Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          qUcnSOXBM/LraTG7uvhfyFouWTw9lMvYcWS5kvS1ZEg=
Subject key identifier:   C5:75:CB:E8:13:30:15:99:E0:C9:85:F2:B6:6F:76:99:32:F9:AE:D8
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       019874505731072AD127440CE7F16D34D1D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0DC2
Signing time:             Mon 04 Aug 2025 09:01:18 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:18 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:18 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: +Ro9Myx7P0POGWVoGYe07w4tQiX3MQb+9K0S2w2fAuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:57:31:07:2a:d1:27:44:0c:e7:f1:6d:34:d1:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Aug  4 09:01:18 2025 GMT
            Not After : Aug  5 09:01:18 2025 GMT
        Subject: CN=c575cbe813301599e0c985f2b66f769932f9aed8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fb:11:d5:ce:b6:6d:7c:42:19:40:d3:fd:ff:
                    f6:02:d0:ce:bf:2e:e8:63:58:5a:57:45:85:5f:df:
                    e3:5c:54:90:1f:0a:3a:c3:9b:af:46:3f:82:4d:7e:
                    e3:83:62:6f:55:26:e6:73:c8:d3:63:9f:81:a3:f5:
                    7b:1a:b7:83:10:f2:30:aa:79:cf:e9:bb:4c:22:70:
                    d8:07:69:c1:35:74:93:45:f9:c1:cc:21:42:89:ae:
                    61:7f:fa:d9:3e:7e:45:1e:36:f7:07:d2:b9:a6:46:
                    79:3a:dd:88:4f:ee:00:c6:f9:2b:31:60:7e:a9:0b:
                    91:6c:50:55:b9:7b:09:23:4a:ad:88:20:1b:62:38:
                    a2:c8:94:77:0c:fb:fe:ed:32:ba:d3:cd:e3:21:5a:
                    f5:ec:69:5b:ad:b0:f6:21:0f:d5:7a:5f:f0:65:e0:
                    85:2a:8f:e7:78:89:b4:e5:6a:25:f5:33:be:5d:c3:
                    00:25:b8:3b:20:dd:f3:f2:cc:18:69:0f:8b:8b:17:
                    18:d1:c4:6b:b8:ea:4c:e2:92:66:fe:70:c0:b7:ab:
                    04:c4:34:d3:d7:10:88:d4:4e:b8:45:69:2c:da:d8:
                    c9:e6:e0:00:ae:7e:c2:94:fd:58:07:9d:6d:82:2c:
                    05:98:de:1c:20:0b:71:3e:ef:54:0b:82:24:98:45:
                    6f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:75:CB:E8:13:30:15:99:E0:C9:85:F2:B6:6F:76:99:32:F9:AE:D8
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:bd:7c:9c:9b:8e:f7:40:f8:5a:be:12:63:47:59:88:00:21:
         de:e3:d2:3a:a4:a8:f6:58:1f:13:e9:c2:dc:52:d3:34:05:8e:
         23:17:4d:75:59:4d:6f:68:bd:75:04:11:4e:55:7c:5a:04:76:
         e6:24:de:61:60:7f:2a:d8:ba:8b:13:1e:8c:dd:e3:8e:da:36:
         6b:2a:30:1a:81:b4:54:9a:0f:4a:d7:50:db:d0:29:29:63:31:
         1f:a7:e8:16:db:3d:c4:e1:ec:fb:10:ea:33:e7:47:5f:83:73:
         6e:68:55:0c:ca:d1:88:c5:d3:b0:9b:22:9f:93:20:18:76:dc:
         7f:38:b7:2b:09:0d:11:48:07:39:73:bf:bd:ac:24:8a:fe:8e:
         cb:f2:d9:46:f6:cb:50:bf:cf:35:d4:2d:5a:57:b5:90:aa:97:
         6d:09:fa:39:71:35:44:d9:7e:61:ba:5d:21:81:b0:80:18:41:
         a6:5e:77:8d:51:72:b4:96:67:58:c3:b3:1c:88:c3:4b:43:93:
         e4:4b:2a:74:29:8f:8c:2d:18:be:5a:49:fe:f7:8c:b1:98:11:
         96:31:d3:78:ed:56:74:05:ce:e0:5c:8d:62:25:77:1d:9b:5d:
         af:0d:d8:54:b7:d1:69:31:cd:40:e5:ce:b5:71:13:f6:1f:0e:
         fd:cf:12:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UFcxByrRJ0QM5/FtNNHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwODA0MDkwMTE4WhcNMjUwODA1MDkwMTE4WjAzMTEwLwYDVQQD
EyhjNTc1Y2JlODEzMzAxNTk5ZTBjOTg1ZjJiNjZmNzY5OTMyZjlhZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PsR1c62bXxCGUDT/f/2AtDOvy7o
Y1haV0WFX9/jXFSQHwo6w5uvRj+CTX7jg2JvVSbmc8jTY5+Bo/V7GreDEPIwqnnP
6btMInDYB2nBNXSTRfnBzCFCia5hf/rZPn5FHjb3B9K5pkZ5Ot2IT+4AxvkrMWB+
qQuRbFBVuXsJI0qtiCAbYjiiyJR3DPv+7TK6083jIVr17GlbrbD2IQ/Vel/wZeCF
Ko/neIm05Wol9TO+XcMAJbg7IN3z8swYaQ+LixcY0cRruOpM4pJm/nDAt6sExDTT
1xCI1E64RWks2tjJ5uAArn7ClP1YB51tgiwFmN4cIAtxPu9UC4IkmEVvPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMV1y+gTMBWZ4MmF8rZvdpky+a7YMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA718nJuO
90D4Wr4SY0dZiAAh3uPSOqSo9lgfE+nC3FLTNAWOIxdNdVlNb2i9dQQRTlV8WgR2
5iTeYWB/Kti6ixMejN3jjto2ayowGoG0VJoPStdQ29ApKWMxH6foFts9xOHs+xDq
M+dHX4NzbmhVDMrRiMXTsJsin5MgGHbcfzi3KwkNEUgHOXO/vawkiv6Oy/LZRvbL
UL/PNdQtWle1kKqXbQn6OXE1RNl+YbpdIYGwgBhBpl53jVFytJZnWMOzHIjDS0OT
5EsqdCmPjC0YvlpJ/veMsZgRljHTeO1WdAXO4FyNYiV3HZtdrw3YVLfRaTHNQOXO
tXET9h8O/c8SEg==
-----END CERTIFICATE-----