Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          v2dEwLwRr/RGTFwaE422zO4/5YDV03hgUJFMWZztrJM=
Subject key identifier:   5C:3F:F9:A6:C1:D7:19:5E:AC:B3:C4:25:B9:D6:F5:A0:F7:34:9A:88
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       0199221F48481D48FD885AE1571B8C09195C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          137F
Signing time:             Sun 07 Sep 2025 03:01:39 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:39 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:39 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: WY5qnzYuIhayxG3GRZgj8r+VTKNfMZc8UWz60OxAg+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:48:48:1d:48:fd:88:5a:e1:57:1b:8c:09:19:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Sep  7 03:01:39 2025 GMT
            Not After : Sep  8 03:01:39 2025 GMT
        Subject: CN=5c3ff9a6c1d7195eacb3c425b9d6f5a0f7349a88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cd:41:fe:ab:35:76:3a:38:d2:6b:4a:d9:14:
                    b1:70:cb:4b:00:10:27:90:5e:66:68:7d:5a:47:d1:
                    db:f3:e9:a7:4b:07:e2:23:18:df:4c:31:35:15:b4:
                    f4:5b:6c:62:6c:70:65:6b:e5:60:d1:71:d9:da:2c:
                    a7:dd:80:ae:01:d7:ea:f7:cb:62:b3:08:11:5d:1b:
                    47:e3:79:45:3d:a5:a4:a8:93:ae:1d:88:9b:33:f7:
                    ea:b6:cf:af:26:b5:55:5d:20:37:6c:fe:86:8f:be:
                    3a:96:ef:e9:c7:9e:61:34:ce:de:8c:41:d9:02:96:
                    b0:3c:81:68:d5:7d:f0:cd:10:80:fa:c1:9a:9e:4e:
                    61:0c:65:5b:87:93:e3:6d:b0:60:fb:4c:5a:9e:66:
                    12:74:81:b9:bd:53:56:37:ce:42:96:f1:30:22:71:
                    99:24:eb:4c:56:b2:fe:94:68:e1:99:c2:60:ba:ee:
                    f6:74:d2:19:1f:5a:fd:a0:1a:bc:e7:ac:41:d3:cf:
                    6a:cf:15:33:37:73:b1:c4:0e:e0:a5:53:4b:a0:e6:
                    2b:cb:73:00:ef:45:c2:cf:82:cd:93:31:0f:35:c5:
                    97:66:a7:f3:e5:ef:1c:f4:7b:79:dd:3c:db:86:a0:
                    f2:ea:6b:7a:d9:43:cc:2d:26:47:56:61:ed:c9:e6:
                    fa:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:3F:F9:A6:C1:D7:19:5E:AC:B3:C4:25:B9:D6:F5:A0:F7:34:9A:88
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:b5:98:8b:d0:d3:90:7b:89:26:fe:31:71:bb:15:4c:34:a3:
         d7:bd:d9:4b:22:95:6d:e5:2e:20:64:1b:8d:0a:75:40:ff:55:
         0a:fa:8b:b5:d8:6f:7e:cd:9c:67:59:97:cb:aa:8e:18:10:4e:
         4c:d8:b7:c8:23:60:39:3e:85:b8:34:7a:57:6d:96:3b:4d:19:
         76:5b:b2:41:fd:29:3a:bd:94:fb:fb:bd:6b:8a:b7:ce:0f:ba:
         14:20:7a:59:93:22:0d:c7:89:30:c2:2e:22:68:cf:02:77:ab:
         a4:3b:8a:bd:88:bb:d3:31:05:2a:04:0d:5f:6f:b6:47:d2:03:
         08:87:2b:b1:69:9b:54:32:0d:59:51:ed:7c:c8:01:cf:16:f3:
         aa:2c:27:c6:57:bd:13:7a:dc:78:07:30:bc:76:ee:1b:de:53:
         e8:6d:02:37:99:f7:61:95:65:40:4e:5d:63:1a:80:60:aa:ca:
         1c:aa:ce:57:6a:eb:db:de:47:bd:5d:33:f4:f5:3c:20:23:cf:
         ea:7f:a2:ca:ac:dc:44:a9:2a:ea:2a:09:2d:5d:0c:21:e7:a3:
         40:98:7c:56:4b:c1:e1:6b:1c:64:ce:e8:76:b3:4e:1c:13:87:
         9e:00:4b:8b:87:12:6e:d5:52:a6:b5:4a:e6:43:05:b4:87:b5:
         4e:e0:ba:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiH0hIHUj9iFrhVxuMCRlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjUwOTA3MDMwMTM5WhcNMjUwOTA4MDMwMTM5WjAzMTEwLwYDVQQD
Eyg1YzNmZjlhNmMxZDcxOTVlYWNiM2M0MjViOWQ2ZjVhMGY3MzQ5YTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn81B/qs1djo40mtK2RSxcMtLABAn
kF5maH1aR9Hb8+mnSwfiIxjfTDE1FbT0W2xibHBla+Vg0XHZ2iyn3YCuAdfq98ti
swgRXRtH43lFPaWkqJOuHYibM/fqts+vJrVVXSA3bP6Gj746lu/px55hNM7ejEHZ
ApawPIFo1X3wzRCA+sGank5hDGVbh5PjbbBg+0xanmYSdIG5vVNWN85ClvEwInGZ
JOtMVrL+lGjhmcJguu72dNIZH1r9oBq856xB089qzxUzN3OxxA7gpVNLoOYry3MA
70XCz4LNkzEPNcWXZqfz5e8c9Ht53TzbhqDy6mt62UPMLSZHVmHtyeb6xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw/+abB1xlerLPEJbnW9aD3NJqIMB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7WYi9DT
kHuJJv4xcbsVTDSj173ZSyKVbeUuIGQbjQp1QP9VCvqLtdhvfs2cZ1mXy6qOGBBO
TNi3yCNgOT6FuDR6V22WO00ZdluyQf0pOr2U+/u9a4q3zg+6FCB6WZMiDceJMMIu
ImjPAnerpDuKvYi70zEFKgQNX2+2R9IDCIcrsWmbVDINWVHtfMgBzxbzqiwnxle9
E3rceAcwvHbuG95T6G0CN5n3YZVlQE5dYxqAYKrKHKrOV2rr295HvV0z9PU8ICPP
6n+iyqzcRKkq6ioJLV0MIeejQJh8VkvB4WscZM7odrNOHBOHngBLi4cSbtVSprVK
5kMFtIe1TuC67Q==
-----END CERTIFICATE-----