Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File:                     3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier:          h9p6tWLa4cnnDcXFyfpefU/DL7Aa9n/8aG/af1ZbBu4=
Subject key identifier:   DB:B9:57:8B:C3:6C:68:43:93:64:65:C5:96:46:EE:89:68:EB:55:4E
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer:       /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial:       019923316ED6C0552F51739DC2DC2268E8ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number:          05C3
Signing time:             Sun 07 Sep 2025 08:01:06 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:06 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:06 +0000
Files and hashes:         1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: kPJPT4EsIX6o/r1fh4NM62aNCk+qCX5/xrfVWty5eHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:6e:d6:c0:55:2f:51:73:9d:c2:dc:22:68:e8:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
        Validity
            Not Before: Sep  7 08:01:06 2025 GMT
            Not After : Sep  8 08:01:06 2025 GMT
        Subject: CN=dbb9578bc36c6843936465c59646ee8968eb554e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bd:9c:38:9e:67:23:05:31:22:aa:9c:18:78:
                    02:86:d8:30:f3:0a:28:3b:71:d6:96:38:5f:b7:87:
                    2f:08:7e:24:53:24:9d:e7:12:6e:35:e9:58:29:26:
                    6e:3a:e4:d5:4a:32:ba:13:16:af:8b:68:56:96:6a:
                    d6:e3:ed:12:dd:50:36:e6:d0:e5:23:fa:93:9a:3c:
                    4c:1d:61:7e:93:e2:c2:3e:14:a8:4d:ce:c9:e1:cb:
                    63:d9:39:23:8c:84:78:b7:45:39:c9:2f:fc:71:05:
                    23:da:9a:c4:28:a5:64:db:47:9f:c0:3c:f0:96:23:
                    90:0f:89:8a:66:83:ac:46:ad:46:96:fb:89:de:37:
                    95:7e:7a:b6:1c:14:d0:85:07:e4:e6:35:9b:f7:40:
                    59:92:a0:4f:76:be:f0:95:df:c8:2c:03:1c:b6:36:
                    df:64:e5:eb:b5:32:48:21:c2:74:05:fb:09:c7:15:
                    51:86:46:3b:df:b9:51:e8:01:99:a1:c9:a8:15:03:
                    62:99:d5:1b:80:1f:cd:29:67:f0:d4:78:33:78:cb:
                    3d:a8:ed:a2:7b:0d:3d:85:1f:2a:f8:a2:de:2b:c0:
                    cb:e4:bc:cd:45:17:93:0e:9f:0f:ff:7f:d6:bb:f8:
                    0c:cc:89:cc:ba:21:84:71:b6:2e:d8:7c:1b:ba:75:
                    6e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:B9:57:8B:C3:6C:68:43:93:64:65:C5:96:46:EE:89:68:EB:55:4E
            X509v3 Authority Key Identifier:
                keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:17:4c:9a:90:f8:60:73:43:c9:d0:6e:32:c8:ac:c3:4d:e8:
         f1:56:93:ef:84:0b:1b:f3:60:3a:a9:c8:86:71:59:fc:9f:ea:
         80:4d:04:98:d2:a7:a8:a8:0e:5e:b0:8c:e7:73:dc:5e:d6:68:
         fb:a7:d6:4d:29:51:e2:60:b2:50:f9:34:d8:27:3e:97:42:20:
         a5:9a:cb:73:3e:5a:f1:3a:24:ad:de:a7:4d:8d:25:0a:72:09:
         dd:2e:6c:43:06:05:46:ad:59:13:4b:4f:a6:ba:2e:4c:14:46:
         40:7c:3b:dd:7c:a5:ee:fa:0a:88:25:f7:63:7b:20:d7:8d:40:
         cd:02:02:b4:e6:88:9e:ab:5a:bc:54:72:b0:33:7a:ab:62:2e:
         c0:fb:9b:bd:19:d3:29:fe:2b:53:df:31:23:e6:34:4b:ae:58:
         d5:32:5a:1b:56:38:29:b1:f2:0f:aa:db:71:a3:5b:a7:1c:83:
         e0:79:f0:2c:23:a0:b6:85:38:48:d2:8c:9e:69:f0:3f:14:f3:
         87:40:27:c4:42:f3:37:94:8d:cc:be:15:93:88:0a:31:0b:d9:
         51:ac:20:3f:d5:a7:7e:32:b8:b7:99:1e:fb:26:2d:20:6b:fd:
         b5:ca:19:49:82:ee:8c:38:fe:b1:be:05:e2:5e:99:2d:73:99:
         31:95:29:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMW7WwFUvUXOdwtwiaOjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjUwOTA3MDgwMTA2WhcNMjUwOTA4MDgwMTA2WjAzMTEwLwYDVQQD
EyhkYmI5NTc4YmMzNmM2ODQzOTM2NDY1YzU5NjQ2ZWU4OTY4ZWI1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr2cOJ5nIwUxIqqcGHgChtgw8woo
O3HWljhft4cvCH4kUySd5xJuNelYKSZuOuTVSjK6Exavi2hWlmrW4+0S3VA25tDl
I/qTmjxMHWF+k+LCPhSoTc7J4ctj2TkjjIR4t0U5yS/8cQUj2prEKKVk20efwDzw
liOQD4mKZoOsRq1GlvuJ3jeVfnq2HBTQhQfk5jWb90BZkqBPdr7wld/ILAMctjbf
ZOXrtTJIIcJ0BfsJxxVRhkY737lR6AGZocmoFQNimdUbgB/NKWfw1HgzeMs9qO2i
ew09hR8q+KLeK8DL5LzNRReTDp8P/3/Wu/gMzInMuiGEcbYu2HwbunVucQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNu5V4vDbGhDk2RlxZZG7olo61VOMB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBdMmpD4
YHNDydBuMsisw03o8VaT74QLG/NgOqnIhnFZ/J/qgE0EmNKnqKgOXrCM53PcXtZo
+6fWTSlR4mCyUPk02Cc+l0IgpZrLcz5a8Tokrd6nTY0lCnIJ3S5sQwYFRq1ZE0tP
prouTBRGQHw73Xyl7voKiCX3Y3sg141AzQICtOaInqtavFRysDN6q2IuwPubvRnT
Kf4rU98xI+Y0S65Y1TJaG1Y4KbHyD6rbcaNbpxyD4HnwLCOgtoU4SNKMnmnwPxTz
h0AnxELzN5SNzL4Vk4gKMQvZUawgP9WnfjK4t5ke+yYtIGv9tcoZSYLujDj+sb4F
4l6ZLXOZMZUpJQ==
-----END CERTIFICATE-----