Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          z2ek0xF7P3tFmFwpBnLeDFOdaOai8/Y+Cr07RTdpAPA=
Subject key identifier:   E2:6D:82:78:F3:5D:4E:2D:66:E4:84:58:15:C2:27:58:13:92:32:5C
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       0199172D01209DCFE80E20D6CC2986A3B488
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          01D2
Signing time:             Fri 05 Sep 2025 00:00:49 +0000
Manifest this update:     Fri 05 Sep 2025 00:00:49 +0000
Manifest next update:     Sat 06 Sep 2025 00:00:49 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: Nc6ZinwWMgNJanpO3XzX27vmg2hvbvP+9WI9Z6MluhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 00:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:2d:01:20:9d:cf:e8:0e:20:d6:cc:29:86:a3:b4:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Sep  5 00:00:49 2025 GMT
            Not After : Sep  6 00:00:49 2025 GMT
        Subject: CN=e26d8278f35d4e2d66e4845815c227581392325c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b4:85:a2:78:c6:15:96:47:84:00:c9:c8:99:
                    bd:be:c7:b3:ed:3a:b0:6c:ec:3b:85:2b:cc:0c:c7:
                    93:52:fa:8b:2f:d0:36:e6:ca:c7:6c:ca:49:f2:17:
                    01:ec:ed:8f:76:23:85:81:74:97:1e:86:a5:5e:07:
                    64:89:76:4e:13:7d:7e:05:f7:67:47:d0:68:a1:85:
                    19:95:91:b8:08:59:36:23:9f:ef:bc:0a:e8:96:a4:
                    a8:9a:6e:82:f2:1c:5f:c3:00:b8:4a:8e:dd:b4:d3:
                    e4:4e:f9:78:ec:71:e1:0c:6c:a7:ee:83:ee:d5:e1:
                    89:27:2e:01:11:2e:df:38:00:95:a3:a5:18:7b:47:
                    d2:75:13:55:c9:a8:d5:e2:09:08:7d:9e:fa:dc:46:
                    a6:01:34:c1:65:51:bb:c5:65:a1:ec:41:f5:0d:a6:
                    dc:41:57:1e:34:f1:60:28:c4:9c:c5:99:d0:bd:3c:
                    6f:c0:e2:1d:7b:fd:61:5a:89:f9:bb:0f:2a:2d:e6:
                    4d:67:37:73:23:96:ee:4a:e8:61:96:ab:43:96:67:
                    b4:f7:b1:90:ea:ec:04:58:ce:75:4e:0e:29:0b:44:
                    89:1c:f2:23:4a:1b:89:55:6d:1e:74:f5:92:72:e2:
                    f3:95:b2:5c:c6:c5:f6:b5:12:b8:1a:fc:3d:de:39:
                    a4:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6D:82:78:F3:5D:4E:2D:66:E4:84:58:15:C2:27:58:13:92:32:5C
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:87:b1:55:60:e2:95:37:f8:a4:3d:ba:66:5c:98:48:d2:40:
         0b:09:63:e0:1b:c7:e5:c6:4b:6e:c6:f8:27:af:e2:eb:1c:23:
         ba:4f:ee:69:aa:b5:b1:89:a0:6e:70:0b:f8:19:cc:fb:84:b0:
         60:bb:5f:a2:e3:aa:32:eb:3c:33:bb:07:cc:af:53:b4:49:13:
         8c:7c:c5:96:9a:77:e6:6b:6e:ff:ff:61:b4:5a:ce:d4:1e:ad:
         31:db:f7:b9:06:1d:c1:d6:c5:01:bb:e8:f0:ee:fc:a5:83:53:
         d8:1f:f6:ed:f9:b9:27:01:96:eb:19:17:93:e6:f8:e7:cb:7d:
         b2:f5:0c:1d:e4:a7:a7:c1:c4:af:93:45:51:62:73:8c:0f:eb:
         61:23:df:29:4c:26:c7:00:2f:e9:ab:64:a7:38:32:7c:36:df:
         48:d8:de:9c:0a:fd:8e:54:a5:47:47:23:bd:fe:cb:30:97:90:
         48:ab:9d:92:05:1a:76:ef:ac:d2:f3:34:fc:b9:07:6d:52:0b:
         1f:4c:3b:9d:78:dd:91:91:e6:90:70:a6:f6:90:e5:ad:27:b2:
         bc:83:6e:1c:9c:fd:00:0b:74:43:21:1d:60:98:dd:01:cd:18:
         b8:e4:3b:3c:a4:1b:ad:34:29:63:fb:35:19:4f:9c:a0:dc:84:
         55:2a:5c:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLQEgnc/oDiDWzCmGo7SIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjUwOTA1MDAwMDQ5WhcNMjUwOTA2MDAwMDQ5WjAzMTEwLwYDVQQD
EyhlMjZkODI3OGYzNWQ0ZTJkNjZlNDg0NTgxNWMyMjc1ODEzOTIzMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLSFonjGFZZHhADJyJm9vsez7Tqw
bOw7hSvMDMeTUvqLL9A25srHbMpJ8hcB7O2PdiOFgXSXHoalXgdkiXZOE31+Bfdn
R9BooYUZlZG4CFk2I5/vvArolqSomm6C8hxfwwC4So7dtNPkTvl47HHhDGyn7oPu
1eGJJy4BES7fOACVo6UYe0fSdRNVyajV4gkIfZ763EamATTBZVG7xWWh7EH1Dabc
QVceNPFgKMScxZnQvTxvwOIde/1hWon5uw8qLeZNZzdzI5buSuhhlqtDlme097GQ
6uwEWM51Tg4pC0SJHPIjShuJVW0edPWScuLzlbJcxsX2tRK4Gvw93jmktwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJtgnjzXU4tZuSEWBXCJ1gTkjJcMB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4exVWDi
lTf4pD26ZlyYSNJACwlj4BvH5cZLbsb4J6/i6xwjuk/uaaq1sYmgbnAL+BnM+4Sw
YLtfouOqMus8M7sHzK9TtEkTjHzFlpp35mtu//9htFrO1B6tMdv3uQYdwdbFAbvo
8O78pYNT2B/27fm5JwGW6xkXk+b458t9svUMHeSnp8HEr5NFUWJzjA/rYSPfKUwm
xwAv6atkpzgyfDbfSNjenAr9jlSlR0cjvf7LMJeQSKudkgUadu+s0vM0/LkHbVIL
H0w7nXjdkZHmkHCm9pDlrSeyvINuHJz9AAt0QyEdYJjdAc0YuOQ7PKQbrTQpY/s1
GU+coNyEVSpcuA==
-----END CERTIFICATE-----