Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          HTmlGDvdMVWBjMGEUsZYXiWU2lhVrq1dPHE6Dg5v0NM=
Subject key identifier:   FA:B1:5C:7A:3A:9A:48:71:3E:BB:76:B3:9B:88:7F:B7:6E:DA:F7:B9
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019923A0F00DB753B2D213CADCD5275229A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0D64
Signing time:             Sun 07 Sep 2025 10:02:53 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:53 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:53 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: 2/d5WfjFe/c0m4/3W7i58rjX3lHkXcQAtJHYhYuDuF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:f0:0d:b7:53:b2:d2:13:ca:dc:d5:27:52:29:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Sep  7 10:02:53 2025 GMT
            Not After : Sep  8 10:02:53 2025 GMT
        Subject: CN=fab15c7a3a9a48713ebb76b39b887fb76edaf7b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cb:a4:30:02:ba:29:b7:5a:59:23:38:a0:11:
                    12:96:94:1c:fe:50:47:11:82:b0:a1:37:aa:63:11:
                    35:f8:d5:db:0e:d2:84:9b:79:12:56:4a:8e:b4:97:
                    85:a3:eb:0a:29:38:e0:12:3c:3d:4b:41:8a:68:16:
                    37:c4:95:7c:ca:6f:9a:57:f2:1b:b7:47:1e:1e:52:
                    ed:bb:01:84:c1:ff:40:1a:80:bb:5d:a7:88:b9:2b:
                    37:6f:5e:f7:2f:2b:59:ae:83:e1:77:3d:49:00:63:
                    c5:3e:3c:ea:49:28:36:05:0f:f0:e4:89:71:f9:5d:
                    a0:e0:19:06:9d:a2:9c:15:86:a6:13:0a:03:3f:25:
                    92:bb:a7:df:75:9e:43:e7:73:b9:a6:49:55:40:66:
                    09:99:18:f6:a1:4a:bb:4c:86:12:25:0a:5c:a4:0e:
                    9f:25:ec:f5:b9:63:98:91:83:ac:9a:24:7d:f6:bc:
                    c5:64:da:6f:ab:5a:ed:13:b0:cc:24:97:8b:d1:c6:
                    1f:64:56:28:b4:21:8d:27:95:67:2f:90:ba:e4:bc:
                    a4:d5:14:e1:38:90:10:63:46:96:71:06:22:5b:17:
                    7e:13:a1:f4:3c:7f:56:dc:1b:ff:2c:9d:a6:b8:98:
                    1c:5d:70:cd:45:a0:fb:e5:c3:04:59:4f:e5:6e:78:
                    52:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B1:5C:7A:3A:9A:48:71:3E:BB:76:B3:9B:88:7F:B7:6E:DA:F7:B9
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:41:62:00:19:8b:5f:71:06:26:82:16:7c:a2:d7:6a:19:a8:
         78:3e:3d:73:51:11:3b:d7:d3:3a:24:03:d0:db:3c:33:38:1b:
         f5:06:22:3e:ba:2f:c2:04:10:10:3d:c6:db:8d:a5:89:9a:a7:
         86:5b:4e:3b:25:7f:ea:ae:2c:c9:d2:04:0d:a8:c4:59:37:ca:
         de:11:e5:64:44:54:c2:ef:06:ab:7f:3b:b1:6c:48:72:9e:94:
         ac:6f:13:0d:00:47:a4:e4:93:ce:45:7e:a9:75:d5:66:b1:63:
         4c:4d:53:d2:4d:bc:8f:43:01:14:f5:0e:a4:0f:40:5c:16:09:
         c8:59:c0:9a:69:98:5e:fa:7f:90:6f:9c:a9:b3:7b:11:b0:67:
         5b:8f:65:02:de:cc:7f:82:57:08:59:c0:40:da:02:e0:6d:9e:
         c2:02:a7:54:a4:f2:24:36:69:92:71:d7:9e:52:4e:73:04:4e:
         ce:b2:ea:bc:13:03:32:88:49:5b:01:bb:6e:18:b1:1a:d9:87:
         62:63:0f:62:63:d6:f6:ea:68:26:ec:66:78:2c:77:58:d3:8d:
         2b:00:bd:24:ef:b7:b8:49:90:8f:8b:21:1b:10:39:4a:1f:b8:
         15:3e:ba:17:96:fa:b3:ef:3e:4e:b5:b5:24:48:fd:22:53:66:
         7e:bc:a6:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoPANt1Oy0hPK3NUnUimkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUwOTA3MTAwMjUzWhcNMjUwOTA4MTAwMjUzWjAzMTEwLwYDVQQD
EyhmYWIxNWM3YTNhOWE0ODcxM2ViYjc2YjM5Yjg4N2ZiNzZlZGFmN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusukMAK6KbdaWSM4oBESlpQc/lBH
EYKwoTeqYxE1+NXbDtKEm3kSVkqOtJeFo+sKKTjgEjw9S0GKaBY3xJV8ym+aV/Ib
t0ceHlLtuwGEwf9AGoC7XaeIuSs3b173LytZroPhdz1JAGPFPjzqSSg2BQ/w5Ilx
+V2g4BkGnaKcFYamEwoDPyWSu6ffdZ5D53O5pklVQGYJmRj2oUq7TIYSJQpcpA6f
Jez1uWOYkYOsmiR99rzFZNpvq1rtE7DMJJeL0cYfZFYotCGNJ5VnL5C65Lyk1RTh
OJAQY0aWcQYiWxd+E6H0PH9W3Bv/LJ2muJgcXXDNRaD75cMEWU/lbnhSbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqxXHo6mkhxPrt2s5uIf7du2ve5MB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkFiABmL
X3EGJoIWfKLXahmoeD49c1ERO9fTOiQD0Ns8Mzgb9QYiProvwgQQED3G242liZqn
hltOOyV/6q4sydIEDajEWTfK3hHlZERUwu8Gq387sWxIcp6UrG8TDQBHpOSTzkV+
qXXVZrFjTE1T0k28j0MBFPUOpA9AXBYJyFnAmmmYXvp/kG+cqbN7EbBnW49lAt7M
f4JXCFnAQNoC4G2ewgKnVKTyJDZpknHXnlJOcwROzrLqvBMDMohJWwG7bhixGtmH
YmMPYmPW9upoJuxmeCx3WNONKwC9JO+3uEmQj4shGxA5Sh+4FT66F5b6s+8+TrW1
JEj9IlNmfrymUA==
-----END CERTIFICATE-----