Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          YBLducWM4imE44WyfkaJ/r6xlLHXdLK1sOsIsV25XS0=
Subject key identifier:   B1:32:08:CF:6C:D9:FD:8C:C0:11:84:7A:D6:E6:46:48:D8:B1:5C:16
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       0198917EC071742FEC018CA5668F0D033C85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1623
Signing time:             Sun 10 Aug 2025 01:00:59 +0000
Manifest this update:     Sun 10 Aug 2025 01:00:59 +0000
Manifest next update:     Mon 11 Aug 2025 01:00:59 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: qcqj1LWJvAiXcgeZnksFblxDPAxkmZp0vFPTGy8ddPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 23:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:7e:c0:71:74:2f:ec:01:8c:a5:66:8f:0d:03:3c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Aug 10 01:00:59 2025 GMT
            Not After : Aug 11 01:00:59 2025 GMT
        Subject: CN=b13208cf6cd9fd8cc011847ad6e64648d8b15c16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:05:f1:8f:aa:6e:ef:55:1f:f5:24:7b:b7:91:
                    4a:ff:14:ed:68:93:39:5b:89:62:d2:99:4f:80:d9:
                    aa:e8:b6:c1:4b:62:8d:cc:86:69:c6:c9:64:95:9b:
                    18:5a:5a:24:9c:d3:ea:0e:c8:71:dc:64:01:5a:d6:
                    89:96:fc:34:f2:b1:3e:25:49:2b:e8:3b:0b:4e:e9:
                    34:35:ef:76:b7:44:4b:04:fe:f4:c4:24:1c:89:47:
                    ca:2d:3d:1e:9c:7f:f3:b9:97:89:22:41:90:76:48:
                    21:8b:3a:84:c0:da:e8:30:d3:01:0c:36:31:66:4d:
                    ac:33:86:02:f3:9c:5f:bb:dd:55:85:74:1c:c5:fe:
                    43:d2:da:11:b7:0c:61:13:4b:a2:d7:70:98:26:bb:
                    1d:30:32:59:b2:3b:45:f1:ba:6e:0d:04:17:fb:ac:
                    3e:af:3e:9a:66:0b:7a:e8:29:73:3f:3a:66:3c:9f:
                    12:9b:55:59:25:79:0e:f4:54:2a:cf:3f:b6:4b:d0:
                    3f:f8:a8:99:1f:81:4f:0b:b0:11:3e:ca:d7:e1:a6:
                    dd:6d:21:4a:3b:c6:e3:10:54:fd:b6:ee:68:c3:91:
                    cc:c9:e9:62:15:eb:4b:32:1c:a4:8d:fd:49:16:37:
                    bf:97:91:e1:bd:ef:17:6f:62:0c:aa:e2:d3:db:6f:
                    c3:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:32:08:CF:6C:D9:FD:8C:C0:11:84:7A:D6:E6:46:48:D8:B1:5C:16
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:cb:6a:a5:34:06:4d:f3:52:09:7d:6e:00:34:f6:d5:9d:b2:
         74:8a:bd:f2:1c:73:03:f9:c5:e7:c0:6c:66:27:cf:6a:53:ce:
         f7:70:e8:22:4a:fc:5a:38:4c:3c:d6:de:d0:85:b8:37:d4:bd:
         8a:bd:b0:ec:70:d6:8f:09:e8:39:1b:48:1b:f2:30:01:32:bb:
         a0:0a:3b:ea:85:bc:7f:78:be:b5:2b:46:36:0e:04:ed:0b:70:
         2e:ad:1d:55:21:23:37:d0:47:d4:92:06:ae:c8:c7:2b:53:96:
         ed:5a:91:b1:2a:5a:3c:7e:6f:da:c1:f1:86:a8:cc:04:a3:8b:
         2e:de:83:be:2c:c7:26:89:87:72:1f:e2:2e:cf:08:46:c6:5c:
         14:bd:be:3c:65:71:18:09:bd:06:a3:1e:c3:29:e5:87:e5:eb:
         9b:c5:62:2a:25:9a:96:1e:f3:e2:1b:b4:87:01:8c:01:a8:bf:
         07:42:2d:fc:fe:24:2a:c3:84:1e:57:1f:87:21:f7:55:b7:0e:
         a4:0d:e9:3f:05:02:c9:f0:bc:84:b9:e5:d5:9d:78:e2:23:ee:
         db:5d:0b:c6:74:83:f2:40:1e:04:3a:dd:8a:b6:13:d1:8b:58:
         b6:9a:4a:c6:9a:5a:bf:37:33:9d:fa:0d:67:6c:f8:65:d7:0d:
         8f:3b:7b:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRfsBxdC/sAYylZo8NAzyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUwODEwMDEwMDU5WhcNMjUwODExMDEwMDU5WjAzMTEwLwYDVQQD
EyhiMTMyMDhjZjZjZDlmZDhjYzAxMTg0N2FkNmU2NDY0OGQ4YjE1YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQXxj6pu71Uf9SR7t5FK/xTtaJM5
W4li0plPgNmq6LbBS2KNzIZpxslklZsYWloknNPqDshx3GQBWtaJlvw08rE+JUkr
6DsLTuk0Ne92t0RLBP70xCQciUfKLT0enH/zuZeJIkGQdkghizqEwNroMNMBDDYx
Zk2sM4YC85xfu91VhXQcxf5D0toRtwxhE0ui13CYJrsdMDJZsjtF8bpuDQQX+6w+
rz6aZgt66ClzPzpmPJ8Sm1VZJXkO9FQqzz+2S9A/+KiZH4FPC7ARPsrX4abdbSFK
O8bjEFT9tu5ow5HMyeliFetLMhykjf1JFje/l5Hhve8Xb2IMquLT22/DrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEyCM9s2f2MwBGEetbmRkjYsVwWMB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAestqpTQG
TfNSCX1uADT21Z2ydIq98hxzA/nF58BsZifPalPO93DoIkr8WjhMPNbe0IW4N9S9
ir2w7HDWjwnoORtIG/IwATK7oAo76oW8f3i+tStGNg4E7QtwLq0dVSEjN9BH1JIG
rsjHK1OW7VqRsSpaPH5v2sHxhqjMBKOLLt6DvizHJomHch/iLs8IRsZcFL2+PGVx
GAm9BqMewynlh+Xrm8ViKiWalh7z4hu0hwGMAai/B0It/P4kKsOEHlcfhyH3VbcO
pA3pPwUCyfC8hLnl1Z144iPu210LxnSD8kAeBDrdirYT0YtYtppKxppavzcznfoN
Z2z4ZdcNjzt79w==
-----END CERTIFICATE-----