Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          pRq5QvtKPjqPTxjoFgNDR8GF6IVmyBtvUOrIJ3BZGuo=
Subject key identifier:   D0:39:29:DB:02:53:CD:30:1F:4F:83:60:A6:2F:85:15:00:D8:DE:91
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       01992255B1BBEDCF118E0DFE97EAF8BE7E28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          0720
Signing time:             Sun 07 Sep 2025 04:01:05 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:05 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:05 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: b6OL5PvAJWyGNye0KaZlUfAWHntPP7JMZjJuag7Y0+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:b1:bb:ed:cf:11:8e:0d:fe:97:ea:f8:be:7e:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Sep  7 04:01:05 2025 GMT
            Not After : Sep  8 04:01:05 2025 GMT
        Subject: CN=d03929db0253cd301f4f8360a62f851500d8de91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8c:95:4e:f3:2b:95:7a:cb:cc:53:2d:c2:63:
                    0f:48:e1:d5:70:0c:dd:fc:85:0c:69:8e:64:77:e9:
                    a9:be:ee:a4:80:3e:1f:24:ea:66:1c:c7:d7:46:b3:
                    cb:c3:3f:06:88:96:d0:78:a5:f1:bf:41:fc:74:2e:
                    10:58:1a:0d:8c:18:b3:e3:1f:80:e8:f2:b4:0d:e2:
                    4c:6e:e6:ed:3d:4f:ce:a0:16:d2:55:4d:3b:80:53:
                    ae:6b:22:85:a5:2a:20:f2:58:ec:e5:80:fd:05:6e:
                    16:1d:94:d9:38:68:eb:2b:76:a8:48:87:f7:be:ef:
                    6d:c3:08:77:3a:86:43:58:6f:9f:09:34:2c:3f:ea:
                    11:84:86:a1:92:55:b1:63:17:1e:aa:21:02:07:97:
                    f5:ca:43:bb:66:38:df:8f:43:81:14:c4:f9:b5:57:
                    e5:4e:78:29:4b:6a:19:d0:e8:71:c9:70:2a:c1:f5:
                    c3:ca:b8:dc:d7:41:ea:3a:fc:66:15:ab:42:7d:f1:
                    fd:74:48:86:86:26:e9:c5:ee:18:7b:20:59:91:37:
                    7e:45:54:ed:a9:03:18:19:bd:bb:3a:d0:11:53:09:
                    c6:e9:1a:ef:60:dd:b9:9d:d3:71:01:1e:f4:23:e0:
                    26:5b:b4:ee:f3:b3:e6:89:7d:5f:4c:5a:62:11:ee:
                    bc:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:39:29:DB:02:53:CD:30:1F:4F:83:60:A6:2F:85:15:00:D8:DE:91
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:89:02:43:0b:4d:83:c7:31:10:fb:67:0f:ce:e3:0a:70:7c:
         13:4b:b9:76:2a:60:26:1d:2b:8e:27:7a:f7:50:7b:a3:bb:ae:
         a7:1b:42:9f:e2:76:d6:30:32:52:aa:a3:49:74:3f:d5:9e:9a:
         65:cb:ea:9b:18:e1:b3:6c:22:f9:fc:88:26:11:7d:95:87:00:
         a0:07:42:36:61:72:0d:c1:b1:b3:da:e0:d0:48:de:48:e9:9b:
         c7:c8:93:36:c7:9e:04:79:f5:96:2f:2a:2f:d5:56:d9:a5:c7:
         c2:d2:ad:c3:00:07:ed:a9:83:36:40:af:7c:bd:31:44:8e:31:
         55:c6:65:c4:2d:d2:5b:f0:8f:37:d1:df:94:ca:81:ac:f8:b5:
         71:a2:2d:cf:bc:0a:8a:db:86:26:c6:c5:37:e3:71:de:c2:b3:
         d5:f0:1a:0c:b6:6b:6e:1e:22:b0:23:d4:e4:49:30:8a:9e:ac:
         e1:f8:ae:81:6d:02:04:b1:df:28:c6:93:a1:87:27:6e:9d:40:
         67:e9:43:fd:b0:3a:ba:2f:eb:20:72:33:ee:8d:32:2a:39:b0:
         46:29:94:7a:b7:dc:eb:51:fe:39:1b:ee:e0:5e:8c:35:90:96:
         0d:ed:8f:fe:a4:f1:2f:7e:57:16:3a:be:67:23:28:34:6a:2c:
         36:23:97:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVbG77c8Rjg3+l+r4vn4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwOTA3MDQwMTA1WhcNMjUwOTA4MDQwMTA1WjAzMTEwLwYDVQQD
EyhkMDM5MjlkYjAyNTNjZDMwMWY0ZjgzNjBhNjJmODUxNTAwZDhkZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4yVTvMrlXrLzFMtwmMPSOHVcAzd
/IUMaY5kd+mpvu6kgD4fJOpmHMfXRrPLwz8GiJbQeKXxv0H8dC4QWBoNjBiz4x+A
6PK0DeJMbubtPU/OoBbSVU07gFOuayKFpSog8ljs5YD9BW4WHZTZOGjrK3aoSIf3
vu9twwh3OoZDWG+fCTQsP+oRhIahklWxYxceqiECB5f1ykO7Zjjfj0OBFMT5tVfl
TngpS2oZ0OhxyXAqwfXDyrjc10HqOvxmFatCffH9dEiGhibpxe4YeyBZkTd+RVTt
qQMYGb27OtARUwnG6RrvYN25ndNxAR70I+AmW7Tu87PmiX1fTFpiEe68OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNA5KdsCU80wH0+DYKYvhRUA2N6RMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4kCQwtN
g8cxEPtnD87jCnB8E0u5dipgJh0rjid691B7o7uupxtCn+J21jAyUqqjSXQ/1Z6a
Zcvqmxjhs2wi+fyIJhF9lYcAoAdCNmFyDcGxs9rg0EjeSOmbx8iTNseeBHn1li8q
L9VW2aXHwtKtwwAH7amDNkCvfL0xRI4xVcZlxC3SW/CPN9HflMqBrPi1caItz7wK
ituGJsbFN+Nx3sKz1fAaDLZrbh4isCPU5Ekwip6s4fiugW0CBLHfKMaToYcnbp1A
Z+lD/bA6ui/rIHIz7o0yKjmwRimUerfc61H+ORvu4F6MNZCWDe2P/qTxL35XFjq+
ZyMoNGosNiOXZg==
-----END CERTIFICATE-----