Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          HENNaw55FLdUBrzASK9SAqMJwBcbtZezj9BO1wXTQ9g=
Subject key identifier:   AD:20:B3:94:3A:3D:BC:DD:04:96:22:50:40:CE:DA:82:30:A0:EC:58
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0198917EF1CF737C59DF6A75C49873B36A15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          09F8
Signing time:             Sun 10 Aug 2025 01:01:12 +0000
Manifest this update:     Sun 10 Aug 2025 01:01:12 +0000
Manifest next update:     Mon 11 Aug 2025 01:01:12 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: TCt1VryeZ5y5Xiwrsl6yoU1yRUzEvQOM+Y/DlLN6B9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:7e:f1:cf:73:7c:59:df:6a:75:c4:98:73:b3:6a:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Aug 10 01:01:12 2025 GMT
            Not After : Aug 11 01:01:12 2025 GMT
        Subject: CN=ad20b3943a3dbcdd0496225040ceda8230a0ec58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:08:ef:16:32:f4:1b:c7:96:a2:48:01:09:7d:
                    73:46:46:a7:2b:d7:02:eb:1d:2c:d0:6e:85:71:bf:
                    28:12:ca:fd:ac:b9:28:0a:01:11:54:11:ef:ac:e8:
                    19:a9:38:37:2a:21:30:80:be:b3:d4:83:70:9c:88:
                    83:f0:b2:10:3a:c8:8c:70:07:18:d8:fb:77:df:94:
                    61:75:25:6c:65:57:01:a6:2f:7e:bb:38:b3:fa:1d:
                    29:5f:d9:3a:3f:b2:1e:c9:d6:31:37:dd:e8:0b:3e:
                    34:86:57:85:a2:40:7a:26:3a:3e:b5:0b:da:0f:79:
                    ad:4f:86:3d:be:72:7e:fe:98:a8:75:aa:42:11:65:
                    5b:7b:2c:db:a2:41:75:4f:15:f7:43:a0:8d:d8:0f:
                    89:30:b0:23:56:50:7a:60:72:8f:f3:0f:62:54:53:
                    38:b7:6b:8a:52:84:ad:93:f3:25:0f:54:a1:4e:40:
                    cc:54:dd:c1:7a:cf:0e:41:9d:4f:9c:3c:7b:81:a6:
                    d2:8f:14:a7:5d:62:3a:3b:27:a7:5a:81:0a:f8:6d:
                    82:b9:20:ae:65:47:ef:df:f1:af:a8:1b:0c:29:d8:
                    28:0b:c6:d3:8d:8d:36:a0:2e:9a:73:69:a8:f1:9c:
                    2d:5c:4a:96:b0:04:e0:13:d1:79:96:c3:c5:09:b4:
                    d3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:20:B3:94:3A:3D:BC:DD:04:96:22:50:40:CE:DA:82:30:A0:EC:58
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:31:49:ca:fd:8a:81:f3:57:47:ec:16:1b:9b:00:1c:30:a6:
         18:c5:d1:bd:c8:14:e4:9d:5e:bc:5b:15:42:3a:5e:19:09:cf:
         9c:30:cc:27:f5:58:07:70:07:b7:a8:e3:ee:72:4f:f5:ea:21:
         cd:95:f3:b1:a0:b4:ef:24:c7:16:7d:c0:13:db:dd:9e:ba:80:
         ea:fd:f9:85:dc:48:20:25:b3:4a:63:92:2d:96:1b:a3:8c:dd:
         fd:cb:cc:6e:37:6b:21:a2:11:d0:41:39:54:a1:b1:f3:a7:60:
         09:ec:29:b6:0e:be:1a:0f:1b:82:9d:d1:d6:f0:91:7c:1e:3b:
         f9:64:53:cd:d3:29:62:3f:0d:5c:0f:b6:57:ba:65:69:f6:b2:
         fd:21:dd:7a:b4:d6:e5:61:68:2c:43:d2:cf:9b:82:34:ff:5c:
         8d:c3:8e:ac:a7:7f:39:22:6b:9d:07:bd:62:9f:c3:b1:84:96:
         02:10:43:84:1a:25:e5:13:4c:3f:73:4d:ad:b0:5c:7d:e8:82:
         b4:e9:1c:db:ba:dc:c5:3f:dd:6d:76:bf:a0:0b:5e:c7:28:a6:
         0f:d2:28:8f:7f:e1:5d:81:08:da:55:f7:75:f0:83:a7:b9:25:
         f6:5b:e0:db:a1:f5:47:77:1e:85:f6:88:fc:a4:39:df:31:76:
         73:0e:60:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRfvHPc3xZ32p1xJhzs2oVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwODEwMDEwMTEyWhcNMjUwODExMDEwMTEyWjAzMTEwLwYDVQQD
EyhhZDIwYjM5NDNhM2RiY2RkMDQ5NjIyNTA0MGNlZGE4MjMwYTBlYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAjvFjL0G8eWokgBCX1zRkanK9cC
6x0s0G6Fcb8oEsr9rLkoCgERVBHvrOgZqTg3KiEwgL6z1INwnIiD8LIQOsiMcAcY
2Pt335RhdSVsZVcBpi9+uziz+h0pX9k6P7IeydYxN93oCz40hleFokB6Jjo+tQva
D3mtT4Y9vnJ+/piodapCEWVbeyzbokF1TxX3Q6CN2A+JMLAjVlB6YHKP8w9iVFM4
t2uKUoStk/MlD1ShTkDMVN3Bes8OQZ1PnDx7gabSjxSnXWI6OyenWoEK+G2CuSCu
ZUfv3/GvqBsMKdgoC8bTjY02oC6ac2mo8ZwtXEqWsATgE9F5lsPFCbTTHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0gs5Q6PbzdBJYiUEDO2oIwoOxYMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljFJyv2K
gfNXR+wWG5sAHDCmGMXRvcgU5J1evFsVQjpeGQnPnDDMJ/VYB3AHt6jj7nJP9eoh
zZXzsaC07yTHFn3AE9vdnrqA6v35hdxIICWzSmOSLZYbo4zd/cvMbjdrIaIR0EE5
VKGx86dgCewptg6+Gg8bgp3R1vCRfB47+WRTzdMpYj8NXA+2V7plafay/SHderTW
5WFoLEPSz5uCNP9cjcOOrKd/OSJrnQe9Yp/DsYSWAhBDhBol5RNMP3NNrbBcfeiC
tOkc27rcxT/dbXa/oAtexyimD9Ioj3/hXYEI2lX3dfCDp7kl9lvg26H1R3cehfaI
/KQ53zF2cw5geQ==
-----END CERTIFICATE-----