Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          V8gdNGX3oTUs8i+YsN71+7kf5piYGelpZoTDXkb9hEU=
Subject key identifier:   54:BE:E6:9A:7B:07:51:01:FB:E5:A5:4A:35:67:80:54:93:62:BA:CD
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       01974855652ABBDFD8893BE5D3613F049148
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          03E3
Signing time:             Sat 07 Jun 2025 03:00:45 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:45 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:45 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: 2qY+npxCEnGH8gUj57XLoVsaeGvZqFw+sysYgVoy0EY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:65:2a:bb:df:d8:89:3b:e5:d3:61:3f:04:91:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Jun  7 03:00:45 2025 GMT
            Not After : Jun  8 03:00:45 2025 GMT
        Subject: CN=54bee69a7b075101fbe5a54a356780549362bacd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3b:fa:28:03:dd:08:3b:ea:6c:c6:a3:fa:50:
                    ff:eb:fc:8b:bd:3d:41:87:66:ea:db:4c:fe:9d:29:
                    06:45:e1:ef:a8:10:e9:68:71:29:71:0e:83:97:fe:
                    d1:55:20:11:2f:ed:7f:0e:16:49:89:8c:f3:7b:20:
                    a4:18:65:15:34:f1:27:c6:ef:f9:3e:f9:42:77:bc:
                    10:99:37:af:a4:ed:b8:90:6f:47:8a:4b:da:4a:6d:
                    63:b7:6d:24:21:4e:3a:d3:f4:6f:c3:70:29:7a:94:
                    4b:98:e8:bd:f8:9e:a7:10:22:9f:66:dc:10:e1:cc:
                    d5:3c:66:4a:3a:8e:7f:e7:6e:cf:c9:b8:d3:9b:37:
                    9e:2a:49:a6:83:65:ea:eb:bf:c3:6d:4e:76:bf:1e:
                    91:0b:6e:3e:46:98:e9:9b:db:88:01:8b:3e:a7:4b:
                    60:36:1a:51:ad:b2:3c:8e:83:44:e3:2b:d2:7d:f3:
                    69:55:2c:dc:00:c8:c9:d6:a4:34:96:98:9a:dd:eb:
                    24:53:2d:60:34:54:ef:6f:68:84:be:e1:5a:19:b8:
                    bb:d6:4a:92:5c:5b:c2:af:e8:66:03:0c:0b:05:29:
                    38:fd:a1:f8:a4:d9:b5:fd:32:71:a1:04:a4:d0:5b:
                    6e:e5:a8:4f:91:39:41:6e:41:0c:90:3a:c2:db:27:
                    de:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:BE:E6:9A:7B:07:51:01:FB:E5:A5:4A:35:67:80:54:93:62:BA:CD
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:b6:94:65:02:56:05:5a:7c:a0:4e:31:c1:98:ae:07:44:01:
         8e:db:39:36:d9:81:85:f2:d3:8c:46:87:fa:32:7f:7f:ba:92:
         54:fd:fe:e1:cd:ea:3b:fc:30:7e:83:1d:f4:f5:bd:70:1d:65:
         98:2c:7a:82:3a:9c:8e:1f:99:23:73:7e:82:1b:d2:e4:db:a5:
         c3:89:a3:00:54:4e:02:70:b9:e3:aa:5e:aa:4e:9c:c8:b3:20:
         52:32:4c:62:75:59:a1:5b:49:5d:14:1a:e7:34:69:69:a3:79:
         04:94:ed:a7:fb:3f:98:40:93:a2:d9:76:08:21:6c:7c:4b:4c:
         ef:71:12:29:e1:47:b0:64:4b:72:30:4b:d4:90:ad:3a:cc:e3:
         ae:34:d6:49:96:2a:ee:2d:ab:53:c3:7a:39:4f:f0:33:02:d5:
         1a:09:4a:c2:79:c1:e5:1d:8b:56:ed:fe:a0:7d:37:d9:35:04:
         e6:86:78:cc:3d:e5:7d:59:46:a5:db:5c:08:79:c0:9b:0c:c3:
         7a:a2:12:0a:a5:82:57:5a:69:da:bc:f7:87:69:c2:ae:d9:3d:
         8c:59:82:22:9f:37:0a:34:e8:30:f8:b2:fb:5f:d7:44:63:60:
         1a:c3:9b:3f:77:8d:5d:3a:69:f2:bd:bf:59:e0:83:93:99:79:
         52:da:f5:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVWUqu9/YiTvl02E/BJFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjUwNjA3MDMwMDQ1WhcNMjUwNjA4MDMwMDQ1WjAzMTEwLwYDVQQD
Eyg1NGJlZTY5YTdiMDc1MTAxZmJlNWE1NGEzNTY3ODA1NDkzNjJiYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTv6KAPdCDvqbMaj+lD/6/yLvT1B
h2bq20z+nSkGReHvqBDpaHEpcQ6Dl/7RVSARL+1/DhZJiYzzeyCkGGUVNPEnxu/5
PvlCd7wQmTevpO24kG9HikvaSm1jt20kIU460/Rvw3ApepRLmOi9+J6nECKfZtwQ
4czVPGZKOo5/527PybjTmzeeKkmmg2Xq67/DbU52vx6RC24+Rpjpm9uIAYs+p0tg
NhpRrbI8joNE4yvSffNpVSzcAMjJ1qQ0lpia3eskUy1gNFTvb2iEvuFaGbi71kqS
XFvCr+hmAwwLBSk4/aH4pNm1/TJxoQSk0Ftu5ahPkTlBbkEMkDrC2yfeQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFS+5pp7B1EB++WlSjVngFSTYrrNMB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIraUZQJW
BVp8oE4xwZiuB0QBjts5NtmBhfLTjEaH+jJ/f7qSVP3+4c3qO/wwfoMd9PW9cB1l
mCx6gjqcjh+ZI3N+ghvS5Nulw4mjAFROAnC546peqk6cyLMgUjJMYnVZoVtJXRQa
5zRpaaN5BJTtp/s/mECTotl2CCFsfEtM73ESKeFHsGRLcjBL1JCtOszjrjTWSZYq
7i2rU8N6OU/wMwLVGglKwnnB5R2LVu3+oH032TUE5oZ4zD3lfVlGpdtcCHnAmwzD
eqISCqWCV1pp2rz3h2nCrtk9jFmCIp83CjToMPiy+1/XRGNgGsObP3eNXTpp8r2/
WeCDk5l5Utr1CA==
-----END CERTIFICATE-----