Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          trr+jdhnrrRr4Jmp3VL9uzKCOJh9gbVgkIxXdLH/7U4=
Subject key identifier:   E1:0C:AB:F9:D9:21:1C:B0:E9:18:92:22:46:57:91:09:E8:CD:5F:70
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       019923A0D1EFBA69403ADE402E7D70C58957
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          1430
Signing time:             Sun 07 Sep 2025 10:02:46 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:46 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:46 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: K1SgZZX5apq+upLym0873z5Nqfvjv6KNpPpDciJBbZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:d1:ef:ba:69:40:3a:de:40:2e:7d:70:c5:89:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: Sep  7 10:02:46 2025 GMT
            Not After : Sep  8 10:02:46 2025 GMT
        Subject: CN=e10cabf9d9211cb0e918922246579109e8cd5f70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d7:8e:36:3a:90:26:b1:de:87:a7:99:a2:b8:
                    38:db:11:72:2c:43:80:59:0a:8a:10:09:ff:7c:68:
                    68:ba:c5:b5:5d:2b:90:f8:d4:d2:df:27:be:86:19:
                    3e:86:eb:0f:47:6d:58:0e:66:a7:5e:25:e9:d7:7f:
                    41:e5:1e:6a:0f:81:ad:54:bc:24:8b:1e:96:12:3d:
                    73:a6:b9:7a:db:b4:85:03:b5:6f:5c:32:9e:02:54:
                    b5:42:5c:5e:e9:85:ee:64:41:15:94:8b:6e:8d:d2:
                    9a:8a:99:11:9c:2d:2c:3f:a4:85:cf:d8:39:90:87:
                    e9:96:3a:54:b3:61:e7:f3:7d:84:71:f5:b0:bb:5a:
                    d0:22:3d:02:16:5c:ff:f8:15:d0:fb:ad:dd:49:5d:
                    c4:79:0c:6b:3b:1c:ea:d3:f0:bb:98:99:09:e5:5c:
                    a9:d8:fd:35:b1:af:0c:54:82:26:34:32:30:2b:7c:
                    2d:75:20:a3:14:7f:12:5a:04:3c:a3:72:b4:d5:a6:
                    d7:cb:f1:83:71:ff:cc:14:db:bb:d0:b9:95:fc:0e:
                    a5:25:37:0b:cb:8c:4a:13:1d:25:b9:c9:1a:fe:f6:
                    a1:d7:4d:20:c1:60:84:44:8a:6d:53:73:25:c1:50:
                    55:f8:a1:ef:6d:3a:86:2b:b2:2a:3e:bb:5d:c0:47:
                    f1:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:0C:AB:F9:D9:21:1C:B0:E9:18:92:22:46:57:91:09:E8:CD:5F:70
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:33:6f:cc:56:3a:1d:a0:cb:d0:28:dd:ca:0d:4a:89:6c:0a:
         89:d8:c1:5a:af:87:c8:cb:df:e8:7d:1d:34:41:9a:76:d9:50:
         f2:37:65:82:b0:f3:1d:49:68:64:b1:71:ab:4d:b6:35:4d:0f:
         22:39:ee:1c:e1:26:e1:5f:7a:1f:dd:19:f6:8f:b5:12:da:c6:
         77:83:e6:f6:a5:60:90:44:0d:c9:16:9f:2f:8a:cf:48:a7:88:
         7a:23:f9:94:39:ce:88:64:28:35:de:37:9c:76:4f:03:77:85:
         c7:d9:88:8f:21:a6:05:a7:cb:0e:ac:5d:9b:6f:5d:db:0e:a6:
         c1:bc:de:35:3d:71:18:7a:95:02:07:a3:22:df:12:32:bc:69:
         af:a2:92:03:37:2a:50:8e:57:e2:76:a7:97:a2:49:0d:7f:29:
         82:ae:f6:a6:c1:fd:b8:ba:03:8e:31:de:ce:e9:c8:bd:47:b2:
         d4:f6:f8:6b:c1:ef:24:0b:b8:4f:9a:8a:32:c0:17:6c:f2:e9:
         0e:30:e0:2a:da:c5:6a:44:cd:2b:66:85:f7:f6:a9:54:67:c9:
         a9:4f:ef:75:94:90:a1:18:5b:49:0c:9d:3d:14:7e:0b:f6:8b:
         d9:90:59:b2:7c:83:e0:93:a1:e4:05:76:f3:15:37:12:58:8f:
         88:4c:30:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoNHvumlAOt5ALn1wxYlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjUwOTA3MTAwMjQ2WhcNMjUwOTA4MTAwMjQ2WjAzMTEwLwYDVQQD
EyhlMTBjYWJmOWQ5MjExY2IwZTkxODkyMjI0NjU3OTEwOWU4Y2Q1ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9eONjqQJrHeh6eZorg42xFyLEOA
WQqKEAn/fGhousW1XSuQ+NTS3ye+hhk+husPR21YDmanXiXp139B5R5qD4GtVLwk
ix6WEj1zprl627SFA7VvXDKeAlS1Qlxe6YXuZEEVlItujdKaipkRnC0sP6SFz9g5
kIfpljpUs2Hn832EcfWwu1rQIj0CFlz/+BXQ+63dSV3EeQxrOxzq0/C7mJkJ5Vyp
2P01sa8MVIImNDIwK3wtdSCjFH8SWgQ8o3K01abXy/GDcf/MFNu70LmV/A6lJTcL
y4xKEx0lucka/vah100gwWCERIptU3MlwVBV+KHvbTqGK7IqPrtdwEfx1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEMq/nZIRyw6RiSIkZXkQnozV9wMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkDNvzFY6
HaDL0Cjdyg1KiWwKidjBWq+HyMvf6H0dNEGadtlQ8jdlgrDzHUloZLFxq022NU0P
IjnuHOEm4V96H90Z9o+1EtrGd4Pm9qVgkEQNyRafL4rPSKeIeiP5lDnOiGQoNd43
nHZPA3eFx9mIjyGmBafLDqxdm29d2w6mwbzeNT1xGHqVAgejIt8SMrxpr6KSAzcq
UI5X4nanl6JJDX8pgq72psH9uLoDjjHezunIvUey1Pb4a8HvJAu4T5qKMsAXbPLp
DjDgKtrFakTNK2aF9/apVGfJqU/vdZSQoRhbSQydPRR+C/aL2ZBZsnyD4JOh5AV2
8xU3EliPiEwwAg==
-----END CERTIFICATE-----