Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          Y9aXkKzm0wYGpytia5SzRGnRo3HthrwOdfY/dVoydv8=
Subject key identifier:   0A:8E:D8:F5:AF:D4:43:AF:20:43:EA:17:56:68:91:0B:50:69:D0:CB
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       01988DD8E2CA8E298386FFDE85D4691BFCF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          0709
Signing time:             Sat 09 Aug 2025 08:00:57 +0000
Manifest this update:     Sat 09 Aug 2025 08:00:57 +0000
Manifest next update:     Sun 10 Aug 2025 08:00:57 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: jA2utu0e62jB3Rxv4dmoUc6/hNiR+M1jnU+pjQ4curU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8d:d8:e2:ca:8e:29:83:86:ff:de:85:d4:69:1b:fc:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Aug  9 08:00:57 2025 GMT
            Not After : Aug 10 08:00:57 2025 GMT
        Subject: CN=0a8ed8f5afd443af2043ea175668910b5069d0cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:20:f1:a0:8b:98:b4:be:ff:63:78:7e:be:29:
                    50:9e:ba:97:16:88:70:04:9e:ea:2f:1c:0b:9e:0c:
                    40:16:0a:e2:ae:7a:5e:48:b6:62:c1:02:21:d4:e1:
                    80:f5:19:e0:2e:dc:10:f5:db:39:a9:3c:03:32:f1:
                    fc:62:26:b6:a1:a0:f5:db:be:06:00:88:32:4a:21:
                    6c:96:f6:fb:44:aa:d0:ff:c2:46:18:6c:f5:0a:8b:
                    33:a6:c4:ae:98:03:6d:cb:2b:5c:ee:88:1b:c5:7d:
                    65:0a:a9:13:53:f8:89:b7:e4:80:fb:70:54:29:77:
                    11:f9:7a:e2:24:7e:67:e9:f0:d1:ca:04:66:0d:37:
                    6a:27:d1:b7:39:c0:11:21:58:b3:c2:c0:c7:12:4b:
                    9c:13:d3:f9:f6:41:26:2e:11:27:28:86:4f:b8:4c:
                    9c:7e:3e:fe:02:41:d9:a8:49:a0:24:4a:4d:e3:d0:
                    c1:b7:a1:7d:86:06:c6:8f:4e:1d:72:94:00:ba:99:
                    f9:35:6f:0b:59:06:ad:15:44:c7:dc:6c:c5:7a:f6:
                    b7:ba:ba:89:16:60:57:5e:b3:88:22:b8:f0:74:b2:
                    c7:71:2d:69:25:7c:0b:cd:01:4f:a7:d4:5b:be:19:
                    40:7e:69:26:13:14:8a:eb:08:72:c9:82:d9:ce:45:
                    bb:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:8E:D8:F5:AF:D4:43:AF:20:43:EA:17:56:68:91:0B:50:69:D0:CB
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:d6:9e:08:6a:68:e9:82:33:39:8c:c0:c1:eb:28:01:10:b0:
         b4:61:8a:e4:83:d8:0b:a9:c7:01:13:7a:5c:5a:5c:54:4e:d4:
         37:e6:c6:a8:4e:60:b2:45:41:19:3d:e3:6c:d4:59:a2:18:aa:
         ec:2d:d6:83:33:ac:1b:f8:89:e3:b9:fb:91:32:6f:17:7c:9d:
         44:d2:e7:29:c9:9e:bb:09:d1:e4:fe:97:bc:06:01:61:7a:4d:
         3e:31:5a:7f:2d:90:e0:a2:dc:8c:65:7e:ba:65:e3:32:84:c2:
         f7:32:82:1c:79:53:24:ba:db:1f:04:9c:41:95:c9:af:4e:86:
         de:20:07:42:a9:53:7b:d3:25:3f:49:7d:6f:a5:10:8c:66:1d:
         3a:c4:43:2f:33:56:7e:21:7f:a5:5e:d4:1a:cb:44:7d:fd:1d:
         8d:24:5a:90:83:0f:3e:46:70:cc:28:9b:ed:ab:24:c1:c7:08:
         0c:28:9e:62:1e:c6:f4:c7:95:9c:30:02:00:7d:90:28:b5:97:
         69:39:df:a6:89:b0:0c:87:f8:8b:68:5f:51:92:d1:f7:e8:19:
         de:f7:81:6e:35:f8:4b:a0:f2:72:6e:8b:53:c9:92:d8:c4:c0:
         3e:bb:bb:49:d9:a0:89:0e:4c:66:f5:83:af:62:75:a7:88:65:
         48:bb:2b:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiN2OLKjimDhv/ehdRpG/z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjUwODA5MDgwMDU3WhcNMjUwODEwMDgwMDU3WjAzMTEwLwYDVQQD
EygwYThlZDhmNWFmZDQ0M2FmMjA0M2VhMTc1NjY4OTEwYjUwNjlkMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yDxoIuYtL7/Y3h+vilQnrqXFohw
BJ7qLxwLngxAFgrirnpeSLZiwQIh1OGA9RngLtwQ9ds5qTwDMvH8Yia2oaD1274G
AIgySiFslvb7RKrQ/8JGGGz1CoszpsSumANtyytc7ogbxX1lCqkTU/iJt+SA+3BU
KXcR+XriJH5n6fDRygRmDTdqJ9G3OcARIVizwsDHEkucE9P59kEmLhEnKIZPuEyc
fj7+AkHZqEmgJEpN49DBt6F9hgbGj04dcpQAupn5NW8LWQatFUTH3GzFeva3urqJ
FmBXXrOIIrjwdLLHcS1pJXwLzQFPp9RbvhlAfmkmExSK6whyyYLZzkW7lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqO2PWv1EOvIEPqF1ZokQtQadDLMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmdaeCGpo
6YIzOYzAwesoARCwtGGK5IPYC6nHARN6XFpcVE7UN+bGqE5gskVBGT3jbNRZohiq
7C3WgzOsG/iJ47n7kTJvF3ydRNLnKcmeuwnR5P6XvAYBYXpNPjFafy2Q4KLcjGV+
umXjMoTC9zKCHHlTJLrbHwScQZXJr06G3iAHQqlTe9MlP0l9b6UQjGYdOsRDLzNW
fiF/pV7UGstEff0djSRakIMPPkZwzCib7askwccIDCieYh7G9MeVnDACAH2QKLWX
aTnfpomwDIf4i2hfUZLR9+gZ3veBbjX4S6Dycm6LU8mS2MTAPru7SdmgiQ5MZvWD
r2J1p4hlSLsrwQ==
-----END CERTIFICATE-----