Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          nbpZGok8077jQGNjGDd+kNNHKpRR73ThtjAyy9w6ZoU=
Subject key identifier:   A3:27:EC:E3:90:F3:B2:F6:CA:30:1E:0E:25:14:B9:EA:7C:75:A8:50
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0197D7759FA9F168FAAA18B882CCB752DAE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          15C2
Signing time:             Fri 04 Jul 2025 22:01:39 +0000
Manifest this update:     Fri 04 Jul 2025 22:01:39 +0000
Manifest next update:     Sat 05 Jul 2025 22:01:39 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: 0wpAfuMBcdMxVfoOGJgOPTeTB4m8vw5Z2qx3nWm+acU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d7:75:9f:a9:f1:68:fa:aa:18:b8:82:cc:b7:52:da:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Jul  4 22:01:39 2025 GMT
            Not After : Jul  5 22:01:39 2025 GMT
        Subject: CN=a327ece390f3b2f6ca301e0e2514b9ea7c75a850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:53:a9:93:f3:77:33:bc:0c:b6:f5:59:22:84:
                    40:c2:87:30:76:c8:5d:60:8c:e2:ab:67:5c:87:59:
                    f8:e8:dd:da:2c:30:5a:45:8d:26:85:1b:41:d3:9a:
                    e7:ba:61:d8:33:af:f7:24:01:d8:2a:38:ed:ea:6d:
                    2e:4b:3a:98:62:c8:2e:72:46:ed:46:d5:3f:2a:7b:
                    87:83:db:52:91:da:49:cb:35:8f:53:17:57:42:d2:
                    f5:3e:89:b0:ee:ad:1d:3e:62:99:df:f4:db:dd:a0:
                    99:0d:44:f1:c0:29:4c:b1:54:61:00:52:8f:8b:1f:
                    01:da:13:1d:78:40:d0:f4:1f:47:bd:81:16:f4:d8:
                    ef:70:10:7e:cc:47:34:19:7d:4b:9c:91:13:5b:09:
                    7a:86:9b:38:87:a9:c7:3d:0f:e1:1b:38:08:3e:25:
                    41:c7:8f:a7:b6:98:53:76:0a:bc:7b:e9:d8:19:9f:
                    53:b1:1e:eb:cb:bd:c1:fa:7a:ba:6f:e3:63:cd:2b:
                    6c:d7:13:6c:74:ce:6b:1f:00:a7:ab:a6:44:d9:7d:
                    e1:bb:ff:19:6b:6b:96:0d:22:7f:64:12:4d:f6:77:
                    71:82:9f:a5:8e:d0:e2:26:24:fc:4e:99:44:83:6f:
                    9f:94:93:61:c2:df:c4:37:2a:e3:70:4e:53:b4:4f:
                    c6:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:27:EC:E3:90:F3:B2:F6:CA:30:1E:0E:25:14:B9:EA:7C:75:A8:50
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:7c:94:3d:8d:59:de:25:a6:6d:7b:5e:06:dd:5a:87:e4:37:
         05:9e:26:34:4d:a8:2e:89:0f:9f:0d:77:37:48:e8:8f:31:3d:
         67:59:f3:ca:ac:50:69:c3:2f:83:38:5b:13:05:78:95:39:f3:
         16:86:3b:ec:6e:25:80:0a:4b:e8:ac:de:04:d0:2f:fd:c8:f0:
         e4:f2:ce:26:74:e0:69:bf:0c:6d:85:44:f9:22:73:11:bb:02:
         21:78:6f:7f:8e:59:e7:f3:69:9b:6e:25:77:3a:12:23:28:7c:
         35:af:fc:78:0e:e7:d2:b8:bc:9b:7c:d1:00:7a:06:8e:d7:cb:
         d0:03:80:30:47:75:02:02:9d:30:7e:d9:5d:50:28:95:b1:78:
         64:74:ec:46:5c:10:2b:a8:72:3d:7c:11:1f:39:c3:34:2a:d2:
         90:84:ac:f7:60:c6:84:aa:6b:91:cb:04:e5:0d:7c:0d:27:e8:
         74:e5:00:54:76:c3:43:96:7f:38:74:6f:9a:7a:d1:d7:b9:fa:
         17:a2:81:3a:77:4d:d9:98:e7:b6:42:d5:5d:7c:f2:8d:aa:f6:
         08:8b:ae:bb:7c:e8:9e:59:45:d1:24:b5:c2:ce:66:68:2b:b3:
         54:58:56:a9:4a:21:e9:d4:00:98:3b:6d:c6:de:54:b9:af:77:
         b0:a3:c4:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfXdZ+p8Wj6qhi4gsy3UtroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwNzA0MjIwMTM5WhcNMjUwNzA1MjIwMTM5WjAzMTEwLwYDVQQD
EyhhMzI3ZWNlMzkwZjNiMmY2Y2EzMDFlMGUyNTE0YjllYTdjNzVhODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFOpk/N3M7wMtvVZIoRAwocwdshd
YIziq2dch1n46N3aLDBaRY0mhRtB05rnumHYM6/3JAHYKjjt6m0uSzqYYsguckbt
RtU/KnuHg9tSkdpJyzWPUxdXQtL1Pomw7q0dPmKZ3/Tb3aCZDUTxwClMsVRhAFKP
ix8B2hMdeEDQ9B9HvYEW9NjvcBB+zEc0GX1LnJETWwl6hps4h6nHPQ/hGzgIPiVB
x4+ntphTdgq8e+nYGZ9TsR7ry73B+nq6b+NjzSts1xNsdM5rHwCnq6ZE2X3hu/8Z
a2uWDSJ/ZBJN9ndxgp+ljtDiJiT8TplEg2+flJNhwt/ENyrjcE5TtE/G4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMn7OOQ87L2yjAeDiUUuep8dahQMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeHyUPY1Z
3iWmbXteBt1ah+Q3BZ4mNE2oLokPnw13N0jojzE9Z1nzyqxQacMvgzhbEwV4lTnz
FoY77G4lgApL6KzeBNAv/cjw5PLOJnTgab8MbYVE+SJzEbsCIXhvf45Z5/Npm24l
dzoSIyh8Na/8eA7n0ri8m3zRAHoGjtfL0AOAMEd1AgKdMH7ZXVAolbF4ZHTsRlwQ
K6hyPXwRHznDNCrSkISs92DGhKprkcsE5Q18DSfodOUAVHbDQ5Z/OHRvmnrR17n6
F6KBOndN2ZjntkLVXXzyjar2CIuuu3zonllF0SS1ws5maCuzVFhWqUoh6dQAmDtt
xt5Uua93sKPE3A==
-----END CERTIFICATE-----