Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          5YS9d3d3333959Fk4YXOp0yXC2LH5dLqQpdRx7idCgI=
Subject key identifier:   9B:10:0C:80:D6:0E:C1:4E:47:F6:AF:8E:04:54:FD:4E:AA:61:FF:16
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       01987FE68C76CBA097CE26305C0521752A22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          09C7
Signing time:             Wed 06 Aug 2025 15:01:12 +0000
Manifest this update:     Wed 06 Aug 2025 15:01:12 +0000
Manifest next update:     Thu 07 Aug 2025 15:01:12 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: dI8iGRZ/LnuCFI6y8BgKFk6QWZ/Z2d4ki08SoFo69ZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 14:26:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:e6:8c:76:cb:a0:97:ce:26:30:5c:05:21:75:2a:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Aug  6 15:01:12 2025 GMT
            Not After : Aug  7 15:01:12 2025 GMT
        Subject: CN=9b100c80d60ec14e47f6af8e0454fd4eaa61ff16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:50:18:53:5b:d2:df:6b:d8:cf:a3:96:da:33:
                    2c:c9:f5:2e:a6:7e:d2:f6:e6:c7:cc:63:54:cf:b6:
                    56:92:64:a0:49:2c:3c:be:5b:f5:0c:b0:21:56:d7:
                    f0:05:eb:6b:ab:97:02:9b:56:65:e1:8b:4e:f6:9d:
                    80:f2:ae:54:14:78:bd:d4:b7:cf:02:ca:ae:20:4c:
                    25:3e:93:e6:14:97:f4:b9:58:bc:4f:7b:13:f1:ac:
                    02:26:ff:ca:42:23:39:a0:5b:47:1d:67:58:c4:a7:
                    44:51:25:eb:fb:85:62:85:96:ba:28:a1:1f:52:62:
                    67:d6:e9:b2:c1:38:83:02:fe:56:4e:08:21:13:f4:
                    c9:d6:9a:a4:e7:af:2a:dd:82:da:54:44:dd:5c:2b:
                    69:e3:8c:79:af:9f:54:17:d3:5b:d8:b0:65:5c:19:
                    b4:33:bd:f5:2f:35:58:df:af:c1:cf:d7:54:99:71:
                    60:60:4b:df:ee:b1:d3:04:a0:71:c1:53:69:3b:68:
                    91:4f:bb:4f:d3:c7:08:2a:79:70:0e:ff:bb:de:ef:
                    22:19:2b:9e:c4:e7:b5:8c:36:69:86:b4:0d:76:c0:
                    6d:80:bf:21:bb:07:68:39:4b:15:2b:c5:5d:d0:ea:
                    50:23:07:2b:b5:3a:27:d3:aa:ec:a1:27:09:4c:ef:
                    89:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:10:0C:80:D6:0E:C1:4E:47:F6:AF:8E:04:54:FD:4E:AA:61:FF:16
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:ba:d4:51:7a:38:73:58:5a:2f:96:c6:a1:45:18:a0:f3:4f:
         9d:c5:13:65:dd:64:54:12:a3:b7:57:bc:a0:ec:b8:d1:06:cb:
         b9:9a:fe:e6:4d:08:11:4a:df:a4:89:18:ec:b0:7e:81:5b:bf:
         31:e1:6e:dc:75:0a:de:fd:98:4a:1e:7a:13:37:d4:5b:03:ba:
         75:6b:29:e9:98:b8:02:4f:82:2d:bf:fd:98:50:8a:41:cd:03:
         10:5c:81:25:77:87:ac:f7:d2:60:ce:a7:b7:64:0c:43:48:de:
         c3:03:c3:03:36:cf:2c:74:e4:98:26:e5:bb:9f:70:5e:d8:b2:
         a6:28:9d:02:a5:5b:f2:9b:9e:9b:9b:c9:d8:6e:4a:46:95:42:
         fb:b2:84:ca:4a:3b:0a:71:21:c5:13:05:70:00:80:6e:9c:d7:
         01:7e:e4:5e:ed:38:d1:73:0b:31:a8:83:2f:0b:1e:a9:42:99:
         40:86:85:e2:26:0e:09:19:bd:ca:20:6b:34:db:54:a5:8f:b4:
         05:49:0d:b1:56:cc:c4:6b:2a:c5:64:c3:e1:a8:9d:e4:2e:38:
         dd:ed:34:b6:82:fb:73:1d:ed:57:7b:33:a1:bc:e6:43:25:22:
         43:9f:79:ba:af:0c:50:23:99:c2:11:29:7c:c0:90:9f:52:11:
         ef:4d:ad:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/5ox2y6CXziYwXAUhdSoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUwODA2MTUwMTEyWhcNMjUwODA3MTUwMTEyWjAzMTEwLwYDVQQD
Eyg5YjEwMGM4MGQ2MGVjMTRlNDdmNmFmOGUwNDU0ZmQ0ZWFhNjFmZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFAYU1vS32vYz6OW2jMsyfUupn7S
9ubHzGNUz7ZWkmSgSSw8vlv1DLAhVtfwBetrq5cCm1Zl4YtO9p2A8q5UFHi91LfP
AsquIEwlPpPmFJf0uVi8T3sT8awCJv/KQiM5oFtHHWdYxKdEUSXr+4VihZa6KKEf
UmJn1umywTiDAv5WTgghE/TJ1pqk568q3YLaVETdXCtp44x5r59UF9Nb2LBlXBm0
M731LzVY36/Bz9dUmXFgYEvf7rHTBKBxwVNpO2iRT7tP08cIKnlwDv+73u8iGSue
xOe1jDZphrQNdsBtgL8huwdoOUsVK8Vd0OpQIwcrtTon06rsoScJTO+JIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsQDIDWDsFOR/avjgRU/U6qYf8WMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYrrUUXo4
c1haL5bGoUUYoPNPncUTZd1kVBKjt1e8oOy40QbLuZr+5k0IEUrfpIkY7LB+gVu/
MeFu3HUK3v2YSh56EzfUWwO6dWsp6Zi4Ak+CLb/9mFCKQc0DEFyBJXeHrPfSYM6n
t2QMQ0jewwPDAzbPLHTkmCblu59wXtiypiidAqVb8puem5vJ2G5KRpVC+7KEyko7
CnEhxRMFcACAbpzXAX7kXu040XMLMaiDLwseqUKZQIaF4iYOCRm9yiBrNNtUpY+0
BUkNsVbMxGsqxWTD4aid5C443e00toL7cx3tV3szobzmQyUiQ595uq8MUCOZwhEp
fMCQn1IR702tzw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:37:53 2025 by rpki-client