Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          tIGX7W373987GfR/tdUUPZhT2rNcZurIo8wWqyVv0UA=
Subject key identifier:   87:1A:D5:FA:99:4E:F1:D5:CA:9F:74:C2:86:2A:74:42:AF:8F:64:61
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       01987FE68C7A6C8A0413C662BC41530CDA84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0D80
Signing time:             Wed 06 Aug 2025 15:01:12 +0000
Manifest this update:     Wed 06 Aug 2025 15:01:12 +0000
Manifest next update:     Thu 07 Aug 2025 15:01:12 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: j12vnf0gD+KMGWGN7HAtliFuzfITLXVxOtmUbB4dQxo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 15:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:e6:8c:7a:6c:8a:04:13:c6:62:bc:41:53:0c:da:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Aug  6 15:01:12 2025 GMT
            Not After : Aug  7 15:01:12 2025 GMT
        Subject: CN=871ad5fa994ef1d5ca9f74c2862a7442af8f6461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:75:f6:f4:1f:dd:95:93:de:16:de:7b:63:b2:
                    27:7d:39:52:0c:64:3a:40:65:bb:a9:08:10:28:c8:
                    d0:03:1f:f0:a6:8d:c9:2f:e3:56:0a:29:b0:20:dd:
                    91:5e:da:3b:2a:4e:66:ce:83:a3:c5:fa:bd:70:a7:
                    36:69:2b:5f:e2:8e:52:8f:55:0d:f7:6b:c7:d0:eb:
                    b9:f4:a1:89:31:2f:36:8b:f1:48:51:3d:70:81:07:
                    a0:1f:07:a3:01:b8:70:31:1d:a8:5e:9c:ae:56:13:
                    e1:bb:38:fb:57:14:d8:f3:48:0f:6d:9a:c4:22:f0:
                    55:c7:90:d4:0c:82:ad:6e:20:6c:82:f6:1e:06:1a:
                    fc:71:8b:ff:85:cb:39:37:7c:30:4c:20:8a:3d:66:
                    c1:c0:25:93:10:dd:89:7a:8c:e8:e5:93:fa:02:ca:
                    74:11:37:d8:f6:8c:61:25:35:30:65:14:30:f6:69:
                    bd:e3:87:fb:23:58:cb:4f:a0:5d:80:d6:f5:61:c5:
                    7e:ff:75:f0:5c:ec:27:7a:43:72:db:04:13:d4:d4:
                    d4:a9:fb:4b:b2:25:1a:22:77:17:e0:3c:ba:06:9d:
                    3a:ad:89:71:8c:3e:46:8b:c8:e7:91:bd:f0:fc:63:
                    f0:b3:8d:05:e6:6f:87:28:51:88:7c:10:d3:9a:64:
                    aa:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1A:D5:FA:99:4E:F1:D5:CA:9F:74:C2:86:2A:74:42:AF:8F:64:61
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:27:ab:5e:2a:c7:e9:6c:78:8a:7e:1a:79:89:ee:23:0e:d4:
         48:ec:2d:67:fe:5b:00:48:fb:88:60:93:b4:49:bc:fd:59:9e:
         ff:2f:58:e7:cf:22:af:76:a4:b6:fb:70:67:77:36:6b:27:ca:
         f3:60:5c:23:6e:cb:ac:a5:dd:55:d2:a8:bb:a1:56:03:5e:cf:
         56:89:fd:6a:21:41:8b:ea:5c:08:51:10:b3:40:fa:55:52:ee:
         e6:c1:30:a1:3f:c1:4a:97:df:a7:9d:f8:3c:7b:f2:4e:16:20:
         df:a3:ad:2b:08:b5:7d:79:5b:da:75:45:8d:db:df:41:f4:4e:
         a0:5e:5f:ba:3f:9e:fd:a3:4f:0c:87:58:1a:8a:5f:5a:10:0a:
         46:4c:dc:45:96:a9:e4:99:d0:ff:1e:81:99:e2:dc:e2:01:27:
         41:85:3f:3a:c3:dd:5b:3f:5f:f4:d9:e7:f8:79:50:b2:5c:8f:
         54:01:cd:6c:e9:45:61:63:4b:cc:54:88:a9:75:7e:1d:71:f9:
         05:d0:d2:27:53:42:83:68:c1:9b:83:53:57:7a:34:38:78:8c:
         e8:41:ec:b3:ab:de:e3:6e:20:c2:bc:b5:8e:94:fb:ec:72:d4:
         6c:0c:e0:74:c3:ca:17:b9:a7:df:2e:af:d6:24:2b:fb:c9:99:
         57:bf:37:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/5ox6bIoEE8ZivEFTDNqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjUwODA2MTUwMTEyWhcNMjUwODA3MTUwMTEyWjAzMTEwLwYDVQQD
Eyg4NzFhZDVmYTk5NGVmMWQ1Y2E5Zjc0YzI4NjJhNzQ0MmFmOGY2NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnX29B/dlZPeFt57Y7InfTlSDGQ6
QGW7qQgQKMjQAx/wpo3JL+NWCimwIN2RXto7Kk5mzoOjxfq9cKc2aStf4o5Sj1UN
92vH0Ou59KGJMS82i/FIUT1wgQegHwejAbhwMR2oXpyuVhPhuzj7VxTY80gPbZrE
IvBVx5DUDIKtbiBsgvYeBhr8cYv/hcs5N3wwTCCKPWbBwCWTEN2Jeozo5ZP6Asp0
ETfY9oxhJTUwZRQw9mm944f7I1jLT6BdgNb1YcV+/3XwXOwnekNy2wQT1NTUqftL
siUaIncX4Dy6Bp06rYlxjD5Gi8jnkb3w/GPws40F5m+HKFGIfBDTmmSqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIca1fqZTvHVyp90woYqdEKvj2RhMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATierXirH
6Wx4in4aeYnuIw7USOwtZ/5bAEj7iGCTtEm8/Vme/y9Y588ir3aktvtwZ3c2ayfK
82BcI27LrKXdVdKou6FWA17PVon9aiFBi+pcCFEQs0D6VVLu5sEwoT/BSpffp534
PHvyThYg36OtKwi1fXlb2nVFjdvfQfROoF5fuj+e/aNPDIdYGopfWhAKRkzcRZap
5JnQ/x6BmeLc4gEnQYU/OsPdWz9f9Nnn+HlQslyPVAHNbOlFYWNLzFSIqXV+HXH5
BdDSJ1NCg2jBm4NTV3o0OHiM6EHss6ve424gwry1jpT77HLUbAzgdMPKF7mn3y6v
1iQr+8mZV783Kg==
-----END CERTIFICATE-----