Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          9t/BeUm9CDXPysy9TMaMa1ZCB7uNeShLRi0trc/U+gQ=
Subject key identifier:   CB:A4:D2:4E:0F:E0:86:3B:DD:A7:00:65:92:A4:40:1B:5C:D8:AA:9C
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0199239EC652415E5122546FB615CD8CE23C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0703
Signing time:             Sun 07 Sep 2025 10:00:31 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:31 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:31 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: oa7G3wO2LrprRTeLruNHDv8VMiuqfCY2d4CA7wU7eEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:c6:52:41:5e:51:22:54:6f:b6:15:cd:8c:e2:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Sep  7 10:00:31 2025 GMT
            Not After : Sep  8 10:00:31 2025 GMT
        Subject: CN=cba4d24e0fe0863bdda7006592a4401b5cd8aa9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1d:65:bc:a3:78:70:11:12:4b:60:1f:98:c8:
                    b0:6b:0b:b7:e2:a3:ac:11:d6:bd:ad:71:6c:73:8e:
                    de:d2:90:e7:61:81:4f:84:b8:54:79:66:0c:f3:00:
                    0e:d6:83:46:e8:4e:a8:fe:d6:39:97:17:da:c0:9e:
                    bb:17:12:52:2d:f8:c4:3f:7b:c6:ea:dd:17:99:50:
                    8c:d1:80:a8:f3:03:3a:5c:fd:57:3f:52:c0:53:66:
                    df:54:f3:bf:28:52:95:1c:18:a3:11:2d:1f:7f:38:
                    d7:9d:43:81:ac:24:f6:15:5b:d0:9b:05:21:7b:ed:
                    b8:22:71:a6:8b:51:30:f1:51:d2:0c:24:e4:7b:d2:
                    e0:a8:ff:5c:ab:40:16:ee:79:d4:ee:da:8d:28:64:
                    be:02:bf:34:c9:99:5c:90:25:03:aa:cc:fa:bf:58:
                    ba:2c:4d:09:c0:7d:ac:02:c6:29:3d:c9:26:ce:f9:
                    82:ed:95:3f:77:69:0b:2a:e2:fa:68:54:42:11:8e:
                    be:55:d7:86:d3:3e:33:42:2e:63:c2:89:7f:0e:f6:
                    4b:8a:fa:30:1b:ca:eb:51:36:93:46:1c:e7:26:ab:
                    85:ce:c9:78:e8:3b:75:fd:73:28:be:22:d5:c4:db:
                    89:8d:ac:be:0d:44:eb:09:b9:81:72:22:55:76:14:
                    5c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A4:D2:4E:0F:E0:86:3B:DD:A7:00:65:92:A4:40:1B:5C:D8:AA:9C
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:88:f6:af:df:de:bb:36:f9:a7:71:f0:9a:d3:e8:c1:2e:68:
         c0:04:81:1f:15:4e:9c:53:2d:b0:b2:ed:08:2d:40:e1:ec:22:
         f4:73:d3:8a:1c:6b:3e:63:c0:43:de:9c:4e:f3:20:92:8c:34:
         9d:95:15:2a:1e:ba:75:9b:f2:15:8f:be:24:af:bf:bf:79:e3:
         42:d3:ed:e0:54:6d:69:fc:6e:96:9b:a5:7c:45:76:bf:38:05:
         73:6f:d9:99:0d:5c:dc:8e:e8:98:93:89:89:b9:71:eb:35:e0:
         5a:1c:01:71:49:38:1f:75:64:9e:15:a8:3c:3e:59:a7:56:53:
         15:df:2a:7a:7d:f7:bc:da:24:8c:a8:35:45:46:ac:42:01:9b:
         d4:59:46:e1:66:15:32:08:40:66:2c:2c:19:8b:ee:01:66:63:
         ea:b6:1c:6f:94:fe:d3:2d:2d:50:be:49:7a:83:06:6d:c0:65:
         6a:b3:be:3f:b7:e3:1a:f9:94:40:49:14:14:03:5f:89:c4:53:
         07:c9:82:6e:06:45:23:d1:a8:d8:b2:13:4a:3a:8c:6e:28:bf:
         29:e0:74:35:82:b8:69:60:92:99:0b:14:22:65:e3:f2:42:61:
         4e:91:da:7e:5b:e7:ef:bf:98:6e:0a:d5:ab:d8:bf:33:3a:1f:
         2e:ff:09:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnsZSQV5RIlRvthXNjOI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwOTA3MTAwMDMxWhcNMjUwOTA4MTAwMDMxWjAzMTEwLwYDVQQD
EyhjYmE0ZDI0ZTBmZTA4NjNiZGRhNzAwNjU5MmE0NDAxYjVjZDhhYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnx1lvKN4cBESS2AfmMiwawu34qOs
Eda9rXFsc47e0pDnYYFPhLhUeWYM8wAO1oNG6E6o/tY5lxfawJ67FxJSLfjEP3vG
6t0XmVCM0YCo8wM6XP1XP1LAU2bfVPO/KFKVHBijES0ffzjXnUOBrCT2FVvQmwUh
e+24InGmi1Ew8VHSDCTke9LgqP9cq0AW7nnU7tqNKGS+Ar80yZlckCUDqsz6v1i6
LE0JwH2sAsYpPckmzvmC7ZU/d2kLKuL6aFRCEY6+VdeG0z4zQi5jwol/DvZLivow
G8rrUTaTRhznJquFzsl46Dt1/XMoviLVxNuJjay+DUTrCbmBciJVdhRclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuk0k4P4IY73acAZZKkQBtc2KqcMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4j2r9/e
uzb5p3HwmtPowS5owASBHxVOnFMtsLLtCC1A4ewi9HPTihxrPmPAQ96cTvMgkow0
nZUVKh66dZvyFY++JK+/v3njQtPt4FRtafxulpulfEV2vzgFc2/ZmQ1c3I7omJOJ
iblx6zXgWhwBcUk4H3VknhWoPD5Zp1ZTFd8qen33vNokjKg1RUasQgGb1FlG4WYV
MghAZiwsGYvuAWZj6rYcb5T+0y0tUL5JeoMGbcBlarO+P7fjGvmUQEkUFANficRT
B8mCbgZFI9Go2LITSjqMbii/KeB0NYK4aWCSmQsUImXj8kJhTpHaflvn77+YbgrV
q9i/MzofLv8Jwg==
-----END CERTIFICATE-----