Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
File:                     3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft (raw, json)
Hash identifier:          iu4Vrwt2ZWCUKKaZJ/irqSE8aZg+e0nR80vqwaJF9mo=
Subject key identifier:   34:BE:0A:A6:31:EF:53:E5:1C:0D:F9:73:BF:D3:C1:89:F0:37:E3:FA
Authority key identifier: DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24
Certificate issuer:       /CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
Certificate serial:       01991688A0AEFB3CDC5AED545FBC26E1CF12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
Manifest number:          05A2
Signing time:             Thu 04 Sep 2025 21:01:16 +0000
Manifest this update:     Thu 04 Sep 2025 21:01:16 +0000
Manifest next update:     Fri 05 Sep 2025 21:01:16 +0000
Files and hashes:         1: 3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl (hash: RDqQQeES/C2W4G4s2D9UGJd6KOEPDRAu/WlWvTCf5Fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 21:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:88:a0:ae:fb:3c:dc:5a:ed:54:5f:bc:26:e1:cf:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
        Validity
            Not Before: Sep  4 21:01:16 2025 GMT
            Not After : Sep  5 21:01:16 2025 GMT
        Subject: CN=34be0aa631ef53e51c0df973bfd3c189f037e3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8b:8c:41:31:ac:c2:87:f2:0c:bd:95:22:90:
                    f8:d9:c9:05:5c:82:c7:60:96:f1:5d:39:4a:04:31:
                    de:d5:20:3e:be:57:b4:ff:46:a9:e4:a7:6c:6e:0c:
                    b6:87:e8:cf:a5:8f:63:6b:5a:e9:c4:2a:0a:c7:e0:
                    da:54:ed:ac:d4:40:d0:cb:ea:73:64:bc:67:8d:7d:
                    94:e5:93:8d:9a:97:0c:55:23:58:14:26:58:f7:f9:
                    54:ca:7e:e8:ab:4b:ab:e2:00:51:c3:8a:56:6a:97:
                    a0:ae:ae:fd:43:10:1a:eb:59:62:d8:b7:27:fb:88:
                    24:37:64:59:c5:f7:64:58:80:2a:44:95:29:43:f1:
                    80:ef:cf:3e:13:af:09:89:9f:56:6a:6d:ab:7e:cb:
                    08:68:45:1c:81:e1:50:1b:85:50:fc:c4:1f:4e:0b:
                    2b:39:a0:3a:9e:5e:2d:04:63:9d:e6:6f:41:e6:54:
                    95:40:5b:d0:4c:81:29:87:6c:1e:d5:e7:d8:02:97:
                    61:64:ef:ff:72:57:b8:df:87:73:7e:1f:83:4d:97:
                    08:a6:74:9a:b8:62:8a:0c:52:07:e7:03:a3:8c:50:
                    74:3c:eb:7f:c7:9f:be:f4:49:3d:8b:bd:63:7c:79:
                    7b:d8:fd:c9:18:20:18:8a:22:90:56:91:ab:86:6c:
                    c9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:BE:0A:A6:31:EF:53:E5:1C:0D:F9:73:BF:D3:C1:89:F0:37:E3:FA
            X509v3 Authority Key Identifier:
                keyid:DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:00:64:f5:8d:37:06:48:aa:da:5d:c7:07:dd:0e:56:b6:1f:
         8c:46:8c:40:f0:07:00:f9:fb:15:5f:d0:9f:6c:9e:35:39:0f:
         3b:ca:f4:f2:d2:91:79:d3:eb:ab:26:43:03:12:e4:0a:d5:c4:
         24:87:77:e4:34:aa:ce:7c:b1:2d:62:f0:46:fa:b3:86:d5:a3:
         5d:c7:32:c2:95:6b:50:7d:4c:64:42:f2:92:3c:7f:eb:dc:7b:
         c1:cb:41:98:06:36:e4:88:f7:6a:74:68:b6:67:a6:25:fc:3d:
         0d:56:ea:d0:c9:73:69:99:fc:ad:b3:12:f6:d1:71:80:e0:f2:
         b3:2b:03:63:a2:95:ff:55:97:f3:0f:6e:bc:13:55:3e:57:68:
         57:f3:a2:07:16:8c:62:d3:ef:56:36:8b:21:a6:5b:d8:08:db:
         9d:7f:08:65:33:7f:67:b5:1f:46:09:23:2f:ef:de:45:b3:42:
         55:a1:ae:e2:53:ec:cb:d6:fd:92:36:bd:d3:5e:6f:9d:eb:11:
         2f:06:48:60:fa:37:76:0f:86:c4:e9:1e:c6:e7:57:5e:22:81:
         ac:ad:54:5f:c8:3f:3b:21:ba:67:a6:3a:26:3f:81:67:ee:36:
         ff:52:3f:e7:4b:f7:b5:5d:73:e3:41:87:6d:6c:5a:7c:18:df:
         a2:99:78:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWiKCu+zzcWu1UX7wm4c8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzY2MzFjYTIwZWM5MmQxOTVjMTZhOGQ3MGE2M2YzNzJl
NTlmMjQwHhcNMjUwOTA0MjEwMTE2WhcNMjUwOTA1MjEwMTE2WjAzMTEwLwYDVQQD
EygzNGJlMGFhNjMxZWY1M2U1MWMwZGY5NzNiZmQzYzE4OWYwMzdlM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4uMQTGswofyDL2VIpD42ckFXILH
YJbxXTlKBDHe1SA+vle0/0ap5Kdsbgy2h+jPpY9ja1rpxCoKx+DaVO2s1EDQy+pz
ZLxnjX2U5ZONmpcMVSNYFCZY9/lUyn7oq0ur4gBRw4pWapegrq79QxAa61li2Lcn
+4gkN2RZxfdkWIAqRJUpQ/GA788+E68JiZ9Wam2rfssIaEUcgeFQG4VQ/MQfTgsr
OaA6nl4tBGOd5m9B5lSVQFvQTIEph2we1efYApdhZO//cle434dzfh+DTZcIpnSa
uGKKDFIH5wOjjFB0POt/x5++9Ek9i71jfHl72P3JGCAYiiKQVpGrhmzJKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDS+CqYx71PlHA35c7/TwYnwN+P6MB8GA1UdIwQY
MBaAFNw2YxyiDsktGVwWqNcKY/Ny5Z8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUt
NWVmNTZmODZhYjgzLzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUtNWVmNTZmODZhYjgz
LzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABABk9Y03
Bkiq2l3HB90OVrYfjEaMQPAHAPn7FV/Qn2yeNTkPO8r08tKRedPrqyZDAxLkCtXE
JId35DSqznyxLWLwRvqzhtWjXccywpVrUH1MZELykjx/69x7wctBmAY25Ij3anRo
tmemJfw9DVbq0MlzaZn8rbMS9tFxgODysysDY6KV/1WX8w9uvBNVPldoV/OiBxaM
YtPvVjaLIaZb2AjbnX8IZTN/Z7UfRgkjL+/eRbNCVaGu4lPsy9b9kja9015vnesR
LwZIYPo3dg+GxOkexudXXiKBrK1UX8g/OyG6Z6Y6Jj+BZ+42/1I/50v3tV1z40GH
bWxafBjfopl4bw==
-----END CERTIFICATE-----