Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          FHXYP/q+Ck0Wppa6EtZavBmPjsAHmEubCYMhUyesvu0=
Subject key identifier:   92:9D:B6:03:AE:0A:2D:CE:9D:FF:DD:BC:14:EA:E8:BA:80:2A:D0:8D
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       01987B9C001E0E41CEC3A897157603458DAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0741
Signing time:             Tue 05 Aug 2025 19:01:17 +0000
Manifest this update:     Tue 05 Aug 2025 19:01:17 +0000
Manifest next update:     Wed 06 Aug 2025 19:01:17 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 6apps2XTpTt4ixA3K5hYmaGshUPh6us3gJbzKgV27E0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 19:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9c:00:1e:0e:41:ce:c3:a8:97:15:76:03:45:8d:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Aug  5 19:01:17 2025 GMT
            Not After : Aug  6 19:01:17 2025 GMT
        Subject: CN=929db603ae0a2dce9dffddbc14eae8ba802ad08d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2d:e2:b0:09:c8:a4:89:5e:7b:7d:c6:9f:84:
                    a3:9f:bf:aa:18:46:ce:fd:bd:87:3c:70:34:3e:28:
                    30:ba:25:e0:4c:84:65:78:47:f2:8b:04:15:f2:5e:
                    4c:81:89:8a:aa:e6:d4:f5:bb:fa:a5:ec:1a:c8:6f:
                    0c:30:b9:5b:ab:0d:16:5a:af:9d:0e:89:59:69:71:
                    20:22:e4:5f:38:e1:1b:11:46:a1:26:87:51:66:1f:
                    e2:9c:10:e0:8c:e9:43:b5:15:eb:d6:11:cd:0a:f3:
                    98:8f:e8:e9:17:0d:79:f9:c4:60:4c:17:91:a2:78:
                    33:72:5a:6d:f3:44:a0:1d:69:10:79:13:a8:aa:78:
                    ce:39:2d:bc:f9:d9:b5:82:7f:af:9f:57:01:d1:75:
                    53:b1:d5:f8:dd:48:47:ca:a6:30:df:ad:a0:9f:a6:
                    b0:f7:1f:68:5f:14:9e:12:98:dc:98:5c:be:d4:d2:
                    47:eb:17:5d:2b:79:4a:8a:88:8a:80:26:19:2b:06:
                    22:f9:db:ed:32:11:e9:eb:fe:f2:ff:e6:f9:1e:ef:
                    fc:45:90:c7:15:54:25:7f:01:38:22:1d:e9:e2:3d:
                    82:61:88:96:dc:93:94:7e:20:5a:11:c5:d8:05:95:
                    39:02:b1:4e:a6:ba:37:94:f5:cd:cc:f0:ef:21:78:
                    e3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:9D:B6:03:AE:0A:2D:CE:9D:FF:DD:BC:14:EA:E8:BA:80:2A:D0:8D
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:6a:5c:22:d4:64:e5:50:7a:b8:bf:fb:a1:48:24:37:21:46:
         4d:55:9f:34:d6:a6:fc:bd:52:14:19:79:ff:99:90:aa:e4:df:
         c1:fa:a0:92:d2:2a:00:ef:34:d5:13:c5:17:34:c1:99:3d:53:
         39:33:ae:6d:bd:93:9a:c8:34:c1:26:d6:1c:24:5a:dd:03:a1:
         b1:0a:7a:a3:4f:82:de:7c:00:dd:61:ef:c8:4f:32:eb:86:19:
         1e:22:28:e3:35:0f:f6:d9:87:55:6e:69:e2:65:d2:f4:fc:b2:
         34:6f:28:89:c1:4b:ce:87:9d:c7:f4:1f:27:74:44:6f:02:63:
         9d:53:a6:9b:6a:83:19:d6:dd:8e:0a:7f:35:73:19:77:41:e6:
         39:be:b9:f0:38:7b:6c:7e:f1:9e:cb:48:12:cd:42:14:a9:a6:
         7a:cf:24:a1:47:20:f1:a7:36:d7:02:4e:4d:f9:8b:72:b7:5a:
         aa:9b:05:db:85:e3:86:fb:dd:21:76:00:9a:d9:2b:e9:81:cd:
         b5:99:86:96:a6:fc:24:8d:6a:d7:8b:05:b5:d9:5f:b1:36:bf:
         f6:2a:8c:40:4d:7e:bb:57:fe:7e:ee:fd:5e:91:67:2d:70:39:
         30:1e:3b:c7:0e:ec:3a:ab:d8:68:bf:54:51:83:81:e5:3b:49:
         e6:10:69:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nAAeDkHOw6iXFXYDRY2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUwODA1MTkwMTE3WhcNMjUwODA2MTkwMTE3WjAzMTEwLwYDVQQD
Eyg5MjlkYjYwM2FlMGEyZGNlOWRmZmRkYmMxNGVhZThiYTgwMmFkMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi3isAnIpIlee33Gn4Sjn7+qGEbO
/b2HPHA0PigwuiXgTIRleEfyiwQV8l5MgYmKqubU9bv6pewayG8MMLlbqw0WWq+d
DolZaXEgIuRfOOEbEUahJodRZh/inBDgjOlDtRXr1hHNCvOYj+jpFw15+cRgTBeR
ongzclpt80SgHWkQeROoqnjOOS28+dm1gn+vn1cB0XVTsdX43UhHyqYw362gn6aw
9x9oXxSeEpjcmFy+1NJH6xddK3lKioiKgCYZKwYi+dvtMhHp6/7y/+b5Hu/8RZDH
FVQlfwE4Ih3p4j2CYYiW3JOUfiBaEcXYBZU5ArFOpro3lPXNzPDvIXjjqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKdtgOuCi3Onf/dvBTq6LqAKtCNMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGpcItRk
5VB6uL/7oUgkNyFGTVWfNNam/L1SFBl5/5mQquTfwfqgktIqAO801RPFFzTBmT1T
OTOubb2Tmsg0wSbWHCRa3QOhsQp6o0+C3nwA3WHvyE8y64YZHiIo4zUP9tmHVW5p
4mXS9PyyNG8oicFLzoedx/QfJ3REbwJjnVOmm2qDGdbdjgp/NXMZd0HmOb658Dh7
bH7xnstIEs1CFKmmes8koUcg8ac21wJOTfmLcrdaqpsF24XjhvvdIXYAmtkr6YHN
tZmGlqb8JI1q14sFtdlfsTa/9iqMQE1+u1f+fu79XpFnLXA5MB47xw7sOqvYaL9U
UYOB5TtJ5hBpNA==
-----END CERTIFICATE-----