Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          PwE/6QnLIVBZCq9fLkWwha6bGOzWmbsE9e78fJGzPUk=
Subject key identifier:   77:32:EF:B5:10:E7:3E:01:A9:C6:B6:FD:CB:2E:F2:B1:77:5B:FD:D0
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       01992255278EDA1A7532D4D2E4640F4881AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          05DE
Signing time:             Sun 07 Sep 2025 04:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:29 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: ZZIReRnKglHdKh7/ue8PIIBmFdGbfcUw/lpLf8dJW8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:27:8e:da:1a:75:32:d4:d2:e4:64:0f:48:81:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Sep  7 04:00:29 2025 GMT
            Not After : Sep  8 04:00:29 2025 GMT
        Subject: CN=7732efb510e73e01a9c6b6fdcb2ef2b1775bfdd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:17:db:d8:7e:e4:99:bd:a7:b3:36:85:cd:6e:
                    51:ce:6e:c5:60:ba:85:a7:a7:e0:77:7e:c1:e7:3b:
                    77:82:65:34:86:08:fe:f2:c7:81:20:38:21:6e:fa:
                    42:70:6b:c0:db:ae:cc:71:26:ce:b5:05:84:34:bb:
                    1c:97:24:f5:1c:3c:95:93:0b:5d:cf:0d:02:4f:e6:
                    ee:31:91:31:68:fc:15:82:10:e4:e2:68:8d:13:8a:
                    fd:ba:b9:ba:73:56:e8:65:13:71:42:3e:b0:aa:6d:
                    ff:53:29:86:28:46:ee:e7:99:3d:e5:bd:25:c6:f6:
                    0a:9c:1d:c0:e3:04:4e:15:76:fc:55:af:fb:d4:2f:
                    44:9d:a9:38:e4:9a:13:66:ef:d9:1d:21:87:ec:2f:
                    91:1e:22:fa:96:9c:7b:02:ff:0c:39:55:44:95:95:
                    88:04:48:fa:b9:28:4c:8f:d2:c2:34:43:ab:67:82:
                    da:c7:f7:43:0a:b6:36:28:69:7b:5d:dc:30:c8:9f:
                    00:d3:d8:3a:61:68:15:06:2f:9e:f3:42:06:54:ce:
                    1c:92:6e:ae:e1:d5:ef:57:ac:8e:8f:84:d4:12:7a:
                    df:2e:63:ce:37:f4:0d:0c:3f:97:58:58:51:39:2b:
                    d6:c5:47:a1:98:2a:8c:bb:1c:52:b5:28:b0:8f:17:
                    06:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:32:EF:B5:10:E7:3E:01:A9:C6:B6:FD:CB:2E:F2:B1:77:5B:FD:D0
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:e4:8f:34:d1:8e:1f:b6:8d:87:e4:ed:1b:96:b4:3c:d4:6a:
         df:32:f7:4c:9f:f1:da:b0:ac:2c:d9:cc:e7:63:37:aa:6c:0b:
         f6:06:aa:5d:db:05:56:9b:3d:80:f6:98:e0:a7:6a:6d:48:b7:
         70:e2:56:8c:0f:9e:5c:5e:92:e1:de:77:fe:9e:3d:cb:8d:8c:
         a5:ef:06:6f:35:ea:6e:6c:26:26:4f:7c:7a:ca:e3:a4:ba:56:
         1b:78:98:3e:1e:ce:bf:ad:29:60:0e:63:f8:93:28:a7:92:ef:
         9b:47:0f:6c:51:cb:14:ec:c9:b6:05:cd:cc:a5:d9:bf:91:44:
         be:48:55:5f:af:5f:23:64:ac:47:a1:05:21:fe:3e:89:e3:eb:
         79:07:c9:8b:8d:82:e7:9c:0c:ee:c6:8e:d2:ad:f4:98:bc:d6:
         2a:11:5a:15:5a:cf:0b:40:87:35:3b:1f:88:85:ce:86:21:b0:
         4e:85:27:b1:30:f3:5c:f2:dd:88:f8:8c:5b:06:fb:ec:a7:cc:
         95:7e:ae:13:75:83:09:6d:32:6e:7b:df:59:fe:54:73:80:3f:
         45:03:2e:c4:08:8d:d1:c1:91:4a:f5:66:ae:8c:4b:93:09:76:
         a8:e8:1e:73:07:b8:b0:65:11:40:56:03:1a:c3:a3:24:9d:ec:
         68:4f:7b:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVSeO2hp1MtTS5GQPSIGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUwOTA3MDQwMDI5WhcNMjUwOTA4MDQwMDI5WjAzMTEwLwYDVQQD
Eyg3NzMyZWZiNTEwZTczZTAxYTljNmI2ZmRjYjJlZjJiMTc3NWJmZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rfb2H7kmb2nszaFzW5Rzm7FYLqF
p6fgd37B5zt3gmU0hgj+8seBIDghbvpCcGvA267McSbOtQWENLsclyT1HDyVkwtd
zw0CT+buMZExaPwVghDk4miNE4r9urm6c1boZRNxQj6wqm3/UymGKEbu55k95b0l
xvYKnB3A4wROFXb8Va/71C9Enak45JoTZu/ZHSGH7C+RHiL6lpx7Av8MOVVElZWI
BEj6uShMj9LCNEOrZ4Lax/dDCrY2KGl7XdwwyJ8A09g6YWgVBi+e80IGVM4ckm6u
4dXvV6yOj4TUEnrfLmPON/QNDD+XWFhROSvWxUehmCqMuxxStSiwjxcGJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcy77UQ5z4Bqca2/csu8rF3W/3QMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOSPNNGO
H7aNh+TtG5a0PNRq3zL3TJ/x2rCsLNnM52M3qmwL9gaqXdsFVps9gPaY4KdqbUi3
cOJWjA+eXF6S4d53/p49y42Mpe8GbzXqbmwmJk98esrjpLpWG3iYPh7Ov60pYA5j
+JMop5Lvm0cPbFHLFOzJtgXNzKXZv5FEvkhVX69fI2SsR6EFIf4+iePreQfJi42C
55wM7saO0q30mLzWKhFaFVrPC0CHNTsfiIXOhiGwToUnsTDzXPLdiPiMWwb77KfM
lX6uE3WDCW0ybnvfWf5Uc4A/RQMuxAiN0cGRSvVmroxLkwl2qOgecwe4sGURQFYD
GsOjJJ3saE97bw==
-----END CERTIFICATE-----