Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          fCY0/2nsN+JCv1ic4s7ZwyOfuN6J8j3K/E5ugSUZv8U=
Subject key identifier:   91:4C:CC:6F:ED:90:48:AD:0F:4B:6E:56:34:2E:AF:B8:27:DD:E3:96
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019873066BF185EF1336EAC724237DFECEEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          01D5
Signing time:             Mon 04 Aug 2025 03:00:57 +0000
Manifest this update:     Mon 04 Aug 2025 03:00:57 +0000
Manifest next update:     Tue 05 Aug 2025 03:00:57 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: HL8TeEEaHGQa1aKtl2mVd0Tx6fLICeH35Fk9RZkWMOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:06:6b:f1:85:ef:13:36:ea:c7:24:23:7d:fe:ce:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Aug  4 03:00:57 2025 GMT
            Not After : Aug  5 03:00:57 2025 GMT
        Subject: CN=914ccc6fed9048ad0f4b6e56342eafb827dde396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:61:fe:cd:30:82:44:d5:0b:9a:94:03:cc:51:
                    41:c8:43:0e:38:0d:b1:9b:0b:c8:07:dd:bd:20:60:
                    77:84:5f:5c:64:30:f9:e6:e8:d1:74:3d:aa:a9:10:
                    68:44:f6:14:81:b4:9a:73:99:1e:de:3b:27:32:87:
                    c7:2b:55:66:c0:03:ee:3d:16:6f:37:d8:c1:d1:af:
                    69:03:45:89:2d:be:b6:10:a3:a1:ad:8d:6b:5d:af:
                    cd:48:d3:aa:0f:e5:95:32:3c:5e:1d:4a:32:ac:e9:
                    2b:09:f3:1e:50:61:8c:a9:4b:e5:d3:c3:69:18:6e:
                    d9:c5:43:44:ec:ad:4d:f9:c6:dc:49:b3:13:20:71:
                    ba:f3:07:0e:d6:10:78:71:d2:89:1d:5e:1f:08:f1:
                    fb:40:a2:e3:25:12:37:a9:7b:4a:22:a0:25:22:ac:
                    da:b2:d3:e7:ce:ef:3b:73:a3:87:db:3a:c4:fb:47:
                    16:ce:27:f3:26:aa:20:e9:40:7a:87:a1:73:fa:84:
                    79:5c:d7:c6:9b:ce:5c:90:a0:d5:3a:b9:19:28:e1:
                    aa:b0:8f:bf:7a:89:b7:24:9e:7c:06:84:de:5c:c9:
                    74:a0:8b:27:7b:5c:7f:fa:92:2e:c4:48:d3:e1:d9:
                    fb:4f:db:46:77:d8:47:9c:2c:af:71:f1:cb:43:96:
                    bd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:4C:CC:6F:ED:90:48:AD:0F:4B:6E:56:34:2E:AF:B8:27:DD:E3:96
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:d0:aa:ef:85:a9:8e:63:ad:1d:a2:8c:7a:f7:83:69:ee:db:
         86:2c:66:a0:41:a8:59:af:22:a9:56:e4:00:aa:2f:67:dc:d6:
         20:17:af:e7:fa:5d:19:89:f3:d3:40:9c:b9:3f:d1:b8:ed:13:
         40:c4:a0:77:8f:d2:79:85:a7:ed:e7:8f:d0:36:f3:f1:fa:90:
         11:28:32:fc:a2:5b:d1:fb:3e:e1:7e:cf:d1:6d:46:32:6a:8b:
         03:7f:2e:a1:41:12:ab:0c:e5:ce:dc:61:7c:8b:a7:23:35:b2:
         a1:60:8e:9c:88:47:ef:ba:5c:3c:ee:13:e6:b1:65:f0:3f:06:
         0e:f8:d1:48:fd:9d:28:c9:eb:7a:3a:29:5f:18:3f:b7:9c:e4:
         29:8d:a5:0c:a4:9c:f6:71:88:33:f5:75:aa:7e:2a:7a:ce:81:
         19:e3:8f:a6:cc:16:3b:85:2b:7d:17:ab:7d:ef:b5:82:7a:a4:
         33:e7:c7:68:62:5d:80:76:96:57:dd:1d:4c:d6:be:51:65:7d:
         81:e8:e5:1b:44:a8:7c:72:ef:e6:99:bb:38:1a:5a:70:35:db:
         1e:c6:03:78:82:13:32:a4:52:24:ef:ae:92:c6:39:21:44:4a:
         4d:3e:49:d6:c5:c2:43:1e:3b:40:bd:75:a9:de:60:a6:cd:66:
         18:55:c1:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzBmvxhe8TNurHJCN9/s7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwODA0MDMwMDU3WhcNMjUwODA1MDMwMDU3WjAzMTEwLwYDVQQD
Eyg5MTRjY2M2ZmVkOTA0OGFkMGY0YjZlNTYzNDJlYWZiODI3ZGRlMzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmH+zTCCRNULmpQDzFFByEMOOA2x
mwvIB929IGB3hF9cZDD55ujRdD2qqRBoRPYUgbSac5ke3jsnMofHK1VmwAPuPRZv
N9jB0a9pA0WJLb62EKOhrY1rXa/NSNOqD+WVMjxeHUoyrOkrCfMeUGGMqUvl08Np
GG7ZxUNE7K1N+cbcSbMTIHG68wcO1hB4cdKJHV4fCPH7QKLjJRI3qXtKIqAlIqza
stPnzu87c6OH2zrE+0cWzifzJqog6UB6h6Fz+oR5XNfGm85ckKDVOrkZKOGqsI+/
eom3JJ58BoTeXMl0oIsne1x/+pIuxEjT4dn7T9tGd9hHnCyvcfHLQ5a9jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFMzG/tkEitD0tuVjQur7gn3eOWMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk9Cq74Wp
jmOtHaKMeveDae7bhixmoEGoWa8iqVbkAKovZ9zWIBev5/pdGYnz00CcuT/RuO0T
QMSgd4/SeYWn7eeP0Dbz8fqQESgy/KJb0fs+4X7P0W1GMmqLA38uoUESqwzlztxh
fIunIzWyoWCOnIhH77pcPO4T5rFl8D8GDvjRSP2dKMnrejopXxg/t5zkKY2lDKSc
9nGIM/V1qn4qes6BGeOPpswWO4UrfRerfe+1gnqkM+fHaGJdgHaWV90dTNa+UWV9
gejlG0SofHLv5pm7OBpacDXbHsYDeIITMqRSJO+uksY5IURKTT5J1sXCQx47QL11
qd5gps1mGFXBkA==
-----END CERTIFICATE-----