Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          HPISCh/MOzTGP7nHahFf6voffYEFp+st2K2qhJV/mAw=
Subject key identifier:   0C:BB:74:D9:9A:DC:27:1F:4A:85:CE:D2:AD:46:02:32:EE:94:88:49
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019922C31BE10E9A06DD6AE5D92CF1CE5AB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          0230
Signing time:             Sun 07 Sep 2025 06:00:35 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:35 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:35 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: 961uPL4m5mouQxbesoclpeVEl8XDbFUlzISMxQm21l0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:1b:e1:0e:9a:06:dd:6a:e5:d9:2c:f1:ce:5a:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Sep  7 06:00:35 2025 GMT
            Not After : Sep  8 06:00:35 2025 GMT
        Subject: CN=0cbb74d99adc271f4a85ced2ad460232ee948849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dd:69:93:23:f9:32:a1:e5:27:4b:06:69:2d:
                    ec:d7:ca:2b:1c:02:e8:e0:d8:26:33:1f:e8:32:97:
                    02:67:b0:54:7c:96:75:d9:6b:c6:e6:bc:da:02:98:
                    84:00:58:04:a4:45:77:c4:74:be:4e:7f:09:ff:c3:
                    41:3c:b6:1e:9e:67:2a:68:4c:a9:b3:ec:db:70:32:
                    ce:06:45:17:e3:08:66:ac:71:b4:c9:04:48:b1:84:
                    83:56:c4:2d:b1:45:17:fd:38:51:8b:46:8c:44:e4:
                    06:82:82:4a:cb:25:af:b5:cd:9d:f2:85:34:b1:5a:
                    96:f6:b4:c7:c5:51:4e:77:9e:3a:4f:20:96:f3:4c:
                    53:1e:c6:30:07:bc:88:09:08:f3:a7:73:20:54:f7:
                    ae:2d:f0:6e:c3:94:aa:81:ae:e3:2d:41:c8:a5:bd:
                    f4:0c:34:8d:bb:f1:25:42:4b:8f:fa:7e:3c:0b:40:
                    76:08:0f:a5:f1:61:53:05:64:75:bc:5f:bf:d9:8e:
                    b8:85:83:5b:2f:a6:70:4a:50:f9:ff:5b:43:ee:cc:
                    dc:6d:91:12:57:b6:d9:aa:06:e4:a3:52:2f:c0:7b:
                    79:16:3a:af:22:96:11:6b:68:f3:b5:05:4a:72:f2:
                    a2:b2:e7:c1:f7:8e:b4:e7:e2:d2:f1:b8:01:0b:ff:
                    7e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:BB:74:D9:9A:DC:27:1F:4A:85:CE:D2:AD:46:02:32:EE:94:88:49
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:06:38:bd:19:e6:64:8a:b7:28:a2:12:8a:ae:c0:88:1f:5a:
         4d:1a:81:4f:12:eb:2c:32:7d:8b:09:ba:9c:44:f7:b9:e1:cc:
         94:30:e0:ef:2e:df:d7:41:f1:74:1d:01:2b:75:85:6a:0f:4c:
         ae:a1:95:d5:24:3b:f2:1e:e5:41:43:12:1f:a1:67:c8:31:e2:
         07:58:0a:3b:4f:7b:46:00:c6:82:e7:02:0e:61:4a:5b:1e:22:
         94:03:46:a7:11:e2:c7:a2:17:92:4f:e3:29:2a:03:0b:e2:83:
         92:74:ff:1b:4f:89:e2:33:69:df:62:8e:b6:fe:5c:60:50:09:
         9d:47:39:c0:2c:fe:56:0d:3a:be:b0:e8:ec:4b:c1:61:af:f9:
         bc:70:51:ca:c4:68:14:5b:8a:e1:75:9b:09:7f:35:37:c2:77:
         9b:34:82:c9:27:ff:a7:ea:4f:4c:4e:1b:02:8e:90:33:f6:3d:
         c2:35:89:f3:d1:3a:2a:a2:1c:45:43:45:8a:21:b9:3b:07:87:
         8c:e9:cb:08:1a:96:80:fe:8b:16:5c:cd:30:fa:9e:34:ac:64:
         74:5c:9a:3c:0b:b6:86:76:e2:48:f6:53:ef:b3:d6:8f:71:a6:
         3d:14:2b:7f:af:d8:8b:2a:bb:b4:b0:51:63:88:f5:55:40:0d:
         c7:f6:7e:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxvhDpoG3Wrl2SzxzlqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwOTA3MDYwMDM1WhcNMjUwOTA4MDYwMDM1WjAzMTEwLwYDVQQD
EygwY2JiNzRkOTlhZGMyNzFmNGE4NWNlZDJhZDQ2MDIzMmVlOTQ4ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN1pkyP5MqHlJ0sGaS3s18orHALo
4NgmMx/oMpcCZ7BUfJZ12WvG5rzaApiEAFgEpEV3xHS+Tn8J/8NBPLYenmcqaEyp
s+zbcDLOBkUX4whmrHG0yQRIsYSDVsQtsUUX/ThRi0aMROQGgoJKyyWvtc2d8oU0
sVqW9rTHxVFOd546TyCW80xTHsYwB7yICQjzp3MgVPeuLfBuw5Sqga7jLUHIpb30
DDSNu/ElQkuP+n48C0B2CA+l8WFTBWR1vF+/2Y64hYNbL6ZwSlD5/1tD7szcbZES
V7bZqgbko1IvwHt5FjqvIpYRa2jztQVKcvKisufB94605+LS8bgBC/9+JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy7dNma3CcfSoXO0q1GAjLulIhJMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgY4vRnm
ZIq3KKISiq7AiB9aTRqBTxLrLDJ9iwm6nET3ueHMlDDg7y7f10HxdB0BK3WFag9M
rqGV1SQ78h7lQUMSH6FnyDHiB1gKO097RgDGgucCDmFKWx4ilANGpxHix6IXkk/j
KSoDC+KDknT/G0+J4jNp32KOtv5cYFAJnUc5wCz+Vg06vrDo7EvBYa/5vHBRysRo
FFuK4XWbCX81N8J3mzSCySf/p+pPTE4bAo6QM/Y9wjWJ89E6KqIcRUNFiiG5OweH
jOnLCBqWgP6LFlzNMPqeNKxkdFyaPAu2hnbiSPZT77PWj3GmPRQrf6/Yiyq7tLBR
Y4j1VUANx/Z+GA==
-----END CERTIFICATE-----