Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          MkJRGNzSUCsR8XvCIYTlyKrXuh0HpNcEC4ouQLpMw6A=
Subject key identifier:   04:74:DF:5F:25:6E:A4:74:7C:D0:CF:3F:15:CD:C3:5E:20:36:C7:57
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019896A4B23363D9D6BFBE068AD0FC0EC291
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          06BA
Signing time:             Mon 11 Aug 2025 01:00:32 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:32 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:32 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: HzOlDvPfp27flpVPZwZxckK0K95/QZIxtk/5JvX6yCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:b2:33:63:d9:d6:bf:be:06:8a:d0:fc:0e:c2:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Aug 11 01:00:32 2025 GMT
            Not After : Aug 12 01:00:32 2025 GMT
        Subject: CN=0474df5f256ea4747cd0cf3f15cdc35e2036c757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:40:74:98:d8:b5:10:2b:e4:b9:82:5f:c1:7c:
                    5e:11:b3:2a:38:a7:8e:02:8d:c8:7e:66:a7:de:7d:
                    54:d7:b3:d8:05:1b:9f:77:50:3f:1b:47:cf:d7:ae:
                    28:91:66:50:61:7f:01:b8:f1:31:6c:d5:db:49:0b:
                    b3:05:56:8f:6c:fc:52:5d:36:40:79:26:a1:8e:e4:
                    3b:47:4c:1e:ee:2c:8b:c6:1a:25:6f:89:b7:27:0e:
                    86:32:51:7a:4b:8e:ad:be:13:0e:3f:1b:27:7b:48:
                    bc:9d:8b:1f:02:41:dc:3c:95:db:6d:ca:43:d1:8c:
                    ea:04:00:10:3a:47:fe:eb:40:43:99:49:0c:29:13:
                    55:24:86:2c:51:04:43:81:09:b8:3b:aa:87:3c:4b:
                    03:02:13:09:c4:7a:04:ee:55:4c:f2:c3:e3:44:48:
                    d4:a6:ab:6d:de:04:11:cb:03:93:24:90:b5:a6:d1:
                    18:ed:81:de:dc:65:ae:62:cd:27:0f:4b:87:60:34:
                    03:a2:86:fc:05:7b:77:0e:9f:90:c9:00:be:b7:c4:
                    b6:0d:d2:d4:31:00:5d:cc:ba:59:e4:ef:d7:59:2a:
                    7b:6f:86:63:5d:8e:85:28:56:47:c4:4d:e2:4c:88:
                    5c:ae:75:6f:be:11:75:6b:03:db:ee:94:8d:98:5d:
                    33:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:74:DF:5F:25:6E:A4:74:7C:D0:CF:3F:15:CD:C3:5E:20:36:C7:57
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:ca:6f:62:61:71:ae:f0:f7:a0:8b:b2:1b:e0:43:10:8c:a7:
         97:b4:5a:54:d1:7a:93:47:69:6a:7e:0f:08:1a:b5:95:04:c8:
         eb:7c:d3:7a:4f:9c:83:c9:92:50:c0:fd:4c:87:4c:fc:db:38:
         4c:e6:31:99:79:88:c0:19:98:a7:8f:04:0c:fd:4b:12:74:05:
         06:c8:5f:c2:fd:fe:d4:47:03:dc:fb:2f:8f:e2:ae:20:45:e3:
         e9:e0:e1:22:33:7a:13:d5:e6:b1:06:72:d5:5c:4f:a7:69:05:
         7a:d3:20:ea:1e:37:f8:1b:e2:ed:bd:e9:2c:13:e7:f4:6d:ba:
         63:77:1c:90:2e:10:7e:29:d6:de:41:ff:f2:db:b3:cd:56:81:
         3e:2e:1d:bc:4b:e8:cc:f7:a6:41:ba:10:77:d5:c7:c0:bc:d4:
         a7:74:63:3a:81:92:06:87:7d:1f:af:32:60:1a:18:5a:38:1c:
         b0:6a:17:99:36:3d:df:b6:21:16:3e:1f:fa:77:f2:f8:98:5a:
         ba:7d:7c:e6:ad:a4:84:a5:44:31:6f:db:11:ac:74:16:32:d3:
         65:73:b0:fb:aa:71:c5:40:52:ea:f6:26:71:53:78:c9:78:a9:
         86:b9:dd:17:f5:d4:c6:13:e3:52:47:b6:bd:07:c3:89:99:92:
         80:0f:b7:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpLIzY9nWv74GitD8DsKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwODExMDEwMDMyWhcNMjUwODEyMDEwMDMyWjAzMTEwLwYDVQQD
EygwNDc0ZGY1ZjI1NmVhNDc0N2NkMGNmM2YxNWNkYzM1ZTIwMzZjNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kB0mNi1ECvkuYJfwXxeEbMqOKeO
Ao3Ifman3n1U17PYBRufd1A/G0fP164okWZQYX8BuPExbNXbSQuzBVaPbPxSXTZA
eSahjuQ7R0we7iyLxholb4m3Jw6GMlF6S46tvhMOPxsne0i8nYsfAkHcPJXbbcpD
0YzqBAAQOkf+60BDmUkMKRNVJIYsUQRDgQm4O6qHPEsDAhMJxHoE7lVM8sPjREjU
pqtt3gQRywOTJJC1ptEY7YHe3GWuYs0nD0uHYDQDoob8BXt3Dp+QyQC+t8S2DdLU
MQBdzLpZ5O/XWSp7b4ZjXY6FKFZHxE3iTIhcrnVvvhF1awPb7pSNmF0zQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAR0318lbqR0fNDPPxXNw14gNsdXMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhMpvYmFx
rvD3oIuyG+BDEIynl7RaVNF6k0dpan4PCBq1lQTI63zTek+cg8mSUMD9TIdM/Ns4
TOYxmXmIwBmYp48EDP1LEnQFBshfwv3+1EcD3Psvj+KuIEXj6eDhIjN6E9XmsQZy
1VxPp2kFetMg6h43+Bvi7b3pLBPn9G26Y3cckC4QfinW3kH/8tuzzVaBPi4dvEvo
zPemQboQd9XHwLzUp3RjOoGSBod9H68yYBoYWjgcsGoXmTY937YhFj4f+nfy+Jha
un185q2khKVEMW/bEax0FjLTZXOw+6pxxUBS6vYmcVN4yXiphrndF/XUxhPjUke2
vQfDiZmSgA+3hg==
-----END CERTIFICATE-----