Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          bVfkuqSuXQXTqETK1h5EVu6gxPnh0g43063UzgzxlKU=
Subject key identifier:   FF:CF:01:D9:12:DC:C9:3F:15:C1:DF:36:E8:4E:59:A7:3F:B4:88:09
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       01989592CC8148A24F6A1D8D75173AC24B5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0F2A
Signing time:             Sun 10 Aug 2025 20:01:22 +0000
Manifest this update:     Sun 10 Aug 2025 20:01:22 +0000
Manifest next update:     Mon 11 Aug 2025 20:01:22 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: eW1suqqFWWEfmAPmV+Kl+GUVYk7/XkXleCoQDieNPx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 20:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:92:cc:81:48:a2:4f:6a:1d:8d:75:17:3a:c2:4b:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Aug 10 20:01:22 2025 GMT
            Not After : Aug 11 20:01:22 2025 GMT
        Subject: CN=ffcf01d912dcc93f15c1df36e84e59a73fb48809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2a:4b:32:fb:78:d3:73:b0:48:81:ed:3e:2d:
                    de:95:a8:eb:ed:1a:f3:a7:87:b9:ef:b7:38:b5:e4:
                    7e:c5:f9:eb:22:64:b8:64:fc:b7:28:d0:51:46:f1:
                    f2:68:1a:b6:0d:76:f1:3d:15:9d:1f:37:1a:3b:1d:
                    47:86:a6:c2:a9:68:99:b3:0a:32:cd:64:ce:a0:4f:
                    56:36:b3:b1:b6:63:a2:c2:00:5c:d8:cd:41:40:f8:
                    9c:dd:06:6b:aa:1a:24:a6:81:da:ba:99:7b:8f:a0:
                    f1:f3:1c:13:f9:a7:20:17:a5:ca:bf:73:7e:4f:3c:
                    ec:bc:b2:48:47:8c:d6:69:ef:cc:ca:d6:56:55:4c:
                    f3:55:80:38:7b:7f:05:d0:c7:cf:a7:4d:63:6d:09:
                    99:fe:9a:13:77:8d:77:b9:d1:d3:3c:06:9f:ab:a6:
                    77:6e:a9:74:c3:88:2f:28:00:cd:70:d7:63:d9:01:
                    28:41:6e:80:71:6b:71:b2:75:0e:2d:9c:bb:1d:cd:
                    47:37:5e:ac:96:fd:70:ab:ea:e4:98:d3:55:23:83:
                    58:d9:45:ff:b6:9e:80:ba:58:d8:83:18:9b:0e:b2:
                    ca:73:2d:de:5e:0f:ed:7d:32:1b:61:d4:bc:21:06:
                    83:68:a7:2b:bb:e1:74:2f:84:f1:a5:e9:fa:18:68:
                    4a:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CF:01:D9:12:DC:C9:3F:15:C1:DF:36:E8:4E:59:A7:3F:B4:88:09
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:c5:65:8b:23:d8:03:40:5d:29:38:08:39:ed:8f:06:01:b3:
         df:a1:a0:f4:7a:65:f3:90:02:5a:e5:f7:65:b1:ad:d1:82:db:
         19:cf:d7:f0:6a:10:4e:f0:43:3b:56:bd:01:3a:aa:49:45:12:
         34:1c:0c:38:1b:b9:7d:37:0f:da:d7:dc:c7:1b:cd:da:97:b2:
         5c:f9:28:cf:21:e0:db:4e:4c:13:35:eb:54:0d:13:74:de:f1:
         0d:72:7f:90:87:8f:74:93:56:65:42:44:39:62:15:80:c9:a6:
         04:ff:6b:4c:a0:6d:3e:7e:b8:9f:e1:81:04:2f:45:11:51:78:
         f1:5c:22:8d:8c:92:65:ae:79:4f:24:7d:e1:f0:4c:d1:04:73:
         a9:0c:dd:ce:40:55:47:52:cb:6b:e4:5e:97:89:bf:23:81:49:
         b6:bd:d5:e6:8c:eb:1e:f5:60:a2:70:8e:b6:71:f8:d6:d7:16:
         70:f5:59:d5:f3:cd:ed:0a:8a:67:ae:2f:91:b7:48:f5:2a:de:
         0e:dc:ae:20:17:eb:8d:ad:e6:3f:45:e7:37:00:a6:c3:1d:03:
         cb:4e:23:ab:1e:49:36:97:c5:f0:f0:b8:d2:4d:d7:35:37:6b:
         0e:9e:f2:f7:56:27:3c:76:72:e6:10:08:9d:ad:f0:66:90:9b:
         3d:fa:c5:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVksyBSKJPah2NdRc6wkteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwODEwMjAwMTIyWhcNMjUwODExMjAwMTIyWjAzMTEwLwYDVQQD
EyhmZmNmMDFkOTEyZGNjOTNmMTVjMWRmMzZlODRlNTlhNzNmYjQ4ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSpLMvt403OwSIHtPi3elajr7Rrz
p4e577c4teR+xfnrImS4ZPy3KNBRRvHyaBq2DXbxPRWdHzcaOx1HhqbCqWiZswoy
zWTOoE9WNrOxtmOiwgBc2M1BQPic3QZrqhokpoHaupl7j6Dx8xwT+acgF6XKv3N+
TzzsvLJIR4zWae/MytZWVUzzVYA4e38F0MfPp01jbQmZ/poTd413udHTPAafq6Z3
bql0w4gvKADNcNdj2QEoQW6AcWtxsnUOLZy7Hc1HN16slv1wq+rkmNNVI4NY2UX/
tp6AuljYgxibDrLKcy3eXg/tfTIbYdS8IQaDaKcru+F0L4Txpen6GGhKHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/PAdkS3Mk/FcHfNuhOWac/tIgJMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvMVliyPY
A0BdKTgIOe2PBgGz36Gg9Hpl85ACWuX3ZbGt0YLbGc/X8GoQTvBDO1a9ATqqSUUS
NBwMOBu5fTcP2tfcxxvN2peyXPkozyHg205MEzXrVA0TdN7xDXJ/kIePdJNWZUJE
OWIVgMmmBP9rTKBtPn64n+GBBC9FEVF48VwijYySZa55TyR94fBM0QRzqQzdzkBV
R1LLa+Rel4m/I4FJtr3V5ozrHvVgonCOtnH41tcWcPVZ1fPN7QqKZ64vkbdI9Sre
DtyuIBfrja3mP0XnNwCmwx0Dy04jqx5JNpfF8PC40k3XNTdrDp7y91YnPHZy5hAI
na3wZpCbPfrFPQ==
-----END CERTIFICATE-----