Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          wrDQ5JBDwr9hCxqStxMFDhXUz82Zn0fDmFLgpkiFpMw=
Subject key identifier:   60:26:E3:A1:21:B3:42:29:26:68:17:F2:01:DD:E1:0C:31:E6:E3:27
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       019A4D05F2387721CDA4DA9474647979307C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 04:00:26 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:26 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:26 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: So8hXz/kB/Vxt9jo5kODieUME5vVzPfQ2THv2MJSziQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:05:f2:38:77:21:cd:a4:da:94:74:64:79:79:30:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Nov  4 04:00:26 2025 GMT
            Not After : Nov  5 04:00:26 2025 GMT
        Subject: CN=6026e3a121b34229266817f201dde10c31e6e327
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:40:6a:59:1e:8e:59:43:78:70:ef:34:cf:bf:
                    fc:94:1f:b0:ce:41:a1:11:e7:9c:c8:8e:1f:2d:38:
                    05:d5:5f:c4:5f:77:bd:c8:a0:5d:ee:42:5e:c3:66:
                    19:b8:0d:13:f6:10:39:33:27:03:1a:a6:2a:67:3a:
                    da:58:0c:64:7c:1a:c1:b5:00:15:bf:3d:25:f3:45:
                    95:e7:32:10:ff:e4:00:ab:60:13:46:57:46:79:a3:
                    6a:09:3f:95:61:99:37:a4:46:44:c6:94:84:a6:be:
                    fe:de:cd:78:30:53:45:95:8d:7a:5e:6b:2e:53:af:
                    98:e0:78:8b:42:4e:2e:ba:85:b5:cd:52:a4:ff:af:
                    e3:3e:4b:1c:f6:29:ba:d0:7a:89:0e:86:0d:d8:d0:
                    d9:70:98:4e:97:61:d6:05:ac:06:0f:0a:b2:ef:0b:
                    fe:69:d7:8e:c9:18:75:2c:48:59:c8:4e:57:8b:66:
                    1e:ed:1e:76:3e:94:ec:43:ff:ac:89:c7:e4:f1:71:
                    2e:5b:f1:10:5b:dd:a7:56:94:97:f1:b1:00:4e:33:
                    6c:65:d1:fa:34:02:b8:8d:b7:41:14:f4:70:9f:0c:
                    54:1e:3f:cd:98:6c:4b:ff:84:23:e6:f2:21:51:f7:
                    5b:41:b1:ad:cb:c9:a2:c3:d2:ff:be:1e:25:99:00:
                    86:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:26:E3:A1:21:B3:42:29:26:68:17:F2:01:DD:E1:0C:31:E6:E3:27
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:34:8c:75:8f:2e:71:a3:18:ec:38:68:c9:2f:aa:53:cb:54:
         11:a3:31:79:3c:5f:6d:40:3f:ac:0b:63:27:21:aa:5f:6a:70:
         0c:0d:57:ab:66:d3:a8:59:12:3a:45:9b:c0:99:61:a0:cd:6a:
         72:b4:2c:db:7c:89:57:fa:69:bc:a4:95:01:39:ae:53:3a:90:
         dc:7b:cb:9a:1d:80:ad:11:1d:35:80:1b:7b:c5:ff:b3:24:ba:
         62:17:70:93:40:a3:a4:ac:f7:73:8d:6b:79:18:3c:13:00:54:
         5c:58:8a:d4:2c:0a:39:f1:42:cb:27:65:f0:0f:f6:a5:c7:fe:
         ed:1b:d5:3a:6e:8f:a3:10:87:59:d4:a2:33:96:be:d0:2d:60:
         98:a6:85:54:48:67:c5:5c:01:21:2c:ea:dd:d3:79:9a:68:43:
         8c:a7:69:3c:d1:10:c2:a7:33:91:08:fd:60:af:72:3d:6f:8b:
         e1:96:78:c6:09:50:95:0c:b0:be:ba:86:c0:06:2c:cd:b7:77:
         c5:90:97:cb:6c:1f:6a:fe:9b:3c:2e:bd:54:ca:db:12:d4:86:
         6a:34:b1:19:7b:17:31:91:f0:bc:5f:55:f5:0f:55:e8:96:11:
         c6:15:57:98:5c:31:8c:72:a3:d2:f0:f4:1c:2d:b7:0b:e3:8c:
         dc:76:f3:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBfI4dyHNpNqUdGR5eTB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUxMTA0MDQwMDI2WhcNMjUxMTA1MDQwMDI2WjAzMTEwLwYDVQQD
Eyg2MDI2ZTNhMTIxYjM0MjI5MjY2ODE3ZjIwMWRkZTEwYzMxZTZlMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEBqWR6OWUN4cO80z7/8lB+wzkGh
EeecyI4fLTgF1V/EX3e9yKBd7kJew2YZuA0T9hA5MycDGqYqZzraWAxkfBrBtQAV
vz0l80WV5zIQ/+QAq2ATRldGeaNqCT+VYZk3pEZExpSEpr7+3s14MFNFlY16Xmsu
U6+Y4HiLQk4uuoW1zVKk/6/jPksc9im60HqJDoYN2NDZcJhOl2HWBawGDwqy7wv+
adeOyRh1LEhZyE5Xi2Ye7R52PpTsQ/+sicfk8XEuW/EQW92nVpSX8bEATjNsZdH6
NAK4jbdBFPRwnwxUHj/NmGxL/4Qj5vIhUfdbQbGty8miw9L/vh4lmQCG0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAm46Ehs0IpJmgX8gHd4Qwx5uMnMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjSMdY8u
caMY7DhoyS+qU8tUEaMxeTxfbUA/rAtjJyGqX2pwDA1Xq2bTqFkSOkWbwJlhoM1q
crQs23yJV/ppvKSVATmuUzqQ3HvLmh2ArREdNYAbe8X/syS6Yhdwk0CjpKz3c41r
eRg8EwBUXFiK1CwKOfFCyydl8A/2pcf+7RvVOm6PoxCHWdSiM5a+0C1gmKaFVEhn
xVwBISzq3dN5mmhDjKdpPNEQwqczkQj9YK9yPW+L4ZZ4xglQlQywvrqGwAYszbd3
xZCXy2wfav6bPC69VMrbEtSGajSxGXsXMZHwvF9V9Q9V6JYRxhVXmFwxjHKj0vD0
HC23C+OM3HbzEg==
-----END CERTIFICATE-----