Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          awGft+Fez4WzYye49gQybi1zzsMduOML7+c8uOnJzP4=
Subject key identifier:   05:75:10:81:E4:A0:39:77:FE:72:98:6A:A0:BA:4C:EC:F9:4A:73:92
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0199180A243153AB6255CDC299585A483321
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          10DB
Signing time:             Fri 05 Sep 2025 04:02:21 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:21 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:21 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: KaEFDJYv1sEq3lnPgoULVldbZv0wsg4S9v9bG/ddYLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:24:31:53:ab:62:55:cd:c2:99:58:5a:48:33:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Sep  5 04:02:21 2025 GMT
            Not After : Sep  6 04:02:21 2025 GMT
        Subject: CN=05751081e4a03977fe72986aa0ba4cecf94a7392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d6:6c:d5:9a:2d:a9:7f:88:ab:f1:fe:47:48:
                    87:fe:fb:cd:b5:bc:85:1e:e0:77:7e:ea:6c:7b:ae:
                    5a:55:af:33:85:38:71:42:37:b1:a1:53:78:ca:68:
                    a3:fd:ea:a3:49:38:b2:73:45:52:8d:85:a3:74:2e:
                    b5:c0:0d:a3:64:20:d1:fc:6b:31:cc:fb:2e:30:28:
                    48:ed:09:9d:fb:24:2c:06:e0:4e:76:af:eb:2d:57:
                    00:c5:33:0e:8b:cd:79:9e:5f:57:f6:39:4b:d6:35:
                    cd:7d:55:27:f0:0a:0e:ab:99:3b:19:cc:93:e0:1b:
                    02:b0:43:43:a4:73:cf:ab:5a:93:73:d0:f8:1e:7d:
                    37:75:26:fd:19:68:73:f1:32:f7:d3:22:39:a2:d7:
                    bc:77:71:5f:9c:86:2b:54:c3:87:b9:5c:26:a9:dc:
                    f9:87:8a:d1:ef:a9:7a:24:75:24:dd:bf:59:c8:55:
                    e0:b4:33:8c:61:8b:f0:aa:39:64:78:8f:96:0a:07:
                    cc:2a:0b:c2:09:4e:56:81:30:c8:b8:c8:60:ce:c9:
                    5a:ac:f9:31:b6:77:9e:d0:c4:9f:7f:b3:bc:73:78:
                    22:6e:d0:db:05:12:8b:35:ff:25:c5:da:9a:36:97:
                    e2:e5:ec:5b:36:fa:57:74:e3:b4:39:44:7a:6f:ad:
                    f2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:75:10:81:E4:A0:39:77:FE:72:98:6A:A0:BA:4C:EC:F9:4A:73:92
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:36:64:b1:bf:9b:e3:6a:e1:6c:8f:02:b0:2f:fb:b4:35:d6:
         20:2d:f3:7f:ec:3b:8c:a7:14:ae:9e:7a:d9:3e:d0:2c:75:e7:
         5f:1b:98:97:c5:b9:35:83:1a:48:09:a7:57:63:34:f7:a9:a3:
         ca:3d:a6:33:31:b5:49:aa:98:0c:53:32:ae:ce:b2:8e:4f:3e:
         91:35:66:90:c8:34:34:e0:5c:7e:ab:5f:4d:e1:78:91:d4:f2:
         cc:a5:ad:e5:68:66:6c:ea:1e:db:5f:34:99:3c:29:73:c5:56:
         77:78:8b:5f:6f:cc:a4:5b:36:06:2e:8f:78:3d:bb:09:cb:4d:
         c6:c2:ed:f7:a7:d9:b9:f5:47:6b:63:86:eb:f2:1f:df:2b:ee:
         9e:15:fd:c2:c4:55:67:d1:cc:f9:a6:d9:59:ef:a9:b9:4d:54:
         50:7f:bb:ad:74:ad:2b:79:90:9b:4b:84:61:0a:df:60:7a:9a:
         7a:24:40:e7:dd:ef:63:71:f6:44:06:a7:63:9d:2c:05:8d:d1:
         af:84:5a:5f:66:3f:c2:84:60:c5:2f:21:1f:3f:a9:05:38:e5:
         23:df:b5:5d:9a:d8:8c:7a:60:2a:3e:44:70:ff:a8:07:d3:cc:
         91:13:fb:e3:bb:fa:e8:9e:43:49:43:25:91:8a:8c:07:9a:80:
         55:3f:85:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCiQxU6tiVc3CmVhaSDMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwOTA1MDQwMjIxWhcNMjUwOTA2MDQwMjIxWjAzMTEwLwYDVQQD
EygwNTc1MTA4MWU0YTAzOTc3ZmU3Mjk4NmFhMGJhNGNlY2Y5NGE3MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdZs1ZotqX+Iq/H+R0iH/vvNtbyF
HuB3fupse65aVa8zhThxQjexoVN4ymij/eqjSTiyc0VSjYWjdC61wA2jZCDR/Gsx
zPsuMChI7Qmd+yQsBuBOdq/rLVcAxTMOi815nl9X9jlL1jXNfVUn8AoOq5k7GcyT
4BsCsENDpHPPq1qTc9D4Hn03dSb9GWhz8TL30yI5ote8d3FfnIYrVMOHuVwmqdz5
h4rR76l6JHUk3b9ZyFXgtDOMYYvwqjlkeI+WCgfMKgvCCU5WgTDIuMhgzslarPkx
tnee0MSff7O8c3gibtDbBRKLNf8lxdqaNpfi5exbNvpXdOO0OUR6b63yGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAV1EIHkoDl3/nKYaqC6TOz5SnOSMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiTZksb+b
42rhbI8CsC/7tDXWIC3zf+w7jKcUrp562T7QLHXnXxuYl8W5NYMaSAmnV2M096mj
yj2mMzG1SaqYDFMyrs6yjk8+kTVmkMg0NOBcfqtfTeF4kdTyzKWt5WhmbOoe2180
mTwpc8VWd3iLX2/MpFs2Bi6PeD27CctNxsLt96fZufVHa2OG6/If3yvunhX9wsRV
Z9HM+abZWe+puU1UUH+7rXStK3mQm0uEYQrfYHqaeiRA593vY3H2RAanY50sBY3R
r4RaX2Y/woRgxS8hHz+pBTjlI9+1XZrYjHpgKj5EcP+oB9PMkRP747v66J5DSUMl
kYqMB5qAVT+FWw==
-----END CERTIFICATE-----