Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          G2peOmH65LGM+uc1EbMJf99S2jF0//Xqrul0o/lDznE=
Subject key identifier:   24:F2:10:AF:4F:8E:91:70:F9:D4:A2:E7:C7:09:9F:8E:3F:D4:8B:31
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       019873E38F45DD585604707639E490127242
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 07:02:29 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:29 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:29 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: ybS0QXuLwrnkAr8x74DFx7wtLyCSMfhgOp+klx4SGk8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:8f:45:dd:58:56:04:70:76:39:e4:90:12:72:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Aug  4 07:02:29 2025 GMT
            Not After : Aug  5 07:02:29 2025 GMT
        Subject: CN=24f210af4f8e9170f9d4a2e7c7099f8e3fd48b31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5c:30:03:0c:fa:75:e2:c6:40:fb:ce:e9:41:
                    5f:b0:e5:f3:7c:a9:d3:78:31:d1:ee:21:79:7d:95:
                    d1:fb:9d:91:ed:12:a0:a3:16:da:2e:d2:9f:40:53:
                    21:17:1e:d5:bf:b9:14:bd:7d:e8:88:62:d4:6f:91:
                    59:b0:f2:83:4c:db:9b:b2:83:03:b0:88:08:9d:9c:
                    ba:a8:c0:a0:e9:43:5f:5c:5a:6d:a5:e9:0c:6d:f2:
                    2e:5e:fb:29:4f:1c:4f:d6:61:c5:1e:dd:65:ad:43:
                    6f:40:fe:ed:0c:23:10:55:43:14:d8:00:39:2b:a0:
                    ea:6e:29:23:55:3b:07:63:3c:6b:5b:24:74:f3:4b:
                    8c:3e:af:e5:f6:5c:4f:e4:39:3e:b9:80:90:40:ba:
                    1f:1f:6b:f0:c8:81:77:0e:77:96:98:a1:93:cd:2b:
                    9a:03:5d:99:68:9e:7d:b0:e8:92:de:e4:64:75:ca:
                    80:a5:35:7a:65:62:bd:e9:40:d2:7b:7a:28:4f:f8:
                    f8:ae:08:23:3f:63:22:66:d3:c5:33:11:59:2c:f7:
                    b1:32:31:9b:5f:97:a6:00:de:f2:90:e5:63:45:d5:
                    35:01:76:eb:bf:d3:19:1b:0b:0f:30:ee:92:45:db:
                    3a:00:e7:f5:ed:87:f7:67:3b:61:64:52:ee:d1:84:
                    40:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:F2:10:AF:4F:8E:91:70:F9:D4:A2:E7:C7:09:9F:8E:3F:D4:8B:31
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:e6:6a:03:85:8b:c1:65:da:e0:71:41:71:fd:3d:99:c9:48:
         ee:ab:4e:15:40:3b:3c:ec:3b:cc:df:23:a7:41:2a:dd:7d:d7:
         4e:26:47:c2:7d:f2:1c:2b:2f:3a:1a:95:ae:7b:8e:78:f1:04:
         9d:c9:b3:3a:76:34:39:cc:07:13:e9:48:23:6a:59:2c:4b:ef:
         60:34:f4:2e:10:84:4a:ca:42:0a:b9:43:97:b5:36:97:e0:3c:
         ed:aa:22:58:fd:3a:f4:3d:62:3a:ef:82:8e:f1:c3:40:61:9f:
         ff:44:eb:22:34:db:40:e6:84:b0:bf:df:e2:01:6a:66:b5:8f:
         6a:c6:f9:66:35:19:5d:ba:92:b3:fa:d6:d4:2b:66:ea:9d:3b:
         aa:fd:23:6e:89:34:8e:c7:52:84:3d:13:4f:a5:4c:ff:1b:2d:
         be:d0:ce:f3:fd:ff:fd:db:cb:9d:ef:c3:b2:7a:ec:96:e6:2e:
         ba:45:4e:6e:13:a2:4d:70:ab:59:ac:f8:9f:09:2a:ce:38:ea:
         11:03:82:77:57:fa:63:b7:42:b4:88:b1:3e:54:f1:56:3b:13:
         ec:35:b3:e1:62:16:53:26:6d:1a:7c:ab:65:e6:1d:09:dc:9c:
         4f:25:13:5c:f0:1e:4c:fe:b8:ae:b6:04:94:6e:66:45:99:e8:
         39:94:52:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz449F3VhWBHB2OeSQEnJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwODA0MDcwMjI5WhcNMjUwODA1MDcwMjI5WjAzMTEwLwYDVQQD
EygyNGYyMTBhZjRmOGU5MTcwZjlkNGEyZTdjNzA5OWY4ZTNmZDQ4YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1wwAwz6deLGQPvO6UFfsOXzfKnT
eDHR7iF5fZXR+52R7RKgoxbaLtKfQFMhFx7Vv7kUvX3oiGLUb5FZsPKDTNubsoMD
sIgInZy6qMCg6UNfXFptpekMbfIuXvspTxxP1mHFHt1lrUNvQP7tDCMQVUMU2AA5
K6DqbikjVTsHYzxrWyR080uMPq/l9lxP5Dk+uYCQQLofH2vwyIF3DneWmKGTzSua
A12ZaJ59sOiS3uRkdcqApTV6ZWK96UDSe3ooT/j4rggjP2MiZtPFMxFZLPexMjGb
X5emAN7ykOVjRdU1AXbrv9MZGwsPMO6SRds6AOf17Yf3ZzthZFLu0YRA5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTyEK9PjpFw+dSi58cJn44/1IsxMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOZqA4WL
wWXa4HFBcf09mclI7qtOFUA7POw7zN8jp0Eq3X3XTiZHwn3yHCsvOhqVrnuOePEE
ncmzOnY0OcwHE+lII2pZLEvvYDT0LhCESspCCrlDl7U2l+A87aoiWP069D1iOu+C
jvHDQGGf/0TrIjTbQOaEsL/f4gFqZrWPasb5ZjUZXbqSs/rW1Ctm6p07qv0jbok0
jsdShD0TT6VM/xstvtDO8/3//dvLne/DsnrsluYuukVObhOiTXCrWaz4nwkqzjjq
EQOCd1f6Y7dCtIixPlTxVjsT7DWz4WIWUyZtGnyrZeYdCdycTyUTXPAeTP64rrYE
lG5mRZnoOZRSrA==
-----END CERTIFICATE-----