Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
File:                     3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft (raw, json)
Hash identifier:          v/mAK7fp2yKKegl8DrVKPY03c/PaHbhhnkM+q9hubuI=
Subject key identifier:   4E:1C:23:15:F1:19:C9:EB:E9:72:3D:D7:13:DE:E5:7A:CD:9D:CB:94
Authority key identifier: DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14
Certificate issuer:       /CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
Certificate serial:       019922C3A81474C941DDD19E54918BE1CF62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
Manifest number:          2D
Signing time:             Sun 07 Sep 2025 06:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 06:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 06:01:11 +0000
Files and hashes:         1: 3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl (hash: 3x5nzhReUPJfYmJj071qWdygkztIh3Bs0+9626UWd2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:a8:14:74:c9:41:dd:d1:9e:54:91:8b:e1:cf:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
        Validity
            Not Before: Sep  7 06:01:11 2025 GMT
            Not After : Sep  8 06:01:11 2025 GMT
        Subject: CN=4e1c2315f119c9ebe9723dd713dee57acd9dcb94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b0:9f:d7:ab:2a:bf:4e:86:fc:2a:b0:96:bd:
                    eb:7e:c8:e5:ee:ee:0d:8a:67:ea:46:5c:b1:3b:ef:
                    9f:eb:0a:59:f7:1b:1a:9e:f3:41:a2:e6:a8:14:ba:
                    cc:00:f0:d5:8a:82:93:9b:06:b7:17:78:67:17:04:
                    b8:95:e8:a8:b1:a8:48:f5:a2:94:93:ba:39:ca:c6:
                    18:51:58:85:fc:0e:bc:04:9f:3c:ff:c2:a9:4d:8e:
                    d3:ec:40:22:b0:98:88:7c:2a:e5:31:cd:83:a2:48:
                    e1:d3:71:f9:2b:67:f5:ac:ea:e9:d9:a5:98:5b:c2:
                    e1:f4:88:84:3c:41:44:1e:73:4a:50:64:53:69:cf:
                    b1:8d:e1:fb:47:13:6c:a3:ef:bc:46:4b:46:f3:f5:
                    e8:a3:cb:78:cd:a0:e0:ff:5f:57:cb:ef:6c:87:67:
                    b5:bf:e8:3b:fd:8f:dc:fb:3d:3e:d5:cd:f6:d9:2d:
                    44:72:db:7b:14:bd:21:39:fd:af:30:f1:ec:1a:d9:
                    8b:dc:a7:92:c2:11:60:9a:2c:2b:db:56:4d:15:b8:
                    93:4e:c2:d1:54:cc:a7:00:30:63:36:b1:3e:85:ee:
                    1d:4c:be:4f:e4:96:6e:bd:37:94:60:d6:e4:a1:f8:
                    10:d0:98:41:ef:dd:ca:53:8f:13:66:77:86:b4:27:
                    4c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1C:23:15:F1:19:C9:EB:E9:72:3D:D7:13:DE:E5:7A:CD:9D:CB:94
            X509v3 Authority Key Identifier:
                keyid:DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:8f:94:7d:90:d0:8c:61:8e:24:ed:8b:67:0b:a2:24:ac:ef:
         66:e0:e1:eb:de:27:ff:2b:ef:37:1a:91:b0:ac:6b:a9:0a:d8:
         b4:15:92:7e:b7:de:4c:35:f7:57:03:8d:9c:ac:7d:ef:6d:32:
         02:39:be:5a:52:3c:7d:a0:cd:78:58:0f:2e:f7:b0:db:68:39:
         eb:54:00:fb:89:60:e1:1b:7b:95:ce:20:81:35:4d:f5:1c:31:
         7c:0b:46:d3:83:c9:10:a2:52:95:42:9c:28:fd:03:44:30:ed:
         9b:85:f3:35:b7:5a:8a:3d:2d:8a:4c:0d:50:7a:3c:92:24:50:
         cf:40:0e:06:76:ee:78:76:6d:5b:0a:7e:5d:68:18:35:b1:73:
         af:64:58:1e:27:ff:3b:c3:67:2c:19:81:45:ef:f2:22:ef:c2:
         d4:35:8f:e3:6f:18:51:c3:25:27:af:10:4d:aa:17:31:b3:4e:
         71:02:dd:20:dc:d3:d0:87:88:e2:1d:54:a3:47:fb:d4:73:15:
         16:b0:99:5f:a6:60:aa:a5:a0:43:13:b1:3e:0a:33:9b:3a:11:
         38:ef:73:ab:83:8a:2e:d2:db:b5:a0:73:e1:af:52:99:84:43:
         5e:c1:b0:af:62:0f:0d:f2:6f:90:82:80:55:08:6f:c3:74:b6:
         f9:0a:78:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw6gUdMlB3dGeVJGL4c9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzg3MzMwM2QyZDZlMjM4YTViZDg1ZWQ1ODY3YjY0MzE1
OGZjMTQwHhcNMjUwOTA3MDYwMTExWhcNMjUwOTA4MDYwMTExWjAzMTEwLwYDVQQD
Eyg0ZTFjMjMxNWYxMTljOWViZTk3MjNkZDcxM2RlZTU3YWNkOWRjYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLCf16sqv06G/Cqwlr3rfsjl7u4N
imfqRlyxO++f6wpZ9xsanvNBouaoFLrMAPDVioKTmwa3F3hnFwS4leiosahI9aKU
k7o5ysYYUViF/A68BJ88/8KpTY7T7EAisJiIfCrlMc2Dokjh03H5K2f1rOrp2aWY
W8Lh9IiEPEFEHnNKUGRTac+xjeH7RxNso++8RktG8/Xoo8t4zaDg/19Xy+9sh2e1
v+g7/Y/c+z0+1c322S1Ectt7FL0hOf2vMPHsGtmL3KeSwhFgmiwr21ZNFbiTTsLR
VMynADBjNrE+he4dTL5P5JZuvTeUYNbkofgQ0JhB793KU48TZneGtCdMcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4cIxXxGcnr6XI91xPe5XrNncuUMB8GA1UdIwQY
MBaAFN04czA9LW4jilvYXtWGe2QxWPwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAt
ZDNkYjI3N2VjZGZhLzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAtZDNkYjI3N2VjZGZh
LzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4+UfZDQ
jGGOJO2LZwuiJKzvZuDh694n/yvvNxqRsKxrqQrYtBWSfrfeTDX3VwONnKx9720y
Ajm+WlI8faDNeFgPLvew22g561QA+4lg4Rt7lc4ggTVN9RwxfAtG04PJEKJSlUKc
KP0DRDDtm4XzNbdaij0tikwNUHo8kiRQz0AOBnbueHZtWwp+XWgYNbFzr2RYHif/
O8NnLBmBRe/yIu/C1DWP428YUcMlJ68QTaoXMbNOcQLdINzT0IeI4h1Uo0f71HMV
FrCZX6ZgqqWgQxOxPgozmzoROO9zq4OKLtLbtaBz4a9SmYRDXsGwr2IPDfJvkIKA
VQhvw3S2+Qp4UQ==
-----END CERTIFICATE-----