMDk0YmU3ZmQwYjRkMWQ3OWNlZDJkNjU1ZmQ3ZWVkNThlMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3QMTdde11K1qrnXWbRmQqslwzVJ
aTfKKbLoO1Gfb99NKQ6yOfyz1C0HaPtbElNJHrwmknLd52coUbTpYCLYyUpnKKfe
n9B8r6LNuGNBlGr2skRjSJQOCePtvykNo3ZqXIrsgDQJOx+KJdAZ2vgkuryF0wjg
gu6JzVhRNpsseD4n79Jv9QlXSR1qvLilNedazbm7I7cpXo99IQimIVQ2gMTjzESE
BA15JJ+5IjMPX5oLTGaqm00tvtt/bCw5KeZVZ7J2DaPrvqIOYu+jIxNfd4QBQ+li
JjkE06kH0j61ss1c5wWXfhT4F1tv9c6/R/fvTVc5GRHL00460piw1Ri0qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcCCUvn/QtNHXnO0tZV/X7tWOHuMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEMfc44P
y97Fbemv++QMI8jloUUI8wsyEEi2b3KJPFskfvAwAdJSAbT6jxSQH6cf2EdH8lCH
HOLg9qCffFWpjAO2E97kxheyKnFPx51BYC1C1YajtpRpqnVWoyir+B4rRlV5NID4
BShrsgXvGrDL8aflt1McVTXrR7w4hJAId+gYonUNA9lh7MsVhiRAHiKwL9u1pBhb
XF4mgRq6/xsyXZ0vAyzeO9zakMUUWyvZkD4Q8zSYLyX4l7t7NI7UUYFyzY3qgErb
pSVYIFJ5YykL0qAglUVkEu5RrhjvGH2wM9wh5R53QT2AaesDhLZYabmoHOTg+GE/
o0GjbidE5tpX/Q==
-----END CERTIFICATE-----